Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d77ac4-dc66-434f-8423-c9e20ccd476f/1/Ypuf3qV0JE2AXfUrk2eNRiGtQN0.roa
File: Ypuf3qV0JE2AXfUrk2eNRiGtQN0.roa (raw, json)
Hash identifier: AxG4SgT0VS5arc9FHux7pFhrFyFYGK0/0AgX9zPeSBE=
Subject key identifier: 62:9B:9F:DE:A5:74:24:4D:80:5D:F5:2B:93:67:8D:46:21:AD:40:DD
Certificate issuer: /CN=b2b41d2f7d7d3857e075f2a4f2f9d3e044f2e536
Certificate serial: 0194258F9035F13D87DF93FC07DC73FA01CF
Authority key identifier: B2:B4:1D:2F:7D:7D:38:57:E0:75:F2:A4:F2:F9:D3:E0:44:F2:E5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/srQdL319OFfgdfKk8vnT4ETy5TY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d77ac4-dc66-434f-8423-c9e20ccd476f/1/Ypuf3qV0JE2AXfUrk2eNRiGtQN0.roa
Signing time: Thu 02 Jan 2025 05:49:12 +0000
ROA not before: Thu 02 Jan 2025 05:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15969
IP address blocks: 194.187.72.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:90:35:f1:3d:87:df:93:fc:07:dc:73:fa:01:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2b41d2f7d7d3857e075f2a4f2f9d3e044f2e536
Validity
Not Before: Jan 2 05:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=629b9fdea574244d805df52b93678d4621ad40dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b1:55:8d:a1:76:47:b8:32:13:d9:1c:2c:89:
25:96:d4:13:9c:b3:82:f5:b7:28:f8:2c:c2:9b:65:
05:56:2e:a1:36:f3:cc:ba:31:dc:f4:59:00:53:1e:
b0:52:a6:f6:83:96:81:0e:f7:54:2e:b2:54:51:00:
95:ec:0a:1a:d2:40:1a:99:86:02:2e:bd:f0:75:1c:
f3:f7:d9:5c:1e:10:4e:41:8f:ad:ee:07:83:16:0d:
97:81:89:28:0c:64:81:00:4d:ff:3c:60:e7:e2:13:
2d:86:72:aa:67:47:63:35:59:57:f9:89:8b:bc:00:
b1:c3:97:3c:b6:21:aa:fd:98:ce:75:3b:45:cb:ef:
df:61:ec:0b:f4:1f:40:0f:2b:b7:95:de:55:a5:12:
b2:7e:cd:82:ad:3b:1c:7c:0c:84:f9:0d:6e:19:b5:
b6:5f:ab:68:b0:58:6d:8d:a3:41:33:f6:75:19:c5:
cd:44:a1:f3:27:e8:42:6c:ab:b7:3b:cf:f9:d6:8b:
c9:21:b4:77:45:14:fb:c8:17:f6:ce:a4:78:7c:32:
ea:9c:7a:0a:a0:f4:d9:ee:74:62:24:57:5c:6d:4c:
d7:72:f9:d8:83:56:53:3c:99:14:17:70:34:e5:c9:
ab:7d:b8:2b:9a:a5:7a:9e:bc:72:3e:f6:76:a1:84:
25:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:9B:9F:DE:A5:74:24:4D:80:5D:F5:2B:93:67:8D:46:21:AD:40:DD
X509v3 Authority Key Identifier:
keyid:B2:B4:1D:2F:7D:7D:38:57:E0:75:F2:A4:F2:F9:D3:E0:44:F2:E5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/srQdL319OFfgdfKk8vnT4ETy5TY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d77ac4-dc66-434f-8423-c9e20ccd476f/1/Ypuf3qV0JE2AXfUrk2eNRiGtQN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d77ac4-dc66-434f-8423-c9e20ccd476f/1/srQdL319OFfgdfKk8vnT4ETy5TY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.72.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:09:ef:9c:57:a8:9d:a2:37:9b:10:51:4c:95:c7:2d:7d:37:
