Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ydd2PO-H_Fgb3WARzarl2KvbvAk.roa
File: Ydd2PO-H_Fgb3WARzarl2KvbvAk.roa (raw, json)
Hash identifier: DpLF4xAY/mw4bABqiewkQc6g6XtrYQs2MjxkcakbRf8=
Subject key identifier: 61:D7:76:3C:EF:87:FC:58:1B:DD:60:11:CD:AA:E5:D8:AB:DB:BC:09
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01941962488C4D2119F16DBD9745D946FB6F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ydd2PO-H_Fgb3WARzarl2KvbvAk.roa
Signing time: Mon 30 Dec 2024 21:04:18 +0000
ROA not before: Mon 30 Dec 2024 21:04:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:194:1962:438f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:19:62:48:8c:4d:21:19:f1:6d:bd:97:45:d9:46:fb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Dec 30 21:04:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61d7763cef87fc581bdd6011cdaae5d8abdbbc09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2e:e4:34:4d:5a:50:98:76:d4:dd:b6:82:d9:
d8:95:b7:44:d3:bd:01:cd:b4:be:4b:84:c0:75:ee:
33:79:ca:b4:d6:e0:9b:b3:a8:d5:9c:a4:fa:f7:9c:
44:1e:28:d6:a6:76:6c:44:47:d9:bb:c0:2b:f6:df:
55:f1:1c:6c:8e:a3:fd:92:a9:6d:5c:97:cb:c7:34:
4c:cd:7a:80:7c:4a:d2:9c:eb:b5:0f:bd:e5:37:ac:
03:73:5b:87:45:39:5c:a2:03:eb:8b:0a:ea:fd:6f:
f0:85:93:9c:37:e4:c0:27:43:ce:1c:3e:9a:49:f6:
c6:4c:8a:ca:49:d7:ed:e4:0d:27:d9:83:97:76:2d:
0f:fc:2e:90:49:be:01:ab:81:26:05:63:d6:c6:d4:
51:e5:56:2d:24:15:3c:ad:c8:88:7e:e4:00:af:4c:
1f:d6:e3:82:79:e1:8f:c1:88:03:5d:9e:2b:79:ba:
b9:ee:e3:b4:4d:a1:5d:70:00:e8:ef:67:59:9a:52:
6f:3e:b7:91:d2:85:74:86:d0:b0:b8:e5:7b:f4:0d:
7f:b6:f1:53:5a:59:72:b2:d6:f4:11:9d:fe:41:9c:
df:3f:77:23:43:5d:44:d2:eb:07:2a:6e:a1:7b:51:
25:5f:90:bf:bd:62:35:c0:11:c2:34:d8:bd:95:7e:
80:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:D7:76:3C:EF:87:FC:58:1B:DD:60:11:CD:AA:E5:D8:AB:DB:BC:09
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Ydd2PO-H_Fgb3WARzarl2KvbvAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:194:1962:438f/128
Signature Algorithm: sha256WithRSAEncryption
7d:51:a5:1a:b2:00:4a:c7:a2:55:8e:50:c8:96:54:58:06:9f:
17:0d:40:d7:e5:ac:a2:f7:10:0b:5d:88:65:65:cd:e3:de:9d:
68:eb:b1:81:5e:fc:4a:27:f2:8e:21:92:ed:d7:74:86:45:98:
75:1c:98:e2:7e:a2:a0:2f:a4:34:da:fc:43:e3:78:2a:9a:4e:
ec:7d:af:f9:ec:16:2d:78:97:e1:a5:00:34:98:51:79:36:82:
0a:f7:01:ce:d2:7d:e5:94:41:d5:56:f2:4a:78:b1:0b:57:80:
f9:a6:69:1e:ca:08:b0:9a:3d:e7:97:cb:ed:42:3f:9b:87:14:
d5:6c:45:08:19:f2:07:a0:a0:42:d3:b0:e7:e1:b2:8a:5a:9a:
f2:38:af:fc:8a:9b:e3:01:7e:e9:68:90:be:6b:8b:23:2a:dc:
3f:57:62:28:22:c0:2f:b5:26:d1:4d:6f:57:16:46:c6:b3:c6:
01:96:49:87:5b:fc:d0:10:29:c3:43:cf:29:65:4c:06:12:52:
e8:82:10:a0:21:b6:22:33:d8:8b:9e:67:7c:71:32:13:b5:04:
96:02:cb:61:70:66:52:28:ca:5d:91:02:24:8d:a3:24:b5:04:
ad:50:2f:8d:0b:a3:bd:de:bd:c6:82:fc:35:09:8e:a7:1b:be:
2e:52:fa:09
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQZYkiMTSEZ8W29l0XZRvtvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQxMjMwMjEwNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWQ3NzYzY2VmODdmYzU4MWJkZDYwMTFjZGFhZTVkOGFiZGJiYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti7kNE1aUJh21N22gtnYlbdE070B
zbS+S4TAde4zecq01uCbs6jVnKT695xEHijWpnZsREfZu8Ar9t9V8RxsjqP9kqlt
XJfLxzRMzXqAfErSnOu1D73lN6wDc1uHRTlcogPriwrq/W/whZOcN+TAJ0POHD6a
SfbGTIrKSdft5A0n2YOXdi0P/C6QSb4Bq4EmBWPWxtRR5VYtJBU8rciIfuQAr0wf
1uOCeeGPwYgDXZ4rebq57uO0TaFdcADo72dZmlJvPreR0oV0htCwuOV79A1/tvFT
Wllystb0EZ3+QZzfP3cjQ11E0usHKm6he1ElX5C/vWI1wBHCNNi9lX6AqwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFGHXdjzvh/xYG91gEc2q5dir27wJMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWWRkMlBPLUhfRmdiM1dBUnphcmwyS3ZidkFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGUGWJDjzANBgkqhkiG9w0BAQsFAAOCAQEAfVGlGrIASseiVY5QyJZUWAaf
Fw1A1+WsovcQC12IZWXN496daOuxgV78SifyjiGS7dd0hkWYdRyY4n6ioC+kNNr8
Q+N4KppO7H2v+ewWLXiX4aUANJhReTaCCvcBztJ95ZRB1VbySnixC1eA+aZpHsoI
sJo955fL7UI/m4cU1WxFCBnyB6CgQtOw5+Gyilqa8jiv/Iqb4wF+6WiQvmuLIyrc
P1diKCLAL7Um0U1vVxZGxrPGAZZJh1v80BApw0PPKWVMBhJS6IIQoCG2IjPYi55n
fHEyE7UElgLLYXBmUijKXZECJI2jJLUErVAvjQujvd69xoL8NQmOpxu+LlL6CQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:40:55 2025 by rpki-client