Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/yphDYCojIc0PisUPqGFzcSpaHr4.roa
File: yphDYCojIc0PisUPqGFzcSpaHr4.roa (raw, json)
Hash identifier: kueA64oPFnuqfOUJ8KFf+GceWa+kI7exnedP73+jI8A=
Subject key identifier: CA:98:43:60:2A:23:21:CD:0F:8A:C5:0F:A8:61:73:71:2A:5A:1E:BE
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 0194221FFD0456497AD0CED05C51423BBA8C
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/yphDYCojIc0PisUPqGFzcSpaHr4.roa
Signing time: Wed 01 Jan 2025 13:48:29 +0000
ROA not before: Wed 01 Jan 2025 13:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 45.145.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:fd:04:56:49:7a:d0:ce:d0:5c:51:42:3b:ba:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jan 1 13:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca9843602a2321cd0f8ac50fa86173712a5a1ebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:16:47:d3:a4:c7:1d:aa:a1:e7:36:6d:56:cd:
f8:6d:08:ad:ec:f7:ea:34:56:d3:95:ea:a6:90:4b:
bd:b9:93:0b:ca:bf:bd:d9:7c:9c:59:b7:9a:f5:7c:
3a:84:65:92:f0:74:6d:f9:60:23:c8:fc:a0:2d:53:
c6:af:89:f2:bb:1c:58:27:ae:e5:52:ec:1f:2e:6b:
c4:b8:40:0a:e5:86:7c:16:88:4f:98:f8:80:df:70:
db:d4:68:89:59:e2:32:25:ef:45:f5:6f:d8:15:67:
75:fc:57:ea:c1:90:8a:f7:26:cb:f9:d5:92:34:5b:
b9:e7:f6:e2:4e:0c:e9:dc:c3:1f:02:f8:ea:5a:90:
d5:dc:96:f1:60:61:77:81:ee:f1:6c:37:12:7f:a4:
15:7e:65:33:49:da:df:15:52:8a:ce:13:70:96:ea:
c1:17:af:13:36:86:26:a6:2f:1c:11:9f:b3:e3:9c:
03:f6:fb:37:45:70:92:86:e5:34:68:3b:9a:5d:a4:
48:f7:03:e0:cf:1f:0b:30:f7:01:79:af:ba:b3:47:
d8:c4:63:62:e5:f6:49:e2:d5:38:9b:fe:e7:8b:2a:
db:34:0f:28:0d:de:cf:d9:a1:24:d8:56:93:b7:9e:
75:e7:37:ce:55:86:15:fd:13:9e:c0:c5:fd:6b:5f:
67:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:98:43:60:2A:23:21:CD:0F:8A:C5:0F:A8:61:73:71:2A:5A:1E:BE
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/yphDYCojIc0PisUPqGFzcSpaHr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.16.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:0d:f5:05:8d:53:7c:6d:65:c4:76:e6:8d:a5:1a:58:93:fb:
12:77:7a:55:d7:43:8d:51:5e:7e:e5:46:0c:6d:76:00:7b:ea:
f1:3d:f8:8c:e4:bb:55:32:85:8b:bf:df:12:40:cc:79:30:51:
9e:ea:96:b5:b5:e4:87:e7:88:3b:8f:8e:90:44:40:ec:6d:49:
86:e5:ad:69:c5:ed:14:a3:8b:7d:7d:36:d8:23:e4:95:d5:f6:
15:d5:7c:a0:b0:fc:f6:9a:a2:da:e5:18:0d:09:4c:03:8a:35:
95:b3:6f:e5:25:c8:75:3e:ec:5a:e3:14:1a:43:d9:ec:44:69:
40:8d:f1:dd:01:ae:b3:7d:d5:f0:d5:b1:05:9e:c1:88:a1:58:
3f:be:d4:85:d3:3e:58:bf:03:6e:e2:19:9d:95:df:a2:69:a3:
d7:b1:e1:8b:e8:4f:be:e3:55:f2:9b:2e:04:2e:a4:c4:bd:e7:
d8:89:15:ad:b4:b6:1a:f6:5d:30:47:6e:95:53:8b:1b:28:bb:
60:ef:9c:3d:7f:c8:35:bf:78:69:68:87:a4:11:65:05:ce:1c:
84:cf:f7:c6:1d:2a:63:2f:df:f9:70:cb:a9:23:4b:1f:6f:46:
88:46:59:3f:75:d4:e9:2c:a5:fe:7e:1b:12:46:67:da:c1:2d:
02:76:2e:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH/0EVkl60M7QXFFCO7qMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwMTAxMTM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTk4NDM2MDJhMjMyMWNkMGY4YWM1MGZhODYxNzM3MTJhNWExZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRZH06THHaqh5zZtVs34bQit7Pfq
NFbTleqmkEu9uZMLyr+92XycWbea9Xw6hGWS8HRt+WAjyPygLVPGr4nyuxxYJ67l
UuwfLmvEuEAK5YZ8FohPmPiA33Db1GiJWeIyJe9F9W/YFWd1/FfqwZCK9ybL+dWS
NFu55/biTgzp3MMfAvjqWpDV3JbxYGF3ge7xbDcSf6QVfmUzSdrfFVKKzhNwlurB
F68TNoYmpi8cEZ+z45wD9vs3RXCShuU0aDuaXaRI9wPgzx8LMPcBea+6s0fYxGNi
5fZJ4tU4m/7niyrbNA8oDd7P2aEk2FaTt5515zfOVYYV/ROewMX9a19nvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqYQ2AqIyHND4rFD6hhc3EqWh6+MB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEveXBoRFlDb2pJYzBQaXNVUHFHRnpjU3BhSHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZEQMA0G
CSqGSIb3DQEBCwUAA4IBAQCjDfUFjVN8bWXEduaNpRpYk/sSd3pV10ONUV5+5UYM
bXYAe+rxPfiM5LtVMoWLv98SQMx5MFGe6pa1teSH54g7j46QREDsbUmG5a1pxe0U
o4t9fTbYI+SV1fYV1XygsPz2mqLa5RgNCUwDijWVs2/lJch1Puxa4xQaQ9nsRGlA
jfHdAa6zfdXw1bEFnsGIoVg/vtSF0z5YvwNu4hmdld+iaaPXseGL6E++41Xymy4E
LqTEvefYiRWttLYa9l0wR26VU4sbKLtg75w9f8g1v3hpaIekEWUFzhyEz/fGHSpj
L9/5cMupI0sfb0aIRlk/ddTpLKX+fhsSRmfawS0Cdi4Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:44:25 2025 by rpki-client