Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/B-YGSnw6mlzmsy9e1WdnYiYl8uA.roa
File: B-YGSnw6mlzmsy9e1WdnYiYl8uA.roa (raw, json)
Hash identifier: dqAKP/dgHYPVRyqQIAqMlRLtWiN+IpM+mjudxWdaulM=
Subject key identifier: 07:E6:06:4A:7C:3A:9A:5C:E6:B3:2F:5E:D5:67:67:62:26:25:F2:E0
Certificate issuer: /CN=63c34455c0d4e4fc3ba2f1c46f08b475c8f6d980
Certificate serial: 019421B1D17DB7C0549B1034FE500CA2B3D2
Authority key identifier: 63:C3:44:55:C0:D4:E4:FC:3B:A2:F1:C4:6F:08:B4:75:C8:F6:D9:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8NEVcDU5Pw7ovHEbwi0dcj22YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/B-YGSnw6mlzmsy9e1WdnYiYl8uA.roa
Signing time: Wed 01 Jan 2025 11:48:09 +0000
ROA not before: Wed 01 Jan 2025 11:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24867
IP address blocks: 78.40.152.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d1:7d:b7:c0:54:9b:10:34:fe:50:0c:a2:b3:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c34455c0d4e4fc3ba2f1c46f08b475c8f6d980
Validity
Not Before: Jan 1 11:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07e6064a7c3a9a5ce6b32f5ed56767622625f2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:3d:54:b4:f9:f1:1b:b4:50:28:cd:65:62:f7:
1d:f5:c8:98:73:e1:8d:33:5f:97:30:3c:78:fb:26:
98:2c:86:4b:28:15:d1:16:f7:36:5c:ba:04:f1:f6:
e2:41:fa:03:41:4e:a7:98:7d:7e:25:ec:0f:70:0c:
98:97:9a:37:df:9c:87:80:94:4a:e0:a6:65:89:bf:
3f:36:16:15:31:c5:01:91:b3:fa:25:04:4d:54:47:
45:3d:99:ee:54:13:38:b8:4a:a6:33:34:f6:73:3c:
3e:34:ba:3d:3f:7f:26:b7:d2:6f:55:e9:3c:79:c4:
26:ec:67:d0:40:6b:85:9c:aa:7d:62:fc:e7:6b:f0:
86:14:83:6f:b2:5b:a7:a0:0b:0f:28:0d:04:e8:d4:
a6:d2:5c:d6:14:2e:4f:33:b7:e9:ad:9c:94:8a:ef:
c9:b8:57:3a:31:cf:a7:73:51:40:fe:d9:4b:16:95:
22:77:1e:70:dd:05:6e:e4:fd:8b:d4:e3:a8:ae:64:
c6:19:db:d8:d4:93:c9:65:cc:4c:78:a4:32:7d:e5:
de:64:08:87:e6:ce:4a:fe:b5:fd:dc:d5:ea:9b:fd:
2e:7f:a3:4f:ec:0f:ae:1d:4e:d4:e1:2e:b4:2f:2c:
5c:0b:24:0e:48:2d:a1:14:34:d3:2d:75:7b:22:14:
ce:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E6:06:4A:7C:3A:9A:5C:E6:B3:2F:5E:D5:67:67:62:26:25:F2:E0
X509v3 Authority Key Identifier:
keyid:63:C3:44:55:C0:D4:E4:FC:3B:A2:F1:C4:6F:08:B4:75:C8:F6:D9:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8NEVcDU5Pw7ovHEbwi0dcj22YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/B-YGSnw6mlzmsy9e1WdnYiYl8uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/35656a-066e-49df-b709-7bfcd7e94b9e/1/Y8NEVcDU5Pw7ovHEbwi0dcj22YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.152.0/21
