Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/1c605b-17b3-4833-a03a-a4f01293cc05/1/YnSv-7hty2XBOtfBw5qkiioJQKM.roa
File: YnSv-7hty2XBOtfBw5qkiioJQKM.roa (raw, json)
Hash identifier: NdEqiSXPy3YUROk7KGdPBGI+5iDmNNGO1C9AGX01ZC8=
Subject key identifier: 62:74:AF:FB:B8:6D:CB:65:C1:3A:D7:C1:C3:9A:A4:8A:2A:09:40:A3
Certificate issuer: /CN=d4ca55d2e3b9163cc488b6f7abe62eb26e7a8c38
Certificate serial: 01941FFA60D298C615FD08BF24E68DB5D722
Authority key identifier: D4:CA:55:D2:E3:B9:16:3C:C4:88:B6:F7:AB:E6:2E:B2:6E:7A:8C:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MpV0uO5FjzEiLb3q-Yusm56jDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/1c605b-17b3-4833-a03a-a4f01293cc05/1/YnSv-7hty2XBOtfBw5qkiioJQKM.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42824
IP address blocks: 193.104.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:60:d2:98:c6:15:fd:08:bf:24:e6:8d:b5:d7:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ca55d2e3b9163cc488b6f7abe62eb26e7a8c38
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6274affbb86dcb65c13ad7c1c39aa48a2a0940a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1e:57:7e:5b:92:37:88:7d:37:c5:df:97:68:
8f:34:cd:a3:d4:43:04:21:51:cd:f1:b4:ca:d2:74:
24:a1:f2:e3:c8:c2:03:44:96:b4:20:ca:07:18:76:
00:c5:6a:cb:c0:38:34:70:81:0d:53:60:c2:b7:3f:
eb:21:79:e3:f9:ed:da:5e:c7:fa:1d:7e:22:35:b8:
bc:71:40:d2:8e:ae:24:cc:25:0d:11:7f:b3:84:98:
dc:fb:56:f4:76:71:52:30:6e:44:7e:69:ab:75:19:
a0:b3:99:84:dd:86:59:82:02:a3:ad:a5:e7:77:bc:
7a:9c:aa:e1:3f:32:0f:80:a3:bd:b5:a9:dd:14:d9:
f6:1b:f1:8c:f4:04:7b:fb:14:f2:7d:e1:cc:5e:be:
c5:04:d8:46:6e:fb:bf:65:3e:4c:2d:df:b6:21:55:
b2:2f:1b:80:f9:4d:d7:7e:0e:58:81:b5:9f:77:99:
d3:a0:ae:aa:f3:af:01:af:69:55:89:b5:02:41:81:
22:c1:d2:85:8b:e5:6c:40:d5:07:90:23:eb:21:6a:
44:8a:11:15:d4:8b:af:f8:b4:38:93:13:8d:1c:d1:
47:8e:0b:af:a5:7d:5e:be:82:97:54:f5:c7:9e:11:
c5:3b:c6:92:4c:59:1d:7b:6d:57:4c:98:03:84:aa:
60:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:74:AF:FB:B8:6D:CB:65:C1:3A:D7:C1:C3:9A:A4:8A:2A:09:40:A3
X509v3 Authority Key Identifier:
keyid:D4:CA:55:D2:E3:B9:16:3C:C4:88:B6:F7:AB:E6:2E:B2:6E:7A:8C:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MpV0uO5FjzEiLb3q-Yusm56jDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1c605b-17b3-4833-a03a-a4f01293cc05/1/YnSv-7hty2XBOtfBw5qkiioJQKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1c605b-17b3-4833-a03a-a4f01293cc05/1/1MpV0uO5FjzEiLb3q-Yusm56jDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:ce:4f:ee:b7:34:15:28:1b:d3:61:5c:eb:12:8b:00:7c:ec:
