Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/984602-4a90-4551-bf49-2edbdfaff47e/1/yotvkOlDpHIjetkLzlsFffb4Fzg.roa
File: yotvkOlDpHIjetkLzlsFffb4Fzg.roa (raw, json)
Hash identifier: mCxherpCescziAaZ/qCXrgjRp6uzHj6W+5YSjua8Xis=
Subject key identifier: CA:8B:6F:90:E9:43:A4:72:23:7A:D9:0B:CE:5B:05:7D:F6:F8:17:38
Certificate issuer: /CN=647c0936487ec5d803e4d5a9a5100c4651f45437
Certificate serial: 018572BA71BA3A2C14052DB460592477C9E1
Authority key identifier: 64:7C:09:36:48:7E:C5:D8:03:E4:D5:A9:A5:10:0C:46:51:F4:54:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZHwJNkh-xdgD5NWppRAMRlH0VDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/984602-4a90-4551-bf49-2edbdfaff47e/1/yotvkOlDpHIjetkLzlsFffb4Fzg.roa
Signing time: Mon 02 Jan 2023 13:44:59 +0000
ROA not before: Mon 02 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:2280::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:71:ba:3a:2c:14:05:2d:b4:60:59:24:77:c9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=647c0936487ec5d803e4d5a9a5100c4651f45437
Validity
Not Before: Jan 2 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca8b6f90e943a472237ad90bce5b057df6f81738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ac:81:65:40:86:7d:52:e3:ef:ab:5e:6c:62:
fb:d6:bf:4e:b0:a5:99:1f:b3:71:6b:05:d3:89:1a:
f9:dc:1a:fc:eb:49:ff:14:70:57:c2:aa:14:c8:85:
71:21:b5:a4:69:0f:dc:59:99:07:90:dd:7d:69:fd:
8b:5c:3d:48:73:86:33:1c:e3:8f:dc:27:25:a4:a0:
00:b5:dc:7f:c4:17:52:29:8d:af:d8:f5:83:2d:7f:
0f:21:ba:99:79:b8:43:b0:a8:c7:3d:c9:13:64:b1:
b1:2b:bd:7c:a6:7e:e7:f9:4d:6f:b2:e7:dd:b1:d0:
3c:63:0b:93:e6:0c:57:89:b6:56:d4:ba:05:ae:61:
50:35:1d:bb:64:ad:70:29:e8:80:b9:17:33:14:f5:
79:1a:01:ae:4b:66:da:90:35:a7:71:d2:96:71:e9:
10:26:0a:8d:42:43:09:c9:ca:a5:f7:aa:4b:d9:ff:
e2:96:12:75:ba:00:fd:29:cb:15:ed:fd:c3:68:29:
06:a5:a5:a2:f0:c5:a5:c9:96:f1:85:5b:66:75:61:
2d:55:db:cd:4e:57:31:da:46:aa:19:81:68:3c:cf:
b3:ab:29:3c:6a:36:62:5d:c1:15:7f:c4:84:19:08:
5d:0a:64:dd:8e:1d:ba:23:27:a2:d3:39:0d:c3:22:
55:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8B:6F:90:E9:43:A4:72:23:7A:D9:0B:CE:5B:05:7D:F6:F8:17:38
X509v3 Authority Key Identifier:
keyid:64:7C:09:36:48:7E:C5:D8:03:E4:D5:A9:A5:10:0C:46:51:F4:54:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZHwJNkh-xdgD5NWppRAMRlH0VDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/984602-4a90-4551-bf49-2edbdfaff47e/1/yotvkOlDpHIjetkLzlsFffb4Fzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/984602-4a90-4551-bf49-2edbdfaff47e/1/ZHwJNkh-xdgD5NWppRAMRlH0VDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:2280::/29