Signature Algorithm: sha256WithRSAEncryption
97:24:f2:7f:c4:80:92:28:89:0e:bf:c7:5b:cf:62:5e:07:c9:
1c:6c:22:fd:f5:3d:33:5d:ef:7c:dc:87:95:26:e1:e5:78:ef:
b6:33:36:92:7a:56:67:1b:5d:d1:6f:52:19:68:5d:92:77:98:
a9:cd:06:21:98:ee:08:12:0f:2c:f5:39:75:32:85:9b:f2:99:
61:04:71:18:30:05:3d:1f:0c:f7:92:25:31:1e:50:78:41:f1:
50:fa:c3:e5:97:35:4e:ba:8d:a9:61:35:d9:14:d9:e6:ec:95:
ed:96:35:b8:52:6f:a5:46:cf:a4:70:0c:36:d5:16:23:bf:11:
27:a1:dd:a7:0b:18:b2:8b:1e:04:82:a4:35:c2:60:9d:bd:ab:
0c:1b:7c:85:e6:cf:cb:1d:6d:fb:14:f9:c4:d6:96:0e:8b:b8:
95:a9:81:a6:8e:d4:e0:4c:e6:ac:63:37:46:03:ef:b5:5d:7d:
b4:8d:3c:0e:78:85:68:33:92:21:bb:13:10:d9:11:bd:83:4d:
42:b8:b6:f4:78:ce:e4:33:c4:44:5a:6d:29:e4:07:eb:66:a9:
cb:ff:b9:bc:8b:0c:78:a1:08:9c:32:c9:08:16:d3:28:5f:7a:
46:c1:45:5c:6f:e3:65:e8:62:bd:61:07:36:5a:19:0f:68:72:
de:97:b7:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsdF9t8BUmxA0/lAMorPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzM0NDU1YzBkNGU0ZmMzYmEyZjFjNDZmMDhiNDc1Yzhm
NmQ5ODAwHhcNMjUwMTAxMTE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U2MDY0YTdjM2E5YTVjZTZiMzJmNWVkNTY3Njc2MjI2MjVmMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5T1UtPnxG7RQKM1lYvcd9ciYc+GN
M1+XMDx4+yaYLIZLKBXRFvc2XLoE8fbiQfoDQU6nmH1+JewPcAyYl5o335yHgJRK
4KZlib8/NhYVMcUBkbP6JQRNVEdFPZnuVBM4uEqmMzT2czw+NLo9P38mt9JvVek8
ecQm7GfQQGuFnKp9Yvzna/CGFINvslunoAsPKA0E6NSm0lzWFC5PM7fprZyUiu/J
uFc6Mc+nc1FA/tlLFpUidx5w3QVu5P2L1OOormTGGdvY1JPJZcxMeKQyfeXeZAiH
5s5K/rX93NXqm/0uf6NP7A+uHU7U4S60LyxcCyQOSC2hFDTTLXV7IhTO1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAfmBkp8Oppc5rMvXtVnZ2ImJfLgMB8GA1UdIwQY
MBaAFGPDRFXA1OT8O6LxxG8ItHXI9tmAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThORVZjRFU1UHc3b3ZIRWJ3aTBkY2oyMllBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zNTY1NmEtMDY2ZS00OWRmLWI3MDkt
N2JmY2Q3ZTk0YjllLzEvQi1ZR1NudzZtbHptc3k5ZTFXZG5ZaVlsOHVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zNTY1NmEtMDY2ZS00OWRmLWI3MDktN2JmY2Q3ZTk0Yjll
LzEvWThORVZjRFU1UHc3b3ZIRWJ3aTBkY2oyMllBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDTiiYMA0G
CSqGSIb3DQEBCwUAA4IBAQCXJPJ/xICSKIkOv8dbz2JeB8kcbCL99T0zXe983IeV
JuHleO+2MzaSelZnG13Rb1IZaF2Sd5ipzQYhmO4IEg8s9Tl1MoWb8plhBHEYMAU9
Hwz3kiUxHlB4QfFQ+sPllzVOuo2pYTXZFNnm7JXtljW4Um+lRs+kcAw21RYjvxEn
od2nCxiyix4EgqQ1wmCdvasMG3yF5s/LHW37FPnE1pYOi7iVqYGmjtTgTOasYzdG
A++1XX20jTwOeIVoM5IhuxMQ2RG9g01CuLb0eM7kM8REWm0p5AfrZqnL/7m8iwx4
oQicMskIFtMoX3pGwUVcb+Nl6GK9YQc2WhkPaHLel7f8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:02 2025 by rpki-client