Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/yQx5YUSfcqcgx3IA4ICMejwqPbs.roa
File: yQx5YUSfcqcgx3IA4ICMejwqPbs.roa (raw, json)
Hash identifier: cBatkYbqWez1EI7dU65y7uQSmyGeXkq58ToIkxccLCs=
Subject key identifier: C9:0C:79:61:44:9F:72:A7:20:C7:72:00:E0:80:8C:7A:3C:2A:3D:BB
Certificate issuer: /CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Certificate serial: 01941F8BFE0C6C20FE65E1493B407BA5D345
Authority key identifier: 57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/yQx5YUSfcqcgx3IA4ICMejwqPbs.roa
Signing time: Wed 01 Jan 2025 01:47:35 +0000
ROA not before: Wed 01 Jan 2025 01:47:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 2a00:a080::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8b:fe:0c:6c:20:fe:65:e1:49:3b:40:7b:a5:d3:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b80e60b5adf45aeba5c0c8abccc63997a0f1db
Validity
Not Before: Jan 1 01:47:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c90c7961449f72a720c77200e0808c7a3c2a3dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:9e:32:57:0f:02:d3:72:ff:45:4d:13:a7:
1b:54:c6:8f:23:c9:2c:05:3e:36:55:16:07:00:6e:
ec:87:69:41:f3:6c:01:25:69:f0:35:f4:50:a5:23:
cb:94:92:c9:3e:73:38:19:51:18:97:d9:38:6f:57:
47:10:65:58:ee:c9:62:80:aa:06:b9:fc:ec:fa:06:
14:57:e7:ae:ca:e6:f6:38:04:fc:af:cf:a4:0b:b1:
7c:b6:5f:9e:ca:39:a7:b7:7d:f1:ef:32:b7:e6:c3:
b3:4f:1a:32:05:21:a2:ca:4a:92:77:cf:fc:eb:db:
f9:96:8b:77:2e:73:24:eb:f5:cd:72:47:04:98:b4:
9e:82:cf:19:b7:09:84:59:8a:74:e7:b7:75:3a:17:
4c:a0:4e:ba:29:76:f4:e0:eb:4e:e5:0f:6e:68:f8:
35:88:fc:15:03:eb:a9:da:eb:20:e1:b3:4b:44:a3:
85:d7:33:d0:4f:20:25:f8:36:78:00:b8:4d:da:38:
b5:52:a6:a9:5a:00:3a:25:a3:79:64:51:6e:8c:be:
18:e9:4a:b6:4e:98:5c:f9:eb:2f:1e:fa:fc:b1:d1:
44:2b:37:a3:37:c9:1c:7d:10:01:ef:c7:51:8a:39:
19:84:64:83:fc:52:1d:8d:97:39:da:8b:e8:63:eb:
f2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:0C:79:61:44:9F:72:A7:20:C7:72:00:E0:80:8C:7A:3C:2A:3D:BB
X509v3 Authority Key Identifier:
keyid:57:B8:0E:60:B5:AD:F4:5A:EB:A5:C0:C8:AB:CC:C6:39:97:A0:F1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7gOYLWt9FrrpcDIq8zGOZeg8ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/yQx5YUSfcqcgx3IA4ICMejwqPbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/79dd9c-ce64-4b25-8f23-e6e8aae34826/1/V7gOYLWt9FrrpcDIq8zGOZeg8ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:a080::/32
Signature Algorithm: sha256WithRSAEncryption