3b:32:0b:9f:20:b4:09:79:08:e3:66:fd:11:f0:ae:d9:74:08:
2c:5b:92:7e:13:49:6d:83:13:03:58:c0:2b:e4:be:2a:d1:c3:
07:00:25:2e:75:1f:3d:dd:a3:23:a5:f4:d7:c2:89:a0:03:b0:
75:a4:17:29:be:a9:db:c4:58:29:d6:77:0c:12:17:f1:69:44:
c1:e7:ab:a3:a2:e1:88:c0:ec:51:b0:d4:1b:f7:64:86:55:e2:
a8:7b:8b:b3:63:c1:1b:18:7b:6c:27:84:47:c3:33:60:ad:18:
3c:f0:c8:c4:03:07:ac:a4:3c:16:8e:5f:a8:a3:96:4a:7b:a4:
68:00:ef:08:de:d6:29:c2:35:6c:36:8e:81:94:fb:37:87:28:
51:97:3f:fe:6d:d3:96:0c:f2:79:da:a0:06:eb:d4:85:73:78:
1d:8c:72:03:1d:c0:74:ee:92:f2:ae:25:01:02:05:b7:5b:5f:
3c:fe:f3:b5:36:8f:6d:e5:67:02:9f:08:39:b9:f1:2b:ce:3f:
4b:49:2a:43:77:2a:8f:93:d7:71:20:96:9b:e0:65:10:03:7c:
e4:7e:7f:d6:44:f5:29:6e:37:f5:38:0e:da:17:ac:44:97:a2:
8d:e3:c5:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5A18T2H35P8B9xz+gHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYjQxZDJmN2Q3ZDM4NTdlMDc1ZjJhNGYyZjlkM2UwNDRm
MmU1MzYwHhcNMjUwMTAyMDU0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjliOWZkZWE1NzQyNDRkODA1ZGY1MmI5MzY3OGQ0NjIxYWQ0MGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7FVjaF2R7gyE9kcLIklltQTnLOC
9bco+CzCm2UFVi6hNvPMujHc9FkAUx6wUqb2g5aBDvdULrJUUQCV7Aoa0kAamYYC
Lr3wdRzz99lcHhBOQY+t7geDFg2XgYkoDGSBAE3/PGDn4hMthnKqZ0djNVlX+YmL
vACxw5c8tiGq/ZjOdTtFy+/fYewL9B9ADyu3ld5VpRKyfs2CrTscfAyE+Q1uGbW2
X6tosFhtjaNBM/Z1GcXNRKHzJ+hCbKu3O8/51ovJIbR3RRT7yBf2zqR4fDLqnHoK
oPTZ7nRiJFdcbUzXcvnYg1ZTPJkUF3A05cmrfbgrmqV6nrxyPvZ2oYQlwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKbn96ldCRNgF31K5NnjUYhrUDdMB8GA1UdIwQY
MBaAFLK0HS99fThX4HXypPL50+BE8uU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3JRZEwzMTlPRmZnZGZLazh2blQ0RVR5NVRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kNzdhYzQtZGM2Ni00MzRmLTg0MjMt
YzllMjBjY2Q0NzZmLzEvWXB1ZjNxVjBKRTJBWGZVcmsyZU5SaUd0UU4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kNzdhYzQtZGM2Ni00MzRmLTg0MjMtYzllMjBjY2Q0NzZm
LzEvc3JRZEwzMTlPRmZnZGZLazh2blQ0RVR5NVRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwrtIMA0G
CSqGSIb3DQEBCwUAA4IBAQC6Ce+cV6idojebEFFMlcctfTc7MgufILQJeQjjZv0R
8K7ZdAgsW5J+E0ltgxMDWMAr5L4q0cMHACUudR893aMjpfTXwomgA7B1pBcpvqnb
xFgp1ncMEhfxaUTB56ujouGIwOxRsNQb92SGVeKoe4uzY8EbGHtsJ4RHwzNgrRg8
8MjEAwespDwWjl+oo5ZKe6RoAO8I3tYpwjVsNo6BlPs3hyhRlz/+bdOWDPJ52qAG
69SFc3gdjHIDHcB07pLyriUBAgW3W188/vO1No9t5WcCnwg5ufErzj9LSSpDdyqP
k9dxIJab4GUQA3zkfn/WRPUpbjf1OA7aF6xEl6KN48XA
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:09 2025 by rpki-client