Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/yCu0qXLroHa-uvUpKWPoBDUbw7g.roa
File: yCu0qXLroHa-uvUpKWPoBDUbw7g.roa (raw, json)
Hash identifier: /v4EBHqO51xrU73pnqmkUPUdNSVLhSB/7ZsVYORcZ+4=
Subject key identifier: C8:2B:B4:A9:72:EB:A0:76:BE:BA:F5:29:29:63:E8:04:35:1B:C3:B8
Certificate issuer: /CN=bf4d1747f35c0cd6b25f0b0a0e68d0442c93914c
Certificate serial: 019424454DB3471C23557E7279C474A8AC8C
Authority key identifier: BF:4D:17:47:F3:5C:0C:D6:B2:5F:0B:0A:0E:68:D0:44:2C:93:91:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v00XR_NcDNayXwsKDmjQRCyTkUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/yCu0qXLroHa-uvUpKWPoBDUbw7g.roa
Signing time: Wed 01 Jan 2025 23:48:29 +0000
ROA not before: Wed 01 Jan 2025 23:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41283
IP address blocks: 195.74.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:4d:b3:47:1c:23:55:7e:72:79:c4:74:a8:ac:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf4d1747f35c0cd6b25f0b0a0e68d0442c93914c
Validity
Not Before: Jan 1 23:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c82bb4a972eba076bebaf5292963e804351bc3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:30:f6:bd:5a:98:b4:1f:c5:55:fb:32:75:d1:
43:55:ea:a0:83:e2:7a:f0:bf:45:c1:48:c0:0f:e8:
46:2a:9d:35:ce:55:f8:a8:d0:54:c8:7e:f3:23:a8:
bd:70:72:2b:74:6b:ce:ea:f3:6c:6f:b5:6b:d7:ff:
68:20:d3:8d:ba:b8:23:81:79:7b:17:43:c2:f8:76:
1b:44:3e:44:5c:3f:c5:06:2a:6c:79:cb:97:81:58:
24:76:40:1d:ca:81:76:25:7a:10:a6:ff:42:20:c4:
8b:84:ec:a5:f8:cc:64:ff:b0:30:ee:34:4c:9e:49:
1c:83:04:27:0c:f9:f6:04:4a:14:9f:1e:8e:ca:b9:
55:99:ba:87:f1:9f:f2:a6:06:87:cd:5c:29:2b:ac:
c2:79:f4:bf:87:11:7e:88:a9:e5:70:c8:09:f1:8f:
16:26:46:ed:22:39:3b:3e:c3:1a:c9:18:d2:9d:82:
e6:1f:39:13:7b:79:3f:41:5d:77:60:8a:2c:f3:5b:
b2:37:c9:ef:e0:be:a8:fc:b7:4e:81:c0:e9:9a:6a:
a1:05:91:e0:06:44:61:06:79:35:bc:1a:3f:65:6d:
31:a0:61:ff:5a:c8:d7:61:3a:f0:27:a0:e3:5a:73:
3d:ca:22:1f:ab:ee:1d:0d:b3:c3:aa:70:38:cb:13:
af:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:2B:B4:A9:72:EB:A0:76:BE:BA:F5:29:29:63:E8:04:35:1B:C3:B8
X509v3 Authority Key Identifier:
keyid:BF:4D:17:47:F3:5C:0C:D6:B2:5F:0B:0A:0E:68:D0:44:2C:93:91:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v00XR_NcDNayXwsKDmjQRCyTkUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/yCu0qXLroHa-uvUpKWPoBDUbw7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9eb64a-939c-4584-987e-7f19e8c8b83d/1/v00XR_NcDNayXwsKDmjQRCyTkUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.74.67.0/24