Signature Algorithm: sha256WithRSAEncryption
4a:f0:67:12:df:2a:ec:00:bb:4b:1e:3f:d9:93:ac:02:7e:22:
26:ca:58:63:84:94:65:ba:ad:7e:af:3a:53:ba:2d:7d:03:03:
e0:3c:62:97:c2:7c:e4:8c:88:2d:09:33:55:e9:4b:15:83:a6:
f1:b8:28:d3:7c:e1:5d:53:98:07:1c:7b:6a:be:7a:d3:49:0e:
42:aa:c0:bd:de:80:5d:73:91:7c:b5:19:7e:53:c4:6f:77:11:
5a:c9:c5:4c:c9:c1:9c:e1:dd:70:43:40:cd:0d:e3:68:45:9f:
6d:c7:53:3a:c5:71:a8:24:12:cb:f2:54:e0:90:b9:b6:ab:00:
de:e8:aa:0f:ad:4b:1e:58:f3:42:e9:98:5c:f7:49:e5:8a:bb:
95:d0:46:d2:e1:16:22:f5:14:23:72:93:f0:da:11:53:cf:18:
58:fd:37:1f:58:0c:e0:de:58:0f:3f:68:5e:1c:4d:6b:ff:77:
4f:42:07:8e:14:3d:90:1c:79:d6:8d:a7:9b:b7:28:ff:4b:a5:
77:17:0a:c5:f6:b4:58:a2:1f:29:99:ed:d2:0a:ae:75:89:96:
db:72:fb:55:97:2e:c5:7c:9f:9b:4d:80:e7:d8:c1:e3:85:d5:
00:9e:5d:55:39:1f:47:56:78:db:38:be:81:07:92:28:a9:dc:
d2:18:5a:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyunG6OiwUBS20YFkkd8nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0N2MwOTM2NDg3ZWM1ZDgwM2U0ZDVhOWE1MTAwYzQ2NTFm
NDU0MzcwHhcNMjMwMTAyMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYThiNmY5MGU5NDNhNDcyMjM3YWQ5MGJjZTViMDU3ZGY2ZjgxNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmayBZUCGfVLj76tebGL71r9OsKWZ
H7NxawXTiRr53Br860n/FHBXwqoUyIVxIbWkaQ/cWZkHkN19af2LXD1Ic4YzHOOP
3CclpKAAtdx/xBdSKY2v2PWDLX8PIbqZebhDsKjHPckTZLGxK718pn7n+U1vsufd
sdA8YwuT5gxXibZW1LoFrmFQNR27ZK1wKeiAuRczFPV5GgGuS2bakDWncdKWcekQ
JgqNQkMJycql96pL2f/ilhJ1ugD9KcsV7f3DaCkGpaWi8MWlyZbxhVtmdWEtVdvN
Tlcx2kaqGYFoPM+zqyk8ajZiXcEVf8SEGQhdCmTdjh26Iyei0zkNwyJVOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMqLb5DpQ6RyI3rZC85bBX32+Bc4MB8GA1UdIwQY
MBaAFGR8CTZIfsXYA+TVqaUQDEZR9FQ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkh3Sk5raC14ZGdENU5XcHBSQU1SbEgwVkRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ODQ2MDItNGE5MC00NTUxLWJmNDkt
MmVkYmRmYWZmNDdlLzEveW90dmtPbERwSElqZXRrTHpsc0ZmZmI0RnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ODQ2MDItNGE5MC00NTUxLWJmNDktMmVkYmRmYWZmNDdl
LzEvWkh3Sk5raC14ZGdENU5XcHBSQU1SbEgwVkRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhEigDAN
BgkqhkiG9w0BAQsFAAOCAQEASvBnEt8q7AC7Sx4/2ZOsAn4iJspYY4SUZbqtfq86
U7otfQMD4Dxil8J85IyILQkzVelLFYOm8bgo03zhXVOYBxx7ar5600kOQqrAvd6A
XXORfLUZflPEb3cRWsnFTMnBnOHdcENAzQ3jaEWfbcdTOsVxqCQSy/JU4JC5tqsA
3uiqD61LHljzQumYXPdJ5Yq7ldBG0uEWIvUUI3KT8NoRU88YWP03H1gM4N5YDz9o
XhxNa/93T0IHjhQ9kBx51o2nm7co/0uldxcKxfa0WKIfKZnt0gqudYmW23L7VZcu
xXyfm02A59jB44XVAJ5dVTkfR1Z42zi+gQeSKKnc0hha9g==
-----END CERTIFICATE-----
Generated at Mon Apr 14 06:27:50 2025 by rpki-client