2e:42:a2:a5:98:e4:39:80:86:2b:b8:a1:ca:cf:a5:c3:8a:91:
3d:3a:a5:7e:9f:57:f4:fb:23:5d:c3:6f:60:ff:be:6b:54:6a:
2d:6c:af:24:4e:5d:68:68:5a:e0:96:0d:c6:cd:db:22:ea:c4:
de:1b:df:68:ae:61:78:63:ec:92:7e:bd:e8:69:bb:5c:10:9f:
65:3d:32:4b:aa:94:ec:75:06:5a:d9:ef:c0:cb:3f:1f:70:03:
9c:3f:b5:9d:a4:d0:91:17:2c:bb:36:22:f4:84:7f:5e:f4:38:
5c:82:3d:92:66:35:35:90:1d:1c:4a:54:76:22:5f:ef:bf:4b:
98:71:69:38:27:d9:44:a3:d9:15:cc:92:d0:8f:96:1b:d8:7c:
e6:d1:4b:13:01:5b:92:97:4d:ae:a3:44:18:06:1f:ae:ed:6e:
07:9b:95:81:01:6b:8d:f8:c0:86:e6:82:d4:11:62:cd:da:5f:
44:f8:eb:63:21:ec:68:b1:83:12:2f:56:90:93:84:1d:6e:77:
fb:6c:11:45:1e:13:51:ec:cf:9a:be:de:9a:d1:b0:a0:cd:d7:
8d:fa:b4:d7:b1:88:6a:62:fe:50:93:ee:0e:20:7f:34:41:c9:
b9:f2:b2:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+mDSmMYV/Qi/JOaNtdciMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2E1NWQyZTNiOTE2M2NjNDg4YjZmN2FiZTYyZWIyNmU3
YThjMzgwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjc0YWZmYmI4NmRjYjY1YzEzYWQ3YzFjMzlhYTQ4YTJhMDk0MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlx5XfluSN4h9N8Xfl2iPNM2j1EME
IVHN8bTK0nQkofLjyMIDRJa0IMoHGHYAxWrLwDg0cIENU2DCtz/rIXnj+e3aXsf6
HX4iNbi8cUDSjq4kzCUNEX+zhJjc+1b0dnFSMG5EfmmrdRmgs5mE3YZZggKjraXn
d7x6nKrhPzIPgKO9tandFNn2G/GM9AR7+xTyfeHMXr7FBNhGbvu/ZT5MLd+2IVWy
LxuA+U3Xfg5YgbWfd5nToK6q868Br2lVibUCQYEiwdKFi+VsQNUHkCPrIWpEihEV
1Iuv+LQ4kxONHNFHjguvpX1evoKXVPXHnhHFO8aSTFkde21XTJgDhKpgkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJ0r/u4bctlwTrXwcOapIoqCUCjMB8GA1UdIwQY
MBaAFNTKVdLjuRY8xIi296vmLrJueow4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU1wVjB1TzVGanpFaUxiM3EtWXVzbTU2akRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xYzYwNWItMTdiMy00ODMzLWEwM2Et
YTRmMDEyOTNjYzA1LzEvWW5Tdi03aHR5MlhCT3RmQnc1cWtpaW9KUUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xYzYwNWItMTdiMy00ODMzLWEwM2EtYTRmMDEyOTNjYzA1
LzEvMU1wVjB1TzVGanpFaUxiM3EtWXVzbTU2akRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWi9MA0G
CSqGSIb3DQEBCwUAA4IBAQAczk/utzQVKBvTYVzrEosAfOwuQqKlmOQ5gIYruKHK
z6XDipE9OqV+n1f0+yNdw29g/75rVGotbK8kTl1oaFrglg3Gzdsi6sTeG99ormF4
Y+ySfr3oabtcEJ9lPTJLqpTsdQZa2e/Ayz8fcAOcP7WdpNCRFyy7NiL0hH9e9Dhc
gj2SZjU1kB0cSlR2Il/vv0uYcWk4J9lEo9kVzJLQj5Yb2Hzm0UsTAVuSl02uo0QY
Bh+u7W4Hm5WBAWuN+MCG5oLUEWLN2l9E+OtjIexosYMSL1aQk4Qdbnf7bBFFHhNR
7M+avt6a0bCgzdeN+rTXsYhqYv5Qk+4OIH80Qcm58rJe
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:30:05 2025 by rpki-client