Signature Algorithm: sha256WithRSAEncryption
50:20:b5:70:a9:2c:df:95:f7:dd:a9:e8:ab:b4:08:41:bf:10:
01:9d:4d:24:3b:b2:95:e6:b9:c3:0c:7f:16:fb:99:ba:06:5c:
7b:77:ad:3b:49:1c:59:87:27:88:d8:7a:ef:26:74:9d:bc:37:
f4:46:c5:9d:95:19:37:6c:50:f7:16:6f:a6:17:58:92:80:29:
b4:c7:a4:10:02:0b:02:ec:06:30:31:b8:8b:06:3d:4b:ef:f0:
39:83:c2:58:72:a1:a1:14:8a:74:ca:73:31:bd:29:91:8d:d6:
2c:51:00:75:48:39:90:a1:5b:4b:15:c3:16:8a:09:d6:4b:22:
f3:04:42:2d:db:0d:6e:b3:4c:d4:5b:b4:5b:75:d0:c9:77:e6:
a2:72:99:c1:51:e7:5d:d6:8f:25:b1:ba:de:0c:ae:ae:5a:7e:
b7:ec:26:6e:9f:55:d3:02:a1:68:e0:51:43:1c:0a:a7:6c:00:
16:85:07:6a:72:d6:38:b0:fa:04:82:aa:7f:0e:91:38:42:f6:
b0:91:75:68:d9:8d:1f:10:61:db:d2:db:82:57:df:06:a0:88:
34:48:6d:5e:fa:d4:21:e1:ea:c9:a9:8d:b3:78:90:b1:b9:0a:
d0:23:cc:51:eb:4c:6f:35:b9:95:cc:4c:e5:2f:07:7d:49:d4:
08:44:2e:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRU2zRxwjVX5yecR0qKyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNGQxNzQ3ZjM1YzBjZDZiMjVmMGIwYTBlNjhkMDQ0MmM5
MzkxNGMwHhcNMjUwMTAxMjM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODJiYjRhOTcyZWJhMDc2YmViYWY1MjkyOTYzZTgwNDM1MWJjM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4TD2vVqYtB/FVfsyddFDVeqgg+J6
8L9FwUjAD+hGKp01zlX4qNBUyH7zI6i9cHIrdGvO6vNsb7Vr1/9oINONurgjgXl7
F0PC+HYbRD5EXD/FBipsecuXgVgkdkAdyoF2JXoQpv9CIMSLhOyl+Mxk/7Aw7jRM
nkkcgwQnDPn2BEoUnx6OyrlVmbqH8Z/ypgaHzVwpK6zCefS/hxF+iKnlcMgJ8Y8W
JkbtIjk7PsMayRjSnYLmHzkTe3k/QV13YIos81uyN8nv4L6o/LdOgcDpmmqhBZHg
BkRhBnk1vBo/ZW0xoGH/WsjXYTrwJ6DjWnM9yiIfq+4dDbPDqnA4yxOvbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgrtKly66B2vrr1KSlj6AQ1G8O4MB8GA1UdIwQY
MBaAFL9NF0fzXAzWsl8LCg5o0EQsk5FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjAwWFJfTmNETmF5WHdzS0RtalFSQ3lUa1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85ZWI2NGEtOTM5Yy00NTg0LTk4N2Ut
N2YxOWU4YzhiODNkLzEveUN1MHFYTHJvSGEtdXZVcEtXUG9CRFVidzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85ZWI2NGEtOTM5Yy00NTg0LTk4N2UtN2YxOWU4YzhiODNk
LzEvdjAwWFJfTmNETmF5WHdzS0RtalFSQ3lUa1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0pDMA0G
CSqGSIb3DQEBCwUAA4IBAQBQILVwqSzflffdqeirtAhBvxABnU0kO7KV5rnDDH8W
+5m6Blx7d607SRxZhyeI2HrvJnSdvDf0RsWdlRk3bFD3Fm+mF1iSgCm0x6QQAgsC
7AYwMbiLBj1L7/A5g8JYcqGhFIp0ynMxvSmRjdYsUQB1SDmQoVtLFcMWignWSyLz
BEIt2w1us0zUW7RbddDJd+aicpnBUedd1o8lsbreDK6uWn637CZun1XTAqFo4FFD
HAqnbAAWhQdqctY4sPoEgqp/DpE4QvawkXVo2Y0fEGHb0tuCV98GoIg0SG1e+tQh
4erJqY2zeJCxuQrQI8xR60xvNbmVzEzlLwd9SdQIRC5c
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:49:17 2025 by rpki-client