Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/y59FYS6lZrG-f16cItpm531MOXQ.roa
File: y59FYS6lZrG-f16cItpm531MOXQ.roa (raw, json)
Hash identifier: m/cQn2JcKJOMV46aRM88IL5ucBeWO1CQAwW+N3Yj5A4=
Subject key identifier: CB:9F:45:61:2E:A5:66:B1:BE:7F:5E:9C:22:DA:66:E7:7D:4C:39:74
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 019427B5D2CC47678F01BFECD418B9C2B468
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/y59FYS6lZrG-f16cItpm531MOXQ.roa
Signing time: Thu 02 Jan 2025 15:50:14 +0000
ROA not before: Thu 02 Jan 2025 15:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206813
IP address blocks: 2001:bf7:170::/44 maxlen: 48
2001:bf7:1310::/44 maxlen: 48
2001:bf7:1310::/48 maxlen: 48
2001:bf7:1314::/48 maxlen: 48
2001:bf7:1315::/48 maxlen: 48
2001:bf7:1320::/44 maxlen: 48
2001:bf7:1322::/48 maxlen: 48
2001:bf7:1350::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d2:cc:47:67:8f:01:bf:ec:d4:18:b9:c2:b4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 2 15:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb9f45612ea566b1be7f5e9c22da66e77d4c3974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:ce:55:4b:f5:32:79:f8:eb:5d:3e:9e:42:
01:65:67:2e:96:c6:e4:f1:c9:b5:c4:18:4c:45:d5:
01:08:9e:dc:95:7e:b0:ce:23:d5:19:b3:e7:53:4b:
57:ba:a8:0f:df:68:ad:57:3f:f0:71:70:4d:d9:ce:
a9:76:f5:14:cc:30:a9:00:7b:6b:59:5c:ba:db:3b:
4e:b0:41:6a:86:82:29:e0:31:72:fc:fc:26:18:70:
04:fd:07:a4:47:be:7f:1e:73:e6:5a:61:cf:31:d1:
5b:ca:55:35:5a:6e:94:22:86:a1:d7:65:c0:8c:ad:
52:d7:4d:ce:97:6f:96:58:e8:c1:c9:88:19:f9:6b:
32:51:a0:68:1a:7e:1e:4c:14:92:ff:d9:5d:f6:3d:
a7:88:a4:49:6f:9f:7b:08:53:ab:de:97:e8:1f:b0:
17:0b:46:1f:cc:b4:42:f1:e8:09:08:88:21:e1:b9:
8b:9d:55:d9:23:10:fa:2c:b2:0a:de:ff:a9:33:99:
ca:4c:90:79:a8:89:51:c8:6c:9d:cf:b5:1e:95:94:
7f:29:ff:25:3c:28:5c:2e:ac:d8:de:fd:63:5c:67:
e5:2d:13:bd:13:e7:20:cc:62:5b:09:61:af:62:b2:
a9:d5:c4:5e:23:3e:ea:ac:bf:25:81:14:c4:18:4f:
96:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9F:45:61:2E:A5:66:B1:BE:7F:5E:9C:22:DA:66:E7:7D:4C:39:74
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/y59FYS6lZrG-f16cItpm531MOXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7:170::/44
2001:bf7:1310::-2001:bf7:132f:ffff:ffff:ffff:ffff:ffff
2001:bf7:1350::/44
Signature Algorithm: sha256WithRSAEncryption
58:bd:90:cf:f4:ef:47:c3:b3:96:8b:ef:63:a3:b3:11:28:5e:
1d:56:43:7d:c7:5c:a4:bb:a1:65:dd:01:ee:85:9f:f7:6d:d6:
a1:c2:75:43:f8:59:b6:0e:bd:82:62:54:71:6f:fa:de:2b:6d:
e5:20:55:87:c2:90:dc:53:90:27:80:32:cf:d0:2f:90:9f:97:
3d:44:b3:67:6d:bf:4f:64:19:8b:65:50:92:7b:a0:25:74:dd:
93:d9:ba:56:be:0f:53:52:81:27:61:34:be:d5:b5:b7:ef:ce:
5e:40:94:71:d6:0c:33:0f:96:90:cd:38:02:66:3c:05:1e:01:
7f:4b:4e:8e:cf:6f:91:ea:dd:a3:7d:0a:2f:41:e2:1f:9b:19:
9e:e6:de:e8:3a:ed:42:50:bb:96:6c:8c:3e:f4:00:66:54:53:
d8:98:41:fc:c6:c1:c6:94:75:97:db:86:3f:ee:39:8a:14:21:
a3:a1:ed:bf:ac:5f:d7:2f:4d:bd:7a:fc:e0:4b:ef:95:e6:f2:
e4:d7:51:5a:8a:0e:aa:b0:43:f5:e3:9c:5b:a9:53:c8:d9:b7:
52:ed:b6:59:3f:dc:8c:a6:a9:f0:19:e3:91:a1:b8:82:ff:5e:
4b:6c:89:40:2e:ce:e2:6e:be:a0:3a:c5:45:2f:dd:f0:7f:7c:
4b:bc:70:89
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQntdLMR2ePAb/s1Bi5wrRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjUwMTAyMTU1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjlmNDU2MTJlYTU2NmIxYmU3ZjVlOWMyMmRhNjZlNzdkNGMzOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyvOVUv1Mnn4610+nkIBZWculsbk
8cm1xBhMRdUBCJ7clX6wziPVGbPnU0tXuqgP32itVz/wcXBN2c6pdvUUzDCpAHtr
WVy62ztOsEFqhoIp4DFy/PwmGHAE/QekR75/HnPmWmHPMdFbylU1Wm6UIoah12XA
jK1S103Ol2+WWOjByYgZ+WsyUaBoGn4eTBSS/9ld9j2niKRJb597CFOr3pfoH7AX
C0YfzLRC8egJCIgh4bmLnVXZIxD6LLIK3v+pM5nKTJB5qIlRyGydz7UelZR/Kf8l
PChcLqzY3v1jXGflLRO9E+cgzGJbCWGvYrKp1cReIz7qrL8lgRTEGE+WcQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMufRWEupWaxvn9enCLaZud9TDl0MB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEveTU5RllTNmxackctZjE2Y0l0cG01MzFNT1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcEIAEL9wFw
MBIDBwQgAQv3ExADBwQgAQv3EyADBwQgAQv3E1AwDQYJKoZIhvcNAQELBQADggEB
AFi9kM/070fDs5aL72OjsxEoXh1WQ33HXKS7oWXdAe6Fn/dt1qHCdUP4WbYOvYJi
VHFv+t4rbeUgVYfCkNxTkCeAMs/QL5Cflz1Es2dtv09kGYtlUJJ7oCV03ZPZula+
D1NSgSdhNL7Vtbfvzl5AlHHWDDMPlpDNOAJmPAUeAX9LTo7Pb5Hq3aN9Ci9B4h+b
GZ7m3ug67UJQu5ZsjD70AGZUU9iYQfzGwcaUdZfbhj/uOYoUIaOh7b+sX9cvTb16
/OBL75Xm8uTXUVqKDqqwQ/XjnFupU8jZt1Lttlk/3IymqfAZ45GhuIL/XktsiUAu
zuJuvqA6xUUv3fB/fEu8cIk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:06 2025 by rpki-client