Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/7486fd-3f81-4540-aaaa-0b3ed25f66e9/1/y75cXyuDLpcYexdmkwYwYU3Mg-w.roa
File: y75cXyuDLpcYexdmkwYwYU3Mg-w.roa (raw, json)
Hash identifier: x/UMSX0QI4HQrUWQqpp/rIJY0lp7ztidnsmz2QLBnXs=
Subject key identifier: CB:BE:5C:5F:2B:83:2E:97:18:7B:17:66:93:06:30:61:4D:CC:83:EC
Certificate issuer: /CN=b5b537918dd90251eb36538e7181ce933c7ef845
Certificate serial: 019427B6350D8DABA88101907A6374C18205
Authority key identifier: B5:B5:37:91:8D:D9:02:51:EB:36:53:8E:71:81:CE:93:3C:7E:F8:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbU3kY3ZAlHrNlOOcYHOkzx--EU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/7486fd-3f81-4540-aaaa-0b3ed25f66e9/1/y75cXyuDLpcYexdmkwYwYU3Mg-w.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207394
IP address blocks: 2001:67c:25ec::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:35:0d:8d:ab:a8:81:01:90:7a:63:74:c1:82:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5b537918dd90251eb36538e7181ce933c7ef845
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbbe5c5f2b832e97187b1766930630614dcc83ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:87:bc:da:72:d4:53:3a:1c:e7:7d:b4:1d:fd:
cf:fc:9b:61:ac:80:15:e4:2e:55:29:f8:06:52:2d:
ee:fa:5e:4e:ef:1a:f9:93:3f:0e:18:ae:ee:9f:50:
ec:95:31:ff:2c:99:c7:eb:5e:03:9f:2b:65:ab:60:
ca:f6:ab:39:80:a2:17:24:91:16:b8:02:9a:42:c9:
3d:3a:39:1f:23:99:e7:85:50:ca:f6:7e:96:ab:83:
ed:20:ac:c8:d8:3a:ce:79:c8:c0:47:eb:cf:88:0c:
03:45:47:74:7f:73:2d:c6:91:31:f0:4d:a8:26:23:
4a:21:ba:29:ca:3a:4f:42:21:d7:b0:b2:46:d7:97:
a3:23:71:5c:bf:db:8e:3f:2b:07:77:6e:ee:65:56:
eb:b9:d0:f7:cc:ae:94:ea:72:da:55:06:f2:1f:d6:
32:d8:6f:e8:77:9b:46:c2:0a:98:97:67:ec:d6:df:
8a:db:c6:bf:0f:2b:89:87:e9:b1:23:31:ab:32:6a:
b8:23:46:28:26:58:32:16:27:ef:d0:fe:de:77:97:
e6:da:6a:8f:40:45:cf:9b:0d:34:b4:21:c1:25:b0:
c7:32:47:c9:58:bb:14:89:c2:47:11:24:93:e8:d3:
6b:e8:7d:7f:11:e3:6c:11:de:f5:ce:1f:7d:0b:72:
f8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:BE:5C:5F:2B:83:2E:97:18:7B:17:66:93:06:30:61:4D:CC:83:EC
X509v3 Authority Key Identifier:
keyid:B5:B5:37:91:8D:D9:02:51:EB:36:53:8E:71:81:CE:93:3C:7E:F8:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbU3kY3ZAlHrNlOOcYHOkzx--EU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7486fd-3f81-4540-aaaa-0b3ed25f66e9/1/y75cXyuDLpcYexdmkwYwYU3Mg-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/7486fd-3f81-4540-aaaa-0b3ed25f66e9/1/tbU3kY3ZAlHrNlOOcYHOkzx--EU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:25ec::/48
