Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/yXZ12XRcDVZFTjIQrxejNWTSmTM.roa
File: yXZ12XRcDVZFTjIQrxejNWTSmTM.roa (raw, json)
Hash identifier: 5xbUcQBn+cV95EhL7+UNHfjSjfApXedHuP6i9RPoS5w=
Subject key identifier: C9:76:75:D9:74:5C:0D:56:45:4E:32:10:AF:17:A3:35:64:D2:99:33
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01942824238BD3CEEDBADD60FDE78BB9BDA9
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/yXZ12XRcDVZFTjIQrxejNWTSmTM.roa
Signing time: Thu 02 Jan 2025 17:50:44 +0000
ROA not before: Thu 02 Jan 2025 17:50:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34754
IP address blocks: 78.142.44.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:23:8b:d3:ce:ed:ba:dd:60:fd:e7:8b:b9:bd:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 2 17:50:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c97675d9745c0d56454e3210af17a33564d29933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e6:5e:ea:fd:d5:12:7f:f6:d9:8e:57:20:b8:
70:c8:f9:96:3d:3f:f0:ed:91:f0:ef:c7:45:f4:b0:
6c:ef:a1:d8:a4:47:8d:a1:8b:7b:68:e1:de:1a:80:
7a:b3:52:d5:31:ab:63:25:5f:49:ef:de:88:4a:e4:
5b:ad:53:43:ed:36:c5:0b:72:55:f4:20:1d:e4:c9:
c7:6e:8c:64:a1:64:54:81:36:da:95:fa:70:5f:e5:
13:be:8b:33:64:5f:c3:45:33:66:ed:fb:2a:a4:b2:
74:3c:d3:c8:94:71:b9:02:35:60:67:41:a6:62:fc:
41:2b:e3:ca:c0:fc:c6:8e:2e:85:01:fe:c8:d7:c8:
48:09:90:b7:4f:11:84:43:03:25:9f:c6:0c:12:ea:
00:e0:e7:32:b0:64:3f:2f:e5:b8:52:2a:cb:c6:4c:
fa:cb:52:7a:7f:0e:9e:6d:8f:4d:5c:15:03:69:6e:
21:4c:19:6d:64:00:ae:2a:43:96:fa:1e:5f:2f:80:
cb:57:08:27:cb:59:6d:33:aa:52:d3:b6:41:de:e6:
aa:dc:df:b2:39:73:14:31:8b:b4:ab:ae:2b:c3:ad:
82:c5:a6:25:29:61:83:fd:5e:d4:b7:fd:28:e4:35:
c0:ae:19:33:36:c1:c9:18:08:5d:2c:26:51:3b:df:
35:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:76:75:D9:74:5C:0D:56:45:4E:32:10:AF:17:A3:35:64:D2:99:33
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/yXZ12XRcDVZFTjIQrxejNWTSmTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.44.0/23
Signature Algorithm: sha256WithRSAEncryption
75:5d:be:14:5c:04:eb:16:54:b8:cf:da:da:36:9a:5e:9f:d2:
c4:38:6c:d8:42:c7:6c:0c:04:a5:15:ec:e3:9d:eb:df:b9:77:
55:a9:83:81:0b:44:bf:53:22:96:6f:b5:3a:bb:c6:c5:b5:f4:
75:3c:73:e5:77:5c:cf:da:10:df:a6:57:cf:b9:4b:58:28:1a:
97:d7:34:22:e3:1e:96:91:06:11:a4:07:a4:df:68:87:f8:cd:
b4:a3:9d:4d:be:5b:cf:3c:70:9f:5b:c8:2f:55:98:4c:00:b0:
0a:15:c0:49:ed:9c:71:a2:da:bf:97:b6:39:15:d0:15:cd:34:
23:c1:fc:29:45:cc:c7:78:58:f9:8e:49:68:f3:1b:28:76:c4:
3c:42:d6:88:2c:34:9c:2f:a4:5c:09:99:97:ca:ba:b5:41:b3:
9c:9d:d0:fa:0a:b8:14:ff:6e:47:2b:0b:f8:ef:b9:12:f0:7f:
5a:cd:81:1d:b5:c8:4d:a7:d1:da:00:e2:0a:69:8d:75:ae:0f:
3e:ac:99:08:8d:5a:d5:1d:79:6d:28:7c:51:7d:02:1b:8e:ac:
2e:76:02:7a:01:a6:2b:14:33:34:63:d4:f9:c4:75:aa:2f:7e:
d6:96:b7:71:39:8e:f0:ae:f2:6e:2c:ac:39:40:2e:19:02:64:
ef:95:0a:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJCOL087tut1g/eeLub2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTAyMTc1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTc2NzVkOTc0NWMwZDU2NDU0ZTMyMTBhZjE3YTMzNTY0ZDI5OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOZe6v3VEn/22Y5XILhwyPmWPT/w
7ZHw78dF9LBs76HYpEeNoYt7aOHeGoB6s1LVMatjJV9J796ISuRbrVND7TbFC3JV
9CAd5MnHboxkoWRUgTbalfpwX+UTvoszZF/DRTNm7fsqpLJ0PNPIlHG5AjVgZ0Gm
YvxBK+PKwPzGji6FAf7I18hICZC3TxGEQwMln8YMEuoA4OcysGQ/L+W4UirLxkz6
y1J6fw6ebY9NXBUDaW4hTBltZACuKkOW+h5fL4DLVwgny1ltM6pS07ZB3uaq3N+y
OXMUMYu0q64rw62CxaYlKWGD/V7Ut/0o5DXArhkzNsHJGAhdLCZRO981FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMl2ddl0XA1WRU4yEK8XozVk0pkzMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEveVhaMTJYUmNEVlpGVGpJUXJ4ZWpOV1RTbVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTo4sMA0G
CSqGSIb3DQEBCwUAA4IBAQB1Xb4UXATrFlS4z9raNppen9LEOGzYQsdsDASlFezj
nevfuXdVqYOBC0S/UyKWb7U6u8bFtfR1PHPld1zP2hDfplfPuUtYKBqX1zQi4x6W
kQYRpAek32iH+M20o51NvlvPPHCfW8gvVZhMALAKFcBJ7Zxxotq/l7Y5FdAVzTQj
wfwpRczHeFj5jklo8xsodsQ8QtaILDScL6RcCZmXyrq1QbOcndD6CrgU/25HKwv4
77kS8H9azYEdtchNp9HaAOIKaY11rg8+rJkIjVrVHXltKHxRfQIbjqwudgJ6AaYr
FDM0Y9T5xHWqL37WlrdxOY7wrvJuLKw5QC4ZAmTvlQrC
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:46 2025 by rpki-client