Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/YEkdmh9CaJXt7N2ax1geQw9ageI.roa
File: YEkdmh9CaJXt7N2ax1geQw9ageI.roa (raw, json)
Hash identifier: Ye5cS/oezjlOguILOyBIPwzKe5qd9kvexRXxaVrsprs=
Subject key identifier: 60:49:1D:9A:1F:42:68:95:ED:EC:DD:9A:C7:58:1E:43:0F:5A:81:E2
Certificate issuer: /CN=f74444a0867fcca9a3569c1fd092133546a37f4b
Certificate serial: 05AF7EA3
Authority key identifier: F7:44:44:A0:86:7F:CC:A9:A3:56:9C:1F:D0:92:13:35:46:A3:7F:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/90REoIZ_zKmjVpwf0JITNUajf0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/YEkdmh9CaJXt7N2ax1geQw9ageI.roa
Signing time: Sat 01 Jan 2022 06:05:21 +0000
ROA not before: Sat 01 Jan 2022 06:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197422
IP address blocks: 2001:67c:2608::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95387299 (0x5af7ea3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f74444a0867fcca9a3569c1fd092133546a37f4b
Validity
Not Before: Jan 1 06:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60491d9a1f426895edecdd9ac7581e430f5a81e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:84:30:a8:5e:12:bf:a7:5c:3e:9e:c4:94:19:
2b:88:f1:08:cd:22:f7:c7:3d:1f:05:ed:79:ed:be:
c4:0a:71:c4:2e:c8:48:ed:63:67:21:ab:b7:78:e2:
fb:42:d2:f1:10:30:d2:97:43:5a:88:7a:fe:e5:84:
89:a8:3f:0c:3c:e4:1c:20:d2:94:c8:3c:51:40:10:
49:94:6a:22:38:9e:ad:08:31:0f:2d:34:d1:03:51:
20:32:17:9a:ed:2b:78:d7:17:d9:e0:69:3a:30:37:
28:2e:c7:ea:a7:e0:3d:1a:4a:cb:c3:f1:0f:e6:83:
f4:3c:5c:2d:cc:a4:8a:cd:91:39:33:09:84:9b:4c:
6f:65:c0:ba:73:d7:a1:9a:a8:db:eb:43:eb:fb:a7:
27:e5:cd:5d:1b:6f:a2:2d:e8:5e:ca:44:6b:da:2c:
f2:52:f4:02:63:07:64:7e:33:87:3b:9a:53:3f:84:
fc:a1:67:08:57:db:2e:cc:e4:13:51:d8:a6:9a:8a:
df:8b:16:1a:30:8b:64:95:8f:a7:86:df:37:59:d7:
29:68:19:93:f3:a2:62:91:64:14:23:80:00:9e:de:
4e:2e:ce:04:1a:c2:6c:8d:e0:ce:2a:f2:27:9a:f3:
49:58:42:5f:c7:b1:d0:07:1c:55:b6:de:3c:6d:ad:
9e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:49:1D:9A:1F:42:68:95:ED:EC:DD:9A:C7:58:1E:43:0F:5A:81:E2
X509v3 Authority Key Identifier:
keyid:F7:44:44:A0:86:7F:CC:A9:A3:56:9C:1F:D0:92:13:35:46:A3:7F:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/90REoIZ_zKmjVpwf0JITNUajf0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/YEkdmh9CaJXt7N2ax1geQw9ageI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/f64053-b938-4c51-8ec5-5d25244e4aad/1/90REoIZ_zKmjVpwf0JITNUajf0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2608::/48
