Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YB2zUTyoxel_TU0C-RPZ0DWC_fA.roa
File: YB2zUTyoxel_TU0C-RPZ0DWC_fA.roa (raw, json)
Hash identifier: H+l2FJXygFNR58kYNG0QXGR7UHJmWfPVu+qW78hqDcc=
Subject key identifier: 60:1D:B3:51:3C:A8:C5:E9:7F:4D:4D:02:F9:13:D9:D0:35:82:FD:F0
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01946D19AC62F4149AA348BC22E10BF3ECB2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YB2zUTyoxel_TU0C-RPZ0DWC_fA.roa
Signing time: Thu 16 Jan 2025 03:13:06 +0000
ROA not before: Thu 16 Jan 2025 03:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:2c0d:6680/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6d:19:ac:62:f4:14:9a:a3:48:bc:22:e1:0b:f3:ec:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jan 16 03:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=601db3513ca8c5e97f4d4d02f913d9d03582fdf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d5:07:35:a2:93:6d:4f:68:28:45:a6:be:49:
e5:d2:3d:26:1d:1e:e4:dd:fd:ff:9b:60:6a:a9:96:
1f:9f:0e:54:1c:5e:5c:6f:89:96:b8:4d:cf:e2:37:
77:f7:ef:ae:23:54:04:ca:b2:3e:11:7d:fe:33:2b:
cb:de:6a:61:45:4f:0d:2f:47:d6:ca:85:60:b8:45:
1c:22:4c:c3:77:fb:f1:c1:a4:02:af:c9:9f:be:23:
8a:02:67:75:f4:05:fb:21:d0:44:08:08:78:6b:c6:
7f:b8:7d:7b:33:26:6d:94:6a:d3:20:80:05:0a:8c:
0c:46:c2:b8:3d:5e:e8:5e:2d:2d:82:c5:bd:9d:95:
e7:9a:c5:4b:0f:e7:e6:9c:bf:68:d4:2d:26:92:1e:
36:a2:47:be:e2:84:9b:3b:b1:5b:c1:14:cc:57:10:
c6:41:8b:e9:49:13:28:69:0b:55:fa:2e:10:e7:a0:
58:b4:c5:e1:af:7c:30:15:f6:0f:e9:0b:27:9f:e9:
cb:f8:aa:7a:8e:75:be:36:b4:17:5f:39:2c:81:db:
18:bd:98:49:bd:3a:88:33:9c:7f:30:1e:7d:a6:e1:
6a:ff:c5:9f:ea:54:99:9a:1f:48:48:6a:d5:0f:06:
49:4b:1e:87:f4:37:b8:39:4b:4e:95:27:32:75:ab:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1D:B3:51:3C:A8:C5:E9:7F:4D:4D:02:F9:13:D9:D0:35:82:FD:F0
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/YB2zUTyoxel_TU0C-RPZ0DWC_fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:2c0d:6680/128
Signature Algorithm: sha256WithRSAEncryption
04:4d:88:cd:04:34:5e:78:52:d0:52:c5:33:29:d9:ce:4b:25:
01:94:99:47:b3:54:72:fe:01:57:92:61:35:46:29:ec:a8:76:
a5:ff:91:75:73:c6:1d:3d:0e:df:e3:1a:a5:59:dd:22:57:66:
31:c6:cf:3c:57:53:7d:cb:1d:0e:7b:a0:99:98:e5:ac:d5:14:
97:cd:dd:d0:e9:71:e2:90:7e:2d:97:6e:7a:e1:9a:d4:85:38:
c7:73:06:b2:d2:f7:92:a6:19:bc:3d:91:55:ba:11:e0:6a:24:
0e:b4:24:ff:e1:05:f0:d9:f6:8e:22:69:7e:26:28:d4:e3:fc:
11:9f:bf:82:8d:aa:4f:5f:17:f3:e1:8f:2f:dc:2a:cc:3a:94:
2a:21:a1:04:ed:3e:75:cc:72:f4:1d:b1:18:e8:c4:7e:13:a0:
98:b6:71:e7:90:08:74:23:cc:52:23:c4:1b:44:99:51:e0:0d:
da:37:61:4a:77:a9:1f:46:91:77:29:04:55:8e:7f:22:22:13:
27:32:87:78:1e:88:03:81:cf:d9:cb:2d:eb:cc:90:1c:02:64:
63:fb:db:05:4a:b3:d5:15:9c:f1:82:3c:e8:68:49:6e:fc:f8:
5c:9c:7f:d8:26:85:f7:6d:0e:11:d1:6e:f9:5c:00:44:ef:73:
10:a2:6f:a5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRtGaxi9BSao0i8IuEL8+yyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMTE2MDMxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDFkYjM1MTNjYThjNWU5N2Y0ZDRkMDJmOTEzZDlkMDM1ODJmZGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9UHNaKTbU9oKEWmvknl0j0mHR7k
3f3/m2BqqZYfnw5UHF5cb4mWuE3P4jd39++uI1QEyrI+EX3+MyvL3mphRU8NL0fW
yoVguEUcIkzDd/vxwaQCr8mfviOKAmd19AX7IdBECAh4a8Z/uH17MyZtlGrTIIAF
CowMRsK4PV7oXi0tgsW9nZXnmsVLD+fmnL9o1C0mkh42oke+4oSbO7FbwRTMVxDG
QYvpSRMoaQtV+i4Q56BYtMXhr3wwFfYP6Qsnn+nL+Kp6jnW+NrQXXzksgdsYvZhJ
vTqIM5x/MB59puFq/8Wf6lSZmh9ISGrVDwZJSx6H9De4OUtOlScydasExwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGAds1E8qMXpf01NAvkT2dA1gv3wMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWUIyelVUeW94ZWxfVFUwQy1SUFowRFdDX2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGULA1mgDANBgkqhkiG9w0BAQsFAAOCAQEABE2IzQQ0XnhS0FLFMynZzksl
AZSZR7NUcv4BV5JhNUYp7Kh2pf+RdXPGHT0O3+MapVndIldmMcbPPFdTfcsdDnug
mZjlrNUUl83d0Olx4pB+LZdueuGa1IU4x3MGstL3kqYZvD2RVboR4GokDrQk/+EF
8Nn2jiJpfiYo1OP8EZ+/go2qT18X8+GPL9wqzDqUKiGhBO0+dcxy9B2xGOjEfhOg
mLZx55AIdCPMUiPEG0SZUeAN2jdhSnepH0aRdykEVY5/IiITJzKHeB6IA4HP2cst
68yQHAJkY/vbBUqz1RWc8YI86GhJbvz4XJx/2CaF920OEdFu+VwARO9zEKJvpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:05:53 2025 by rpki-client