Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/y9dVlv7C8jt1fELPDuSmyp52Mcg.roa
File: y9dVlv7C8jt1fELPDuSmyp52Mcg.roa (raw, json)
Hash identifier: vNMUeNGorzi4WtNu2277m6hL1GtJurW+/uJuXD0zin0=
Subject key identifier: CB:D7:55:96:FE:C2:F2:3B:75:7C:42:CF:0E:E4:A6:CA:9E:76:31:C8
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C651841488837DDFA52F146D7A9C1
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/y9dVlv7C8jt1fELPDuSmyp52Mcg.roa
Signing time: Wed 01 Jan 2025 01:48:02 +0000
ROA not before: Wed 01 Jan 2025 01:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214309
IP address blocks: 2a12:bec4:14d0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:65:18:41:48:88:37:dd:fa:52:f1:46:d7:a9:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbd75596fec2f23b757c42cf0ee4a6ca9e7631c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8b:2f:e2:36:37:d2:76:2d:4e:5a:ff:6f:52:
71:5a:d3:60:4e:5c:30:dc:94:ad:c0:03:97:d3:ab:
df:56:a9:cc:ec:00:e6:57:cf:91:5e:86:10:2e:00:
45:6b:eb:45:3a:72:cc:56:96:66:f8:83:e4:dd:c2:
96:c1:db:5f:0a:b0:07:f2:ea:6c:f1:55:b9:ac:67:
6b:ba:cc:e9:4d:b1:7d:01:c8:10:10:63:f4:ad:bc:
d0:be:ad:c1:8b:8d:16:52:25:c5:77:ad:c0:66:39:
4e:98:c4:4f:ad:c6:21:86:f4:80:95:a4:e2:ac:ae:
48:a3:25:de:91:ce:80:40:ad:eb:6d:74:3e:70:92:
be:26:0e:bc:d6:5e:87:f8:f2:ce:ea:5b:a5:a7:9d:
a0:28:22:40:d7:d6:c7:d7:af:3f:77:83:da:60:3a:
fc:a8:0d:1b:88:7a:dd:2a:b7:b6:75:e4:0d:d1:fc:
3f:5e:e9:29:a1:d8:94:0a:9b:16:2c:96:d0:cd:07:
96:67:e4:0d:4c:51:c6:d5:97:9f:3b:8c:fc:7a:c6:
69:ff:f0:b9:0c:50:ca:d5:c4:f9:e1:95:a1:3c:16:
b1:cc:a9:fa:96:88:9c:3a:06:21:7e:3e:8e:da:86:
25:0f:7e:ec:f7:6b:f1:6e:35:b7:56:e1:16:2f:8d:
29:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D7:55:96:FE:C2:F2:3B:75:7C:42:CF:0E:E4:A6:CA:9E:76:31:C8
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/y9dVlv7C8jt1fELPDuSmyp52Mcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:14d0::/44
Signature Algorithm: sha256WithRSAEncryption
4b:77:ef:d9:64:9d:d1:68:0b:07:3c:d4:48:43:15:db:60:ea:
97:89:b8:b9:47:a1:6e:8d:9a:b7:90:5b:f1:c6:93:9f:1d:6e:
c5:70:ec:dd:ea:f6:6e:25:63:0d:3d:69:41:b7:a5:b2:04:ec:
54:39:69:9e:bf:63:8a:01:d1:92:ae:d9:57:0b:97:f8:98:d0:
48:d3:3d:4e:33:96:81:ca:69:10:20:c1:8a:7d:3c:74:bd:e8:
70:8c:ea:96:30:86:20:05:db:91:18:22:e7:e1:2d:b1:f2:ef:
ba:58:39:54:4e:3e:f7:4a:a1:9c:d3:6c:5f:16:ee:76:ec:7a:
32:7c:28:40:c9:25:ab:74:48:00:7f:0c:5a:e8:c4:18:5c:44:
71:4e:16:1f:7a:b7:85:63:55:d7:80:9a:c6:1c:7d:cf:9c:36:
68:c2:23:51:a9:5e:15:bd:6f:5d:6b:85:44:19:a1:8e:c9:06:
25:5e:eb:31:78:d9:dd:53:b4:ff:27:27:aa:e9:d9:80:a0:d4:
54:72:e3:9d:e7:57:81:fb:f7:83:cf:a2:6b:48:eb:b5:24:4a:
ad:ea:ee:17:9e:2b:cb:ed:2f:cb:be:c6:86:6d:c2:57:3f:24:
4f:6a:ff:ae:e5:f9:46:5b:79:30:24:a0:f9:0a:d0:6b:52:58:
2b:a7:a8:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjGUYQUiIN936UvFG16nBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmQ3NTU5NmZlYzJmMjNiNzU3YzQyY2YwZWU0YTZjYTllNzYzMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvosv4jY30nYtTlr/b1JxWtNgTlww
3JStwAOX06vfVqnM7ADmV8+RXoYQLgBFa+tFOnLMVpZm+IPk3cKWwdtfCrAH8ups
8VW5rGdruszpTbF9AcgQEGP0rbzQvq3Bi40WUiXFd63AZjlOmMRPrcYhhvSAlaTi
rK5IoyXekc6AQK3rbXQ+cJK+Jg681l6H+PLO6lulp52gKCJA19bH168/d4PaYDr8
qA0biHrdKre2deQN0fw/XukpodiUCpsWLJbQzQeWZ+QNTFHG1ZefO4z8esZp//C5
DFDK1cT54ZWhPBaxzKn6loicOgYhfj6O2oYlD37s92vxbjW3VuEWL40pKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMvXVZb+wvI7dXxCzw7kpsqedjHIMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEveTlkVmx2N0M4anQxZkVMUER1U215cDUyTWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBTQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBLd+/ZZJ3RaAsHPNRIQxXbYOqXibi5R6FujZq3
kFvxxpOfHW7FcOzd6vZuJWMNPWlBt6WyBOxUOWmev2OKAdGSrtlXC5f4mNBI0z1O
M5aBymkQIMGKfTx0vehwjOqWMIYgBduRGCLn4S2x8u+6WDlUTj73SqGc02xfFu52
7HoyfChAySWrdEgAfwxa6MQYXERxThYfereFY1XXgJrGHH3PnDZowiNRqV4VvW9d
a4VEGaGOyQYlXusxeNndU7T/Jyeq6dmAoNRUcuOd51eB+/eDz6JrSOu1JEqt6u4X
nivL7S/LvsaGbcJXPyRPav+u5flGW3kwJKD5CtBrUlgrp6hI
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:40:03 2025 by rpki-client