Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/YPzRvU69Y0RF6-3NjdjCaivOnCw.roa
File: YPzRvU69Y0RF6-3NjdjCaivOnCw.roa (raw, json)
Hash identifier: jQcqSnp/fCesjip4MnrunSDw62nPiiVA+21ZGC31x6g=
Subject key identifier: 60:FC:D1:BD:4E:BD:63:44:45:EB:ED:CD:8D:D8:C2:6A:2B:CE:9C:2C
Certificate issuer: /CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Certificate serial: 01856F4B52392EC78E63F8329F14DEE45132
Authority key identifier: 50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/YPzRvU69Y0RF6-3NjdjCaivOnCw.roa
Signing time: Sun 01 Jan 2023 21:44:45 +0000
ROA not before: Sun 01 Jan 2023 21:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39368
IP address blocks: 109.122.199.0/24 maxlen: 24
109.122.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:52:39:2e:c7:8e:63:f8:32:9f:14:de:e4:51:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50ba5b744e8df503d94f41fb29024289c6fa5e5b
Validity
Not Before: Jan 1 21:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60fcd1bd4ebd634445ebedcd8dd8c26a2bce9c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f6:94:95:eb:71:90:d4:02:25:11:2f:59:d2:
76:aa:99:c6:ff:b1:14:5a:57:b0:5c:58:b5:dc:3f:
3a:3e:fd:75:2a:f5:76:e6:f1:50:3b:3f:09:c6:02:
41:3e:e0:c8:47:9b:b8:c9:90:c2:b2:a1:5d:31:51:
49:94:74:ed:1e:d9:28:e2:6f:22:33:74:e9:45:e7:
aa:3a:82:d3:8d:fa:30:c6:dc:78:77:41:89:78:dc:
db:16:98:e6:24:e7:ef:fe:1a:d9:dc:87:52:84:90:
ae:f8:e9:81:87:52:de:f7:cb:7b:bb:64:31:50:8a:
d6:a0:dd:62:cf:73:61:0c:35:38:e0:0e:d9:ad:de:
b9:df:f1:a4:4f:99:8e:29:32:96:75:4d:79:fd:a2:
ca:1d:fb:72:9f:e3:6e:10:87:fa:cd:72:12:9f:d6:
53:3c:ac:dd:76:5f:a0:df:f4:52:e0:fa:18:45:2f:
01:7a:70:79:dd:b9:db:7f:b2:35:71:c3:7c:a7:85:
c5:30:f7:4d:bd:3c:e5:f0:14:6f:10:01:af:b4:d0:
eb:69:26:c2:42:76:8a:b4:2f:3e:c6:77:03:0a:9e:
4f:9d:9e:99:09:20:57:1b:0b:9f:e2:2c:35:ba:89:
30:dd:b4:b2:54:a0:7c:43:85:b7:7c:a7:3e:41:93:
55:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:FC:D1:BD:4E:BD:63:44:45:EB:ED:CD:8D:D8:C2:6A:2B:CE:9C:2C
X509v3 Authority Key Identifier:
keyid:50:BA:5B:74:4E:8D:F5:03:D9:4F:41:FB:29:02:42:89:C6:FA:5E:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULpbdE6N9QPZT0H7KQJCicb6Xls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/YPzRvU69Y0RF6-3NjdjCaivOnCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/7aff68-bae6-498a-9f58-f559cda8d49f/1/ULpbdE6N9QPZT0H7KQJCicb6Xls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.199.0/24
109.122.209.0/24
Signature Algorithm: sha256WithRSAEncryption
31:1d:30:ba:cb:c5:ba:b4:89:6b:21:1e:89:f3:4a:63:f7:87:
4d:1c:a9:59:a4:81:70:19:90:f7:71:24:b8:2f:dc:93:09:ae:
8f:8a:5b:b7:92:8e:c4:73:99:d1:fe:c7:ac:f6:ee:1b:d4:3c:
53:cc:65:3f:d8:14:7a:e5:75:c8:4d:e7:8a:d1:b2:36:07:0b:
31:72:45:a6:ab:45:fd:10:57:ff:67:af:ad:fa:f5:01:da:6c:
4f:ce:71:6f:12:d5:c4:ab:c5:7d:04:d9:89:dc:61:86:83:8a:
e3:75:7f:2c:2c:79:e8:f4:5d:31:f0:7c:26:84:bb:f9:70:6b:
7a:eb:35:9d:48:d4:a8:ba:89:45:22:d5:e2:fc:2c:a4:8c:3a:
3a:99:3a:b1:aa:d0:c3:1e:44:6d:d1:cc:8a:49:35:91:9a:2f:
7b:16:01:42:8f:09:72:7a:09:15:8d:25:22:92:ab:76:7b:92:
ac:5b:9a:60:f1:42:86:2c:45:10:16:f6:a6:1a:19:dd:37:7c:
89:17:54:51:e2:b1:6a:c3:6e:3c:e3:66:84:94:8b:8f:c4:3a:
0c:7e:bb:9a:53:51:cf:91:d2:f3:bd:35:6d:90:bc:d5:b2:3c:
c4:de:3b:0c:0a:73:08:6a:b9:01:c3:80:5d:17:1d:71:d7:27:
b0:4d:66:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvS1I5LseOY/gynxTe5FEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYmE1Yjc0NGU4ZGY1MDNkOTRmNDFmYjI5MDI0Mjg5YzZm
YTVlNWIwHhcNMjMwMTAxMjE0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGZjZDFiZDRlYmQ2MzQ0NDVlYmVkY2Q4ZGQ4YzI2YTJiY2U5YzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/aUletxkNQCJREvWdJ2qpnG/7EU
WlewXFi13D86Pv11KvV