Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/YQ-ivAU2GjpXzKyxFGGwXFJ8zmQ.roa
File: YQ-ivAU2GjpXzKyxFGGwXFJ8zmQ.roa (raw, json)
Hash identifier: mpez8Nfeb8fdFkfUqZ7oUQsfxS2ywTzhSbNw8qv5OfQ=
Subject key identifier: 61:0F:A2:BC:05:36:1A:3A:57:CC:AC:B1:14:61:B0:5C:52:7C:CE:64
Certificate issuer: /CN=0aac388b37d44768fce0eaec97de433faf72b9dc
Certificate serial: 01870365F910D5E3C6B893BEDCFF439B3D48
Authority key identifier: 0A:AC:38:8B:37:D4:47:68:FC:E0:EA:EC:97:DE:43:3F:AF:72:B9:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cqw4izfUR2j84Orsl95DP69yudw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/YQ-ivAU2GjpXzKyxFGGwXFJ8zmQ.roa
Signing time: Tue 21 Mar 2023 09:00:27 +0000
ROA not before: Tue 21 Mar 2023 09:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25145
IP address blocks: 2a0c:ae80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:65:f9:10:d5:e3:c6:b8:93:be:dc:ff:43:9b:3d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0aac388b37d44768fce0eaec97de433faf72b9dc
Validity
Not Before: Mar 21 09:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=610fa2bc05361a3a57ccacb11461b05c527cce64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9f:79:b2:55:37:35:b6:f5:02:5c:63:2c:46:
f9:cd:dc:08:97:b5:1f:ff:e4:61:ee:5e:dc:94:92:
de:12:bc:98:7a:b6:7d:8d:64:82:e0:22:a7:57:3f:
93:0f:8e:69:81:a6:2b:50:78:4a:4b:e6:15:7c:7d:
2a:20:23:55:45:da:93:a4:12:a3:da:f4:78:2e:19:
a0:21:ba:fa:53:86:d9:8a:34:18:5b:9b:54:86:78:
1c:fb:80:a6:13:b6:92:35:6e:3b:31:ce:ce:a7:f5:
de:9a:f4:a9:20:82:23:f4:a5:fe:f1:3a:bf:2c:28:
dd:4d:c0:f1:b0:0d:65:91:75:c8:9a:65:af:30:d0:
6f:ea:66:0e:c4:5a:aa:38:e3:ad:01:48:d2:ef:9b:
0a:5f:7b:dc:b8:10:cf:ae:84:9d:9c:49:14:b0:4b:
95:74:97:2c:2b:10:90:49:f0:02:2c:1d:d1:3f:61:
34:d1:f6:96:2f:b1:2b:b3:13:5e:76:2a:64:51:ad:
d0:bd:5e:a5:f5:50:04:3a:a2:2e:b5:1f:93:50:50:
de:b2:4d:5a:30:90:82:ac:f6:85:69:3e:7f:f4:6e:
c7:ad:73:95:28:0a:c8:1d:97:ff:f1:36:62:ea:09:
fd:6d:0a:a8:4a:78:77:1d:89:6a:6b:65:16:4d:53:
7a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:0F:A2:BC:05:36:1A:3A:57:CC:AC:B1:14:61:B0:5C:52:7C:CE:64
X509v3 Authority Key Identifier:
keyid:0A:AC:38:8B:37:D4:47:68:FC:E0:EA:EC:97:DE:43:3F:AF:72:B9:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cqw4izfUR2j84Orsl95DP69yudw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/YQ-ivAU2GjpXzKyxFGGwXFJ8zmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/656ca9-bbbc-49b7-aacc-24aa4cee6b2c/1/Cqw4izfUR2j84Orsl95DP69yudw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:ae80::/29