95:e0:d5:4b:9a:81:15:7a:8b:93:70:d7:fc:5f:aa:c5:2d:5a:
3c:71:c2:57:99:37:c2:3f:43:94:72:b9:99:1a:45:a2:0d:0e:
32:66:2e:38:ef:24:2c:fe:4d:21:b0:e6:3f:ed:32:0f:da:0d:
b0:ab:ef:de:7c:89:5c:e2:22:d8:ce:2f:3e:e4:66:d2:47:5a:
ad:6e:26:b8:c2:56:1e:c8:58:b7:83:40:9e:9e:dc:cc:dd:cc:
9e:6c:94:00:59:ec:35:ea:21:98:45:48:ef:af:ad:7d:49:36:
85:1f:23:0e:ec:32:74:38:25:f6:8b:20:d0:2d:01:7c:ac:c5:
87:e8:72:59:6a:45:df:b7:c1:cf:13:f5:24:00:8e:3d:ad:e3:
b6:da:8c:30:ef:1f:2a:25:0a:ab:34:26:26:55:40:ae:23:65:
1c:f4:c9:94:3e:d1:7a:33:92:e0:94:ce:b0:e5:51:2e:8e:c0:
4e:e1:c3:4e:d0:21:64:d2:b3:e8:9a:5c:8a:15:8a:3b:8c:0b:
7d:99:af:3f:ed:13:50:3f:8c:cc:9e:cd:7e:5d:87:4d:fd:94:
37:2a:0d:d2:f8:62:51:cb:ae:e6:de:c7:5f:92:94:40:2e:f4:
fd:74:11:d9:c7:27:f9:c2:90:7e:2d:b8:bd:63:97:ca:10:ed:
60:9b:17:f7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfi/4MbCD+ZeFJO0B7pdNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjgwZTYwYjVhZGY0NWFlYmE1YzBjOGFiY2NjNjM5OTdh
MGYxZGIwHhcNMjUwMTAxMDE0NzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTBjNzk2MTQ0OWY3MmE3MjBjNzcyMDBlMDgwOGM3YTNjMmEzZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBKeMlcPAtNy/0VNE6cbVMaPI8ks
BT42VRYHAG7sh2lB82wBJWnwNfRQpSPLlJLJPnM4GVEYl9k4b1dHEGVY7sligKoG
ufzs+gYUV+euyub2OAT8r8+kC7F8tl+eyjmnt33x7zK35sOzTxoyBSGiykqSd8/8
69v5lot3LnMk6/XNckcEmLSegs8ZtwmEWYp057d1OhdMoE66KXb04OtO5Q9uaPg1
iPwVA+up2usg4bNLRKOF1zPQTyAl+DZ4ALhN2ji1UqapWgA6JaN5ZFFujL4Y6Uq2
Tphc+esvHvr8sdFEKzejN8kcfRAB78dRijkZhGSD/FIdjZc52ovoY+vyjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMkMeWFEn3KnIMdyAOCAjHo8Kj27MB8GA1UdIwQY
MBaAFFe4DmC1rfRa66XAyKvMxjmXoPHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMt
ZTZlOGFhZTM0ODI2LzEveVF4NVlVU2ZjcWNneDNJQTRJQ01landxUGJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi83OWRkOWMtY2U2NC00YjI1LThmMjMtZTZlOGFhZTM0ODI2
LzEvVjdnT1lMV3Q5RnJycGNESXE4ekdPWmVnOGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCggDAN
BgkqhkiG9w0BAQsFAAOCAQEAleDVS5qBFXqLk3DX/F+qxS1aPHHCV5k3wj9DlHK5
mRpFog0OMmYuOO8kLP5NIbDmP+0yD9oNsKvv3nyJXOIi2M4vPuRm0kdarW4muMJW
HshYt4NAnp7czN3MnmyUAFnsNeohmEVI76+tfUk2hR8jDuwydDgl9osg0C0BfKzF
h+hyWWpF37fBzxP1JACOPa3jttqMMO8fKiUKqzQmJlVAriNlHPTJlD7RejOS4JTO
sOVRLo7ATuHDTtAhZNKz6JpcihWKO4wLfZmvP+0TUD+MzJ7Nfl2HTf2UNyoN0vhi
Ucuu5t7HX5KUQC70/XQR2ccn+cKQfi24vWOXyhDtYJsX9w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:55:37 2025 by rpki-client