Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Y1QIu1-TMRASBK7l1ydycpxHbIU.roa
File: Y1QIu1-TMRASBK7l1ydycpxHbIU.roa (raw, json)
Hash identifier: mI+r+vHPoyp4i5uop/pecPf3R1ss8OX97BLRBDlywAA=
Subject key identifier: 63:54:08:BB:5F:93:31:10:12:04:AE:E5:D7:27:72:72:9C:47:6C:85
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01942747C603234F8F66DBEED13752ADFD0D
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Y1QIu1-TMRASBK7l1ydycpxHbIU.roa
Signing time: Thu 02 Jan 2025 13:50:02 +0000
ROA not before: Thu 02 Jan 2025 13:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51032
IP address blocks: 2001:146a::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:c6:03:23:4f:8f:66:db:ee:d1:37:52:ad:fd:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 13:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=635408bb5f9331101204aee5d72772729c476c85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:74:7e:74:21:2b:b6:ea:d5:9a:79:68:63:5e:
31:38:4f:ec:7d:20:e2:f3:ef:83:89:75:dc:e7:23:
61:9a:85:8f:aa:81:04:d0:7b:47:d6:35:2d:bc:d2:
d1:ba:29:bb:a6:59:1f:bc:c5:a9:a6:83:fd:c3:a3:
f7:31:65:af:c1:e9:87:73:6b:00:d4:5d:b5:cb:83:
7e:6c:a1:83:30:b3:9e:82:07:19:d3:ca:ff:ff:53:
1b:eb:f5:35:04:80:63:3a:17:fa:19:2e:9b:d6:2b:
a5:36:98:41:d8:cd:2b:64:52:88:17:c4:33:71:74:
5c:82:cc:eb:6c:65:66:5a:98:f5:98:3b:db:20:f1:
bb:25:f0:8c:1c:24:c7:7c:91:79:24:b7:5b:3a:80:
f8:eb:45:f7:5a:d6:80:44:87:79:44:c7:c5:84:f6:
7f:7c:51:d2:0d:b6:23:4d:ac:19:7f:a6:a1:d6:f4:
24:e7:e9:b4:2e:93:cb:71:64:b0:4e:ba:88:8b:54:
ed:ea:2a:41:47:7e:c1:cb:8c:46:7e:40:65:08:8b:
ae:4c:74:19:20:03:95:77:46:ea:4d:8f:3f:36:7c:
59:aa:cd:d6:b4:c1:43:13:8e:55:09:80:45:a9:e9:
92:0d:35:bc:a6:f2:0e:1a:3b:0e:e2:86:d3:bf:a3:
ae:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:54:08:BB:5F:93:31:10:12:04:AE:E5:D7:27:72:72:9C:47:6C:85
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/Y1QIu1-TMRASBK7l1ydycpxHbIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:146a::/32
Signature Algorithm: sha256WithRSAEncryption
7d:53:af:30:e1:fe:59:f1:64:33:9d:14:d3:9f:3e:59:c6:2b:
79:3e:58:79:a7:c7:5f:a7:f3:9d:a9:49:37:2c:bd:35:0b:60:
45:09:a8:db:dd:27:a0:10:38:d5:ac:1d:08:94:8c:1c:51:64:
2f:19:5f:6c:40:e7:c2:7a:15:ed:7b:24:da:16:d1:4a:26:b9:
1f:57:d7:8a:d7:eb:75:52:f3:15:4c:c7:fa:e9:bf:10:88:8f:
4c:be:cf:c8:d3:e0:ed:90:0e:f5:43:ac:a7:4a:94:c9:a5:c5:
6b:a2:bc:e4:64:0a:26:89:45:44:98:0c:21:51:99:3c:21:a6:
a6:66:95:89:71:c7:ee:62:aa:ef:74:15:93:a3:31:72:fe:7e:
d4:bb:b1:b9:1a:ae:05:e9:e5:df:b7:e4:70:cc:60:fc:d1:fb:
c7:54:c0:1f:13:3c:46:9c:96:84:7c:69:ec:9d:41:02:49:ed:
ef:5c:44:8c:87:c0:50:6a:d7:8e:ac:3e:62:dd:85:eb:1d:1d:
e4:60:45:ea:fd:26:93:2e:1e:f1:55:9f:e7:88:8a:6f:8f:59:
b0:1c:8a:38:27:b6:22:64:65:44:31:c7:6e:c3:4e:4e:a0:c1:
69:c5:78:1b:7d:8e:17:aa:e5:c5:35:28:5e:60:7b:2a:31:cc:
38:d4:2e:68
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnR8YDI0+PZtvu0TdSrf0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwMTAyMTM1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzU0MDhiYjVmOTMzMTEwMTIwNGFlZTVkNzI3NzI3MjljNDc2Yzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHR+dCErturVmnloY14xOE/sfSDi
8++DiXXc5yNhmoWPqoEE0HtH1jUtvNLRuim7plkfvMWppoP9w6P3MWWvwemHc2sA
1F21y4N+bKGDMLOeggcZ08r//1Mb6/U1BIBjOhf6GS6b1iulNphB2M0rZFKIF8Qz
cXRcgszrbGVmWpj1mDvbIPG7JfCMHCTHfJF5JLdbOoD460X3WtaARId5RMfFhPZ/
fFHSDbYjTawZf6ah1vQk5+m0LpPLcWSwTrqIi1Tt6ipBR37By4xGfkBlCIuuTHQZ
IAOVd0bqTY8/NnxZqs3WtMFDE45VCYBFqemSDTW8pvIOGjsO4obTv6OudQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGNUCLtfkzEQEgSu5dcncnKcR2yFMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvWTFRSXUxLVRNUkFTQks3bDF5ZHljcHhIYklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAEUajAN
BgkqhkiG9w0BAQsFAAOCAQEAfVOvMOH+WfFkM50U058+WcYreT5YeafHX6fznalJ
Nyy9NQtgRQmo290noBA41awdCJSMHFFkLxlfbEDnwnoV7Xsk2hbRSia5H1fXitfr
dVLzFUzH+um/EIiPTL7PyNPg7ZAO9UOsp0qUyaXFa6K85GQKJolFRJgMIVGZPCGm
pmaViXHH7mKq73QVk6Mxcv5+1LuxuRquBenl37fkcMxg/NH7x1TAHxM8RpyWhHxp
7J1BAknt71xEjIfAUGrXjqw+Yt2F6x0d5GBF6v0mky4e8VWf54iKb49ZsByKOCe2
ImRlRDHHbsNOTqDBacV4G32OF6rlxTUoXmB7KjHMONQuaA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:06:37 2025 by rpki-client