Signature Algorithm: sha256WithRSAEncryption
09:bf:0b:e3:a1:70:cb:50:60:2e:da:60:1a:89:66:24:0f:f8:
45:4c:58:3a:03:38:c3:d0:5c:b4:84:0c:56:f4:05:45:99:6b:
45:51:39:76:d4:12:1e:5e:48:d6:4a:a8:06:64:12:b4:32:8a:
c1:95:dc:8f:01:7d:e0:66:54:42:9e:7f:66:2f:0a:88:40:af:
c6:10:c9:0a:d5:57:ef:93:7d:11:19:a3:f2:78:6c:16:b2:73:
50:9b:2e:55:a5:7d:ae:4a:e9:17:80:f3:d6:27:2d:e6:b8:87:
11:5d:1b:d9:87:b3:7d:94:56:94:43:3e:4f:66:7d:92:f7:49:
16:80:37:64:74:58:1f:be:90:b5:0c:0f:3a:ad:4c:b8:43:55:
7a:f3:86:d8:ec:5a:2d:49:a4:14:e0:c1:df:6d:a3:42:7a:e6:
28:a8:06:94:85:63:01:de:35:03:54:9a:08:ef:c3:4c:c1:4c:
b8:0f:ef:b0:1c:6e:4d:e5:51:69:98:38:6e:92:49:a5:32:65:
b7:b2:7b:b9:a3:f7:33:ac:02:ec:4d:c3:98:6a:1a:07:e8:24:
49:4c:13:9e:79:83:ab:d1:23:58:9e:4c:da:d2:49:a9:84:bf:
5a:e5:4c:0c:7a:84:52:5c:bb:17:9c:2d:d6:e2:38:ee:7c:0a:
66:9b:7b:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcDZfkQ1ePGuJO+3P9Dmz1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYWMzODhiMzdkNDQ3NjhmY2UwZWFlYzk3ZGU0MzNmYWY3
MmI5ZGMwHhcNMjMwMzIxMDkwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTBmYTJiYzA1MzYxYTNhNTdjY2FjYjExNDYxYjA1YzUyN2NjZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Z95slU3Nbb1AlxjLEb5zdwIl7Uf
/+Rh7l7clJLeEryYerZ9jWSC4CKnVz+TD45pgaYrUHhKS+YVfH0qICNVRdqTpBKj
2vR4LhmgIbr6U4bZijQYW5tUhngc+4CmE7aSNW47Mc7Op/XemvSpIIIj9KX+8Tq/
LCjdTcDxsA1lkXXImmWvMNBv6mYOxFqqOOOtAUjS75sKX3vcuBDProSdnEkUsEuV
dJcsKxCQSfACLB3RP2E00faWL7ErsxNedipkUa3QvV6l9VAEOqIutR+TUFDesk1a
MJCCrPaFaT5/9G7HrXOVKArIHZf/8TZi6gn9bQqoSnh3HYlqa2UWTVN6OQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGEPorwFNho6V8yssRRhsFxSfM5kMB8GA1UdIwQY
MBaAFAqsOIs31Edo/ODq7JfeQz+vcrncMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3F3NGl6ZlVSMmo4NE9yc2w5NURQNjl5dWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82NTZjYTktYmJiYy00OWI3LWFhY2Mt
MjRhYTRjZWU2YjJjLzEvWVEtaXZBVTJHanBYekt5eEZHR3dYRko4em1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82NTZjYTktYmJiYy00OWI3LWFhY2MtMjRhYTRjZWU2YjJj
LzEvQ3F3NGl6ZlVSMmo4NE9yc2w5NURQNjl5dWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgyugDAN
BgkqhkiG9w0BAQsFAAOCAQEACb8L46Fwy1BgLtpgGolmJA/4RUxYOgM4w9BctIQM
VvQFRZlrRVE5dtQSHl5I1kqoBmQStDKKwZXcjwF94GZUQp5/Zi8KiECvxhDJCtVX
75N9ERmj8nhsFrJzUJsuVaV9rkrpF4Dz1ict5riHEV0b2YezfZRWlEM+T2Z9kvdJ
FoA3ZHRYH76QtQwPOq1MuENVevOG2OxaLUmkFODB322jQnrmKKgGlIVjAd41A1Sa
CO/DTMFMuA/vsBxuTeVRaZg4bpJJpTJlt7J7uaP3M6wC7E3DmGoaB+gkSUwTnnmD
q9EjWJ5M2tJJqYS/WuVMDHqEUly7F5wt1uI47nwKZpt7QQ==
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:25:04 2025 by rpki-client