Signature Algorithm: sha256WithRSAEncryption
4a:22:7d:73:16:fe:21:ea:f5:e9:67:36:38:8d:b6:c5:ed:81:
df:cc:64:7e:5a:73:b6:09:18:f2:1c:b0:8f:80:05:d3:ad:96:
c7:c3:e4:45:be:03:67:12:1b:ac:1e:9f:f8:14:55:75:2d:71:
e3:d8:a1:08:1c:c8:66:57:5f:f4:db:58:64:0b:b0:04:c8:e5:
5e:3d:48:12:ec:d3:e1:99:aa:7c:05:6c:b3:71:38:09:5a:76:
62:41:cf:8f:06:7c:9c:61:ee:89:fc:83:d0:47:4f:a4:1d:33:
a8:e1:ee:a7:93:82:a7:c5:51:ec:94:22:ec:2b:7f:87:0f:4a:
71:ae:db:8c:9d:d0:05:31:4a:98:18:a4:ad:f3:1c:e3:64:42:
6e:fa:92:83:82:6e:fe:46:42:dd:a5:b5:fb:95:4a:ff:dc:21:
ac:ef:4b:6f:0e:10:14:82:66:af:24:3d:66:f0:a5:ca:18:09:
65:51:2e:e2:a9:29:01:33:7d:b0:c7:ff:19:b3:f2:d5:d2:3a:
5c:b5:c3:20:e9:b4:98:3f:e7:9a:09:5c:5d:51:68:52:7f:10:
5b:39:fb:b8:5f:14:76:9a:84:06:77:1b:fd:a2:01:ef:a7:59:
4c:6f:2a:24:8e:11:e2:08:e3:bf:99:25:44:b8:7d:54:93:c4:
a7:41:ce:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntjUNjauogQGQemN0wYIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjUzNzkxOGRkOTAyNTFlYjM2NTM4ZTcxODFjZTkzM2M3
ZWY4NDUwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmJlNWM1ZjJiODMyZTk3MTg3YjE3NjY5MzA2MzA2MTRkY2M4M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoe82nLUUzoc5320Hf3P/JthrIAV
5C5VKfgGUi3u+l5O7xr5kz8OGK7un1DslTH/LJnH614Dnytlq2DK9qs5gKIXJJEW
uAKaQsk9OjkfI5nnhVDK9n6Wq4PtIKzI2DrOecjAR+vPiAwDRUd0f3MtxpEx8E2o
JiNKIbopyjpPQiHXsLJG15ejI3Fcv9uOPysHd27uZVbrudD3zK6U6nLaVQbyH9Yy
2G/od5tGwgqYl2fs1t+K28a/DyuJh+mxIzGrMmq4I0YoJlgyFifv0P7ed5fm2mqP
QEXPmw00tCHBJbDHMkfJWLsUicJHESST6NNr6H1/EeNsEd71zh99C3L4KwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMu+XF8rgy6XGHsXZpMGMGFNzIPsMB8GA1UdIwQY
MBaAFLW1N5GN2QJR6zZTjnGBzpM8fvhFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJVM2tZM1pBbEhyTmxPT2NZSE9rengtLUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83NDg2ZmQtM2Y4MS00NTQwLWFhYWEt
MGIzZWQyNWY2NmU5LzEveTc1Y1h5dURMcGNZZXhkbWt3WXdZVTNNZy13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83NDg2ZmQtM2Y4MS00NTQwLWFhYWEtMGIzZWQyNWY2NmU5
LzEvdGJVM2tZM1pBbEhyTmxPT2NZSE9rengtLUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCXs
MA0GCSqGSIb3DQEBCwUAA4IBAQBKIn1zFv4h6vXpZzY4jbbF7YHfzGR+WnO2CRjy
HLCPgAXTrZbHw+RFvgNnEhusHp/4FFV1LXHj2KEIHMhmV1/021hkC7AEyOVePUgS
7NPhmap8BWyzcTgJWnZiQc+PBnycYe6J/IPQR0+kHTOo4e6nk4KnxVHslCLsK3+H
D0pxrtuMndAFMUqYGKSt8xzjZEJu+pKDgm7+RkLdpbX7lUr/3CGs70tvDhAUgmav
JD1m8KXKGAllUS7iqSkBM32wx/8Zs/LV0jpctcMg6bSYP+eaCVxdUWhSfxBbOfu4
XxR2moQGdxv9ogHvp1lMbyokjhHiCOO/mSVEuH1Uk8SnQc5I
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:40:49 2025 by rpki-client