Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/rYYW7WMqtpYi4D6CLqrYoLO5mNg.roa
File: rYYW7WMqtpYi4D6CLqrYoLO5mNg.roa (raw, json)
Hash identifier: f6/pTbyCuVSw0vzY+a+MjWpCCLP6pCY1EIIjbucvXHc=
Subject key identifier: AD:86:16:ED:63:2A:B6:96:22:E0:3E:82:2E:AA:D8:A0:B3:B9:98:D8
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 019425FDB2B1DEC3118B2A821B543CF330FB
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/rYYW7WMqtpYi4D6CLqrYoLO5mNg.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31736
IP address blocks: 192.162.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b2:b1:de:c3:11:8b:2a:82:1b:54:3c:f3:30:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad8616ed632ab69622e03e822eaad8a0b3b998d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:94:61:e0:53:f9:fb:41:99:db:c9:1d:47:f4:
3a:e5:ef:ce:be:57:bf:52:c7:6a:57:a8:9a:80:2b:
0c:b6:61:a2:41:56:59:39:46:1b:1d:ab:25:83:b9:
4d:63:5d:80:cb:15:71:ab:31:65:ec:d7:f3:17:fe:
14:bf:3f:58:3a:f4:75:ce:85:18:a2:65:67:e3:52:
51:7e:80:de:9f:72:22:89:ec:7a:76:11:6a:0e:72:
59:31:b2:d7:5f:35:d0:f1:ab:bb:7f:83:be:95:bb:
46:14:5e:2b:cd:c6:3f:6f:ae:cd:f3:ae:a8:da:b6:
cb:25:9d:7c:fb:a3:61:d6:15:e4:96:4b:88:fd:18:
bc:c9:ad:b6:37:b5:47:74:e0:7b:3b:30:15:ae:79:
cd:ee:86:c5:a3:10:0d:98:b5:16:04:0d:0b:a9:9e:
ae:c7:a3:e1:6d:67:c2:6c:18:03:57:f7:9e:ff:d3:
69:a0:d0:f5:78:49:9e:13:2d:c0:90:11:ea:be:e4:
9d:da:32:31:72:96:ba:16:1d:95:d6:0f:fd:0a:38:
be:97:68:a6:82:ba:db:48:8b:82:5c:97:23:9a:05:
44:ae:ab:5e:c4:2b:17:77:33:7e:da:f5:e6:34:bd:
cf:e2:d4:f4:65:5e:72:a0:65:e8:61:a5:9c:d7:8e:
1d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:86:16:ED:63:2A:B6:96:22:E0:3E:82:2E:AA:D8:A0:B3:B9:98:D8
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/rYYW7WMqtpYi4D6CLqrYoLO5mNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.28.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:0e:94:28:76:09:e1:cd:8d:c4:7b:d1:04:26:f5:6b:5f:33:
8a:59:72:35:8c:4d:8f:b1:62:10:5d:e5:9d:bf:a8:85:eb:8b:
df:3e:5b:b2:96:75:95:1f:00:1d:87:c7:dd:fb:ff:5e:0c:72:
bd:06:52:1e:0d:f9:1e:eb:3f:b4:c1:c9:3a:c0:b0:f4:2d:99:
7f:ba:98:f2:5d:21:cd:c9:3c:7b:50:df:28:75:f6:65:2a:bb:
c9:4c:f5:59:4a:90:7b:7f:78:6c:28:f5:d6:fa:85:b8:6b:45:
76:2e:8e:48:b2:7f:62:40:0a:14:af:d1:4d:52:0a:15:5b:97:
1e:de:fa:5b:9e:7a:8e:06:1c:e1:e4:c8:0d:32:c7:42:98:45:
cc:39:f7:6e:ee:7b:df:12:83:97:81:75:b2:b6:9b:41:d2:7b:
c3:af:15:e2:1f:6c:1c:2b:bf:65:bf:b7:7e:8e:56:81:65:5e:
db:2e:da:b5:b7:ad:f0:e0:6b:fa:87:f4:d1:1e:ad:22:47:e8:
45:a2:05:e8:b2:2a:56:a6:bc:3e:5b:45:f2:6b:81:96:41:b3:
b8:12:8a:b2:3a:c2:ff:72:88:45:7a:a4:ec:ca:e2:d9:aa:b2:
04:a4:54:9a:10:31:aa:a8:ed:e6:13:2b:27:22:af:9e:87:44:
b2:d6:61:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/bKx3sMRiyqCG1Q88zD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDg2MTZlZDYzMmFiNjk2MjJlMDNlODIyZWFhZDhhMGIzYjk5OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZRh4FP5+0GZ28kdR/Q65e/Ovle/
UsdqV6iagCsMtmGiQVZZOUYbHaslg7lNY12AyxVxqzFl7NfzF/4Uvz9YOvR1zoUY
omVn41JRfoDen3Iiiex6dhFqDnJZMbLXXzXQ8au7f4O+lbtGFF4rzcY/b67N866o
2rbLJZ18+6Nh1hXklkuI/Ri8ya22N7VHdOB7OzAVrnnN7obFoxANmLUWBA0LqZ6u
x6PhbWfCbBgDV/ee/9NpoND1eEmeEy3AkBHqvuSd2jIxcpa6Fh2V1g/9Cji+l2im
grrbSIuCXJcjmgVErqtexCsXdzN+2vXmNL3P4tT0ZV5yoGXoYaWc144d6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2GFu1jKraWIuA+gi6q2KCzuZjYMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvcllZVzdXTXF0cFlpNEQ2Q0xxcllvTE81bU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKIcMA0G
CSqGSIb3DQEBCwUAA4IBAQBLDpQodgnhzY3Ee9EEJvVrXzOKWXI1jE2PsWIQXeWd
v6iF64vfPluylnWVHwAdh8fd+/9eDHK9BlIeDfke6z+0wck6wLD0LZl/upjyXSHN
yTx7UN8odfZlKrvJTPVZSpB7f3hsKPXW+oW4a0V2Lo5Isn9iQAoUr9FNUgoVW5ce
3vpbnnqOBhzh5MgNMsdCmEXMOfdu7nvfEoOXgXWytptB0nvDrxXiH2wcK79lv7d+
jlaBZV7bLtq1t63w4Gv6h/TRHq0iR+hFogXosipWprw+W0Xya4GWQbO4EoqyOsL/
cohFeqTsyuLZqrIEpFSaEDGqqO3mEysnIq+eh0Sy1mGF
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:16:33 2025 by rpki-client