Signature Algorithm: sha256WithRSAEncryption
1d:bf:24:78:eb:e0:ab:89:7b:85:d8:7e:9e:36:88:95:bd:8d:
a1:eb:76:01:05:6f:df:04:47:45:1c:13:51:b7:8b:ed:bb:8d:
e7:59:25:d3:8d:a5:c7:0d:8b:36:01:6f:9c:67:80:99:c9:2e:
2e:85:d6:00:b4:15:e7:d0:85:cc:e2:f0:be:98:d7:45:fd:b0:
5f:f6:7c:c3:32:21:86:18:99:51:35:38:9f:e4:a4:df:70:15:
72:8a:e7:af:73:ba:7f:28:d3:6f:72:25:87:3e:2e:5a:ee:67:
a4:ad:72:af:63:7a:c5:bc:6a:67:2c:80:c4:f9:57:0c:27:69:
42:c1:03:19:1a:5c:c5:d3:3b:0c:9d:91:c4:9e:69:af:09:75:
51:fc:ad:b1:53:34:4f:01:da:aa:7e:f7:84:ec:81:cb:ff:2e:
e4:1e:fd:f2:f4:e5:7c:16:54:e8:b4:4a:41:02:02:42:ee:97:
b6:44:7f:e9:b8:4c:97:5f:04:07:4b:76:1d:30:10:dd:62:ba:
12:42:eb:14:8a:7e:3d:a5:fe:36:cf:34:f0:8d:db:e1:54:01:
21:73:f6:a8:f8:ed:98:9a:ba:e6:c4:73:11:c6:40:e4:61:7e:
50:0c:a0:d1:b5:0b:42:56:86:98:ea:60:f6:f0:d2:78:3c:b6:
8b:70:dc:97
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBa9+ozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzQ0NDRhMDg2N2ZjY2E5YTM1NjljMWZkMDkyMTMzNTQ2YTM3ZjRiMB4XDTIyMDEw
MTA2MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjA0OTFkOWExZjQy
Njg5NWVkZWNkZDlhYzc1ODFlNDMwZjVhODFlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCEMKheEr+nXD6exJQZK4jxCM0i98c9HwXtee2+xApxxC7I
SO1jZyGrt3ji+0LS8RAw0pdDWoh6/uWEiag/DDzkHCDSlMg8UUAQSZRqIjierQgx
Dy000QNRIDIXmu0reNcX2eBpOjA3KC7H6qfgPRpKy8PxD+aD9DxcLcykis2ROTMJ
hJtMb2XAunPXoZqo2+tD6/unJ+XNXRtvoi3oXspEa9os8lL0AmMHZH4zhzuaUz+E
/KFnCFfbLszkE1HYppqK34sWGjCLZJWPp4bfN1nXKWgZk/OiYpFkFCOAAJ7eTi7O
BBrCbI3gziryJ5rzSVhCX8ex0AccVbbePG2tnjsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBRgSR2aH0Jole3s3ZrHWB5DD1qB4jAfBgNVHSMEGDAWgBT3RESghn/MqaNW
nB/QkhM1RqN/SzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkwUkVvSVpfekttalZwd2YwSklUTlVhamYwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvZjY0MDUzLWI5MzgtNGM1MS04ZWM1LTVkMjUyNDRlNGFhZC8x
L1lFa2RtaDlDYUpYdDdOMmF4MWdlUXc5YWdlSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
ZjY0MDUzLWI5MzgtNGM1MS04ZWM1LTVkMjUyNDRlNGFhZC8xLzkwUkVvSVpfektt
alZwd2YwSklUTlVhamYwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwmCDANBgkqhkiG9w0BAQsF
AAOCAQEAHb8keOvgq4l7hdh+njaIlb2Noet2AQVv3wRHRRwTUbeL7buN51kl042l
xw2LNgFvnGeAmckuLoXWALQV59CFzOLwvpjXRf2wX/Z8wzIhhhiZUTU4n+Sk33AV
cornr3O6fyjTb3Ilhz4uWu5npK1yr2N6xbxqZyyAxPlXDCdpQsEDGRpcxdM7DJ2R
xJ5prwl1UfytsVM0TwHaqn73hOyBy/8u5B798vTlfBZU6LRKQQICQu6XtkR/6bhM
l18EB0t2HTAQ3WK6EkLrFIp+PaX+Ns808I3b4VQBIXP2qPjtmJq65sRzEcZA5GF+
UAyg0bULQlaGmOpg9vDSeDy2i3Dclw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:51 2025 by rpki-client