Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/YyypK_26gA3tCqMnNbNqGx5XYGo.roa
File: YyypK_26gA3tCqMnNbNqGx5XYGo.roa (raw, json)
Hash identifier: 1C+y1wJpXbQeoQMT2Lk9eVOD8ZpA0T4y5KhkvNpdhZE=
Subject key identifier: 63:2C:A9:2B:FD:BA:80:0D:ED:0A:A3:27:35:B3:6A:1B:1E:57:60:6A
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018D21AB01F129F259A41B938AB87557D1D2
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/YyypK_26gA3tCqMnNbNqGx5XYGo.roa
Signing time: Fri 19 Jan 2024 12:21:11 +0000
ROA not before: Fri 19 Jan 2024 12:21:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 2a07:3500:1240::/46 maxlen: 46
2a07:3500:12d0::/48 maxlen: 48
2a07:3500:12f8::/48 maxlen: 48
2a07:3500:15c0::/48 maxlen: 48
2a07:3500:1b90::/48 maxlen: 48
2a07:3501:1340::/48 maxlen: 48
2a07:3502:1060::/48 maxlen: 48
2a07:3502:10a1::/48 maxlen: 48
2a07:3502:10c0::/48 maxlen: 48
2a07:3502:11a0::/46 maxlen: 46
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:ab:01:f1:29:f2:59:a4:1b:93:8a:b8:75:57:d1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 19 12:21:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=632ca92bfdba800ded0aa32735b36a1b1e57606a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7e:75:81:c9:67:b9:ce:c7:3b:1c:6b:d6:eb:
32:a9:1b:bf:b4:4a:65:07:7f:8b:e7:56:1d:71:8e:
14:f6:15:72:bb:38:61:2f:62:cc:76:75:d4:28:42:
52:17:ee:b6:47:1d:6c:f8:f3:7e:d4:16:c7:b7:b0:
68:44:0e:d4:38:6e:12:a8:8b:2e:05:5a:e0:98:ea:
c3:e9:ba:2f:c2:f4:0f:82:b0:36:c8:13:cc:e7:23:
0e:a1:77:f7:ff:67:fa:d1:5b:4a:2d:47:72:6d:ff:
6c:50:d0:aa:34:b5:8b:9c:c3:89:c9:8a:1b:cd:24:
43:6a:81:34:ca:19:26:67:6d:91:96:88:2c:fa:74:
30:31:09:39:3f:15:ac:65:db:b7:e6:b1:60:ed:1e:
a6:76:ff:aa:50:95:d5:cd:5f:7e:7e:69:3c:36:e7:
34:b2:99:c2:3d:3b:16:bc:f5:93:e9:b5:f5:87:f8:
8a:02:b7:87:d8:e9:37:26:c0:aa:54:89:03:1b:77:
d7:68:40:48:47:2a:2e:46:3e:f4:04:a8:38:6e:a2:
95:0d:d7:f6:4a:1d:59:70:b5:10:b5:c1:a5:b3:0a:
f1:13:bf:24:d2:53:87:e3:44:ac:d7:73:d8:39:90:
93:5e:29:37:29:eb:e2:93:15:63:25:c4:2a:5c:38:
15:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2C:A9:2B:FD:BA:80:0D:ED:0A:A3:27:35:B3:6A:1B:1E:57:60:6A
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/YyypK_26gA3tCqMnNbNqGx5XYGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:1240::/46
2a07:3500:12d0::/48
2a07:3500:12f8::/48
2a07:3500:15c0::/48
2a07:3500:1b90::/48
2a07:3501:1340::/48
