Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yoFOLF5gnOJs4CnaZwazRNB-d1s.roa
File: yoFOLF5gnOJs4CnaZwazRNB-d1s.roa (raw, json)
Hash identifier: B/rm8rWnTmzgRx4rsbLx0IImrc1ooGLDUcscA7N/SF8=
Subject key identifier: CA:81:4E:2C:5E:60:9C:E2:6C:E0:29:DA:67:06:B3:44:D0:7E:77:5B
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019423D715FC5223E23EB57CFF42B05B5C32
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yoFOLF5gnOJs4CnaZwazRNB-d1s.roa
Signing time: Wed 01 Jan 2025 21:48:05 +0000
ROA not before: Wed 01 Jan 2025 21:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62410
IP address blocks: 2a0e:d604::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:15:fc:52:23:e2:3e:b5:7c:ff:42:b0:5b:5c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 21:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca814e2c5e609ce26ce029da6706b344d07e775b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7d:f0:01:c3:27:2b:26:e3:9e:35:5f:af:c6:
f6:3a:6b:86:22:bd:e5:e4:48:e8:af:e3:88:0d:c3:
cd:46:93:9b:1b:46:a8:3f:c3:d0:bf:3a:a0:a5:17:
b3:19:94:fd:67:c4:32:bc:e5:b7:d8:9a:60:a0:b3:
1d:48:d8:c9:62:04:99:da:bf:15:07:54:99:84:33:
c1:c2:77:4d:3c:e8:71:5c:9a:df:62:89:20:0f:79:
f0:78:ad:9d:d6:ad:fb:db:f3:99:ae:78:bd:49:b6:
97:12:c3:41:4b:bb:98:42:ec:af:ea:c7:d2:82:93:
03:6f:9d:2f:fc:c3:f3:54:a6:58:e5:86:38:7b:e6:
19:ff:1c:5e:6e:5c:45:93:e3:ba:2b:90:12:54:36:
85:9b:89:b9:cf:78:c8:50:7c:33:13:22:60:0d:85:
97:29:d7:b7:54:cc:50:4d:9c:0d:e3:c3:ea:74:af:
05:7d:0f:d9:2f:38:5c:70:a3:f9:a1:69:b2:b6:68:
09:17:c5:06:70:fb:97:c2:47:54:c6:d6:88:07:0f:
7e:2f:da:e2:44:8e:61:0f:64:3e:71:74:15:0d:4a:
a0:0d:86:87:a0:fb:fa:5e:24:60:d2:35:be:19:3b:
2d:d5:15:ed:61:d6:16:65:6e:7a:f1:2f:18:7c:2a:
53:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:81:4E:2C:5E:60:9C:E2:6C:E0:29:DA:67:06:B3:44:D0:7E:77:5B
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/yoFOLF5gnOJs4CnaZwazRNB-d1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d604::/48
Signature Algorithm: sha256WithRSAEncryption
7a:cb:73:66:9f:6e:7e:0f:32:e1:89:14:fa:25:29:ba:83:b8:
fe:76:38:cc:2a:c0:24:d7:86:67:da:4d:93:04:e2:2c:84:48:
1c:0c:c6:ef:64:ee:e4:df:95:c4:02:19:ef:1f:16:26:67:ac:
8c:a4:ca:9c:35:55:b7:1d:47:32:57:4d:16:25:9d:ed:5d:21:
22:6d:4b:a2:96:2b:9e:dd:0c:87:3c:a7:77:1d:79:fa:bc:11:
34:d5:bf:10:8d:c6:7c:05:fb:1e:58:d9:e3:dd:43:20:22:76:
2d:a4:7e:19:10:75:b3:6a:31:c8:90:e7:26:e1:6c:ed:e5:47:
92:6c:af:73:0d:4b:ab:56:0b:1f:a9:d8:44:76:07:87:ea:11:
09:77:c1:dd:18:31:75:d7:f8:df:c2:62:6a:5c:13:8e:87:97:
02:f2:16:e8:f9:b4:ae:e7:46:78:ff:ca:64:58:e0:5d:9b:08:
3c:3a:57:a2:79:15:e7:82:57:ca:8b:11:7b:19:4a:fe:c0:90:
21:ec:69:39:32:27:10:26:3b:8f:5b:81:1c:29:aa:11:b2:4e:
05:c4:ae:b8:f3:4b:b3:1c:6a:0d:ac:c7:7c:db:d8:7d:6e:33:
42:cd:78:73:07:04:dd:ff:59:59:62:a2:11:63:89:72:ca:15:
a6:13:38:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1xX8UiPiPrV8/0KwW1wyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwMTAxMjE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTgxNGUyYzVlNjA5Y2UyNmNlMDI5ZGE2NzA2YjM0NGQwN2U3NzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr33wAcMnKybjnjVfr8b2OmuGIr3l
5Ejor+OIDcPNRpObG0aoP8PQvzqgpRezGZT9Z8QyvOW32JpgoLMdSNjJYgSZ2r8V
B1SZhDPBwndNPOhxXJrfYokgD3nweK2d1q372/OZrni9SbaXEsNBS7uYQuyv6sfS
gpMDb50v/MPzVKZY5YY4e+YZ/xxeblxFk+O6K5ASVDaFm4m5z3jIUHwzEyJgDYWX
Kde3VMxQTZwN48PqdK8FfQ/ZLzhccKP5oWmytmgJF8UGcPuXwkdUxtaIBw9+L9ri
RI5hD2Q+cXQVDUqgDYaHoPv6XiRg0jW+GTst1RXtYdYWZW568S8YfCpTTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMqBTixeYJzibOAp2mcGs0TQfndbMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEveW9GT0xGNWduT0pzNENuYVp3YXpSTkItZDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7WBAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB6y3Nmn25+DzLhiRT6JSm6g7j+djjMKsAk14Zn
2k2TBOIshEgcDMbvZO7k35XEAhnvHxYmZ6yMpMqcNVW3HUcyV00WJZ3tXSEibUui
liue3QyHPKd3HXn6vBE01b8QjcZ8BfseWNnj3UMgInYtpH4ZEHWzajHIkOcm4Wzt
5UeSbK9zDUurVgsfqdhEdgeH6hEJd8HdGDF11/jfwmJqXBOOh5cC8hbo+bSu50Z4
/8pkWOBdmwg8OleieRXnglfKixF7GUr+wJAh7Gk5MicQJjuPW4EcKaoRsk4FxK64
80uzHGoNrMd829h9bjNCzXhzBwTd/1lZYqIRY4lyyhWmEzhT
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:59:25 2025 by rpki-client