Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/UrYd0NA5zmrgZLSCaT92ep0qIig.roa
File: UrYd0NA5zmrgZLSCaT92ep0qIig.roa (raw, json)
Hash identifier: 5ySs0vtdS4BkBFJJxGI7iz4Ak6tcGsyGzVvo3ri7jkk=
Subject key identifier: 52:B6:1D:D0:D0:39:CE:6A:E0:64:B4:82:69:3F:76:7A:9D:2A:22:28
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 018CC3495F3948D43ADE8E6C4511A319527F
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/UrYd0NA5zmrgZLSCaT92ep0qIig.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209319
IP address blocks: 2a0f:300::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5f:39:48:d4:3a:de:8e:6c:45:11:a3:19:52:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52b61dd0d039ce6ae064b482693f767a9d2a2228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:72:07:a6:c6:d1:02:46:f9:f9:3d:93:68:a5:
20:db:98:7d:72:8c:38:13:a9:8c:e4:be:c8:ef:32:
53:59:7f:30:bf:37:df:88:98:0c:21:ab:44:db:4f:
6f:6c:a5:46:7d:33:76:21:58:5f:ac:a9:a7:cc:f0:
9c:97:ad:65:65:ef:4f:5c:d2:12:17:ab:dc:21:a7:
15:42:e3:11:ad:e2:6c:c3:58:3e:1b:0c:ff:5c:0c:
2d:b6:4e:0f:98:23:3d:b6:7a:20:d6:af:4e:79:b5:
42:34:e3:97:0e:fe:bb:b1:27:b2:55:b5:dc:8d:33:
17:56:76:ec:ae:95:7a:7d:c9:f3:32:a3:59:1f:ca:
f4:c0:8a:99:34:e2:17:b5:ec:45:09:67:38:13:0a:
62:39:e0:a5:95:45:94:cb:81:6d:11:da:0c:4f:95:
ea:36:b7:37:7f:cb:60:9f:05:65:a1:d9:ac:0a:4f:
36:a5:cd:31:d1:e2:9d:df:75:93:5e:7c:7e:a5:88:
26:ad:f4:45:b0:87:96:be:4a:33:e0:c2:08:39:d6:
b9:2f:db:60:9e:b8:d8:0e:39:72:89:d4:7f:ef:70:
22:88:c7:09:2b:cb:3f:30:7c:35:f3:13:9b:cb:65:
5d:f9:b4:c8:0d:08:1d:d1:b1:27:a1:ab:67:b7:4e:
bb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B6:1D:D0:D0:39:CE:6A:E0:64:B4:82:69:3F:76:7A:9D:2A:22:28
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/UrYd0NA5zmrgZLSCaT92ep0qIig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:300::/29
Signature Algorithm: sha256WithRSAEncryption
00:8b:0d:e6:83:1d:b3:18:5b:ed:f6:ab:33:8d:ed:97:ef:7a:
a0:f0:81:1f:7e:29:b6:41:ff:91:dc:58:ea:fe:6e:0d:c5:9c:
86:69:26:6d:62:27:aa:c6:ff:25:f6:71:41:ef:c4:3f:b1:80:
67:2e:3d:ba:fe:5d:0b:40:a0:85:83:1e:4b:9e:95:64:95:4c:
5d:89:8c:86:d7:26:2f:6e:15:59:e6:05:2f:4d:eb:13:cc:cc:
04:e9:fb:45:03:42:e8:6f:39:f4:b9:2e:c5:96:68:85:5b:94:
15:f1:37:be:d1:c5:88:3b:28:86:d9:5a:55:27:7b:1d:12:8e:
06:7d:89:2a:3e:29:ac:f1:6c:4c:42:00:8f:1c:f2:d3:ac:48:
7e:90:c3:fc:be:5d:07:95:e8:2b:bb:23:2f:95:8c:e8:8e:1c:
bd:38:e9:a6:41:8b:36:12:e2:f2:5d:2e:c3:07:40:49:61:ea:
7c:33:e5:45:b7:91:57:cd:54:d3:9a:a7:7a:6d:8c:00:d0:cf:
23:89:b3:da:93:a1:c8:34:b3:50:93:9b:fd:4c:73:b5:c6:43:
e6:67:2b:6b:f9:6c:cc:fd:59:10:cc:81:bd:02:65:b9:21:23:
bf:42:1f:d2:73:13:5e:bb:95:1d:fa:97:ff:4b:53:50:c7:c8:
84:f0:60:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDSV85SNQ63o5sRRGjGVJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI2MWRkMGQwMzljZTZhZTA2NGI0ODI2OTNmNzY3YTlkMmEyMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3IHpsbRAkb5+T2TaKUg25h9cow4
E6mM5L7I7zJTWX8wvzffiJgMIatE209vbKVGfTN2IVhfrKmnzPCcl61lZe9PXNIS
F6vcIacVQuMRreJsw1g+Gwz/XAwttk4PmCM9tnog1q9OebVCNOOXDv67sSeyVbXc
jTMXVnbsrpV6fcnzMqNZH8r0wIqZNOIXtexFCWc4EwpiOeCllUWUy4FtEdoMT5Xq
Nrc3f8tgnwVlodmsCk82pc0x0eKd33WTXnx+pYgmrfRFsIeWvkoz4MIIOda5L9tg
nrjYDjlyidR/73AiiMcJK8s/MHw18xOby2Vd+bTIDQgd0bEnoatnt067+wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFK2HdDQOc5q4GS0gmk/dnqdKiIoMB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEvVXJZZDBOQTV6bXJnWkxTQ2FUOTJlcDBxSWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8DADAN
BgkqhkiG9w0BAQsFAAOCAQEAAIsN5oMdsxhb7farM43tl+96oPCBH34ptkH/kdxY
6v5uDcWchmkmbWInqsb/JfZxQe/EP7GAZy49uv5dC0CghYMeS56VZJVMXYmMhtcm
L24VWeYFL03rE8zMBOn7RQNC6G859LkuxZZohVuUFfE3vtHFiDsohtlaVSd7HRKO
Bn2JKj4prPFsTEIAjxzy06xIfpDD/L5dB5XoK7sjL5WM6I4cvTjppkGLNhLi8l0u
wwdASWHqfDPlRbeRV81U05qnem2MANDPI4mz2pOhyDSzUJOb/UxztcZD5mcra/ls
zP1ZEMyBvQJluSEjv0If0nMTXruVHfqX/0tTUMfIhPBggg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:08 2025 by rpki-client