2a07:3502:1060::/48
2a07:3502:10a1::/48
2a07:3502:10c0::/48
2a07:3502:11a0::/46
Signature Algorithm: sha256WithRSAEncryption
46:00:c5:9b:d0:5a:0c:2d:94:f8:59:e6:19:2c:b8:bd:ec:33:
92:12:ab:ef:38:53:d7:79:27:fe:88:86:6e:58:ae:12:bb:70:
6f:e9:59:2f:2c:06:79:fa:49:61:45:10:fe:3c:aa:7d:81:0a:
09:28:52:56:ea:23:c7:77:ee:c2:2c:39:85:ea:23:0f:a1:57:
37:d8:73:d3:ab:31:4e:6c:5b:05:61:39:e9:2d:c8:66:70:93:
b1:b9:8f:78:2e:e5:2a:05:8e:1c:7f:e8:06:68:b0:ad:08:64:
2e:99:5f:dd:ce:84:0e:32:5c:b8:de:fe:48:d2:45:86:6e:a2:
d8:05:6e:29:bd:61:9b:44:8b:14:8c:3d:f2:89:dc:27:f7:ed:
66:91:5c:b8:20:b3:c0:d3:87:cb:ad:7c:e7:64:bf:89:26:14:
b8:a7:76:45:e3:28:25:91:93:d5:04:21:a4:4e:6b:3e:30:f7:
9d:56:6e:29:c7:7f:55:5e:44:39:0a:cc:25:67:62:f1:70:78:
71:22:77:27:eb:0c:72:60:a8:5b:3b:1c:03:41:43:e4:b8:48:
39:b7:d2:27:aa:37:d9:ee:54:15:37:60:d6:bc:06:65:14:90:
60:54:58:f1:3a:f9:36:3c:5a:fa:d4:da:8f:40:47:ba:c7:8d:
e6:5d:b9:bf
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY0hqwHxKfJZpBuTirh1V9HSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMTE5MTIyMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzJjYTkyYmZkYmE4MDBkZWQwYWEzMjczNWIzNmExYjFlNTc2MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn51gclnuc7HOxxr1usyqRu/tEpl
B3+L51YdcY4U9hVyuzhhL2LMdnXUKEJSF+62Rx1s+PN+1BbHt7BoRA7UOG4SqIsu
BVrgmOrD6bovwvQPgrA2yBPM5yMOoXf3/2f60VtKLUdybf9sUNCqNLWLnMOJyYob
zSRDaoE0yhkmZ22Rlogs+nQwMQk5PxWsZdu35rFg7R6mdv+qUJXVzV9+fmk8Nuc0
spnCPTsWvPWT6bX1h/iKAreH2Ok3JsCqVIkDG3fXaEBIRyouRj70BKg4bqKVDdf2
Sh1ZcLUQtcGlswrxE78k0lOH40Ss13PYOZCTXik3KevikxVjJcQqXDgVRwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFGMsqSv9uoAN7QqjJzWzahseV2BqMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvWXl5cEtfMjZnQTN0Q3FNbk5iTnFHeDVYWUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAAjBaAwcCKgc1ABJA
AwcAKgc1ABLQAwcAKgc1ABL4AwcAKgc1ABXAAwcAKgc1ABuQAwcAKgc1ARNAAwcA
Kgc1AhBgAwcAKgc1AhChAwcAKgc1AhDAAwcCKgc1AhGgMA0GCSqGSIb3DQEBCwUA
A4IBAQBGAMWb0FoMLZT4WeYZLLi97DOSEqvvOFPXeSf+iIZuWK4Su3Bv6VkvLAZ5
+klhRRD+PKp9gQoJKFJW6iPHd+7CLDmF6iMPoVc32HPTqzFObFsFYTnpLchmcJOx
uY94LuUqBY4cf+gGaLCtCGQumV/dzoQOMly43v5I0kWGbqLYBW4pvWGbRIsUjD3y
idwn9+1mkVy4ILPA04fLrXznZL+JJhS4p3ZF4yglkZPVBCGkTms+MPedVm4px39V
XkQ5CswlZ2LxcHhxIncn6wxyYKhbOxwDQUPkuEg5t9InqjfZ7lQVN2DWvAZlFJBg
VFjxOvk2PFr61NqPQEe6x43mXbm/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:45 2025 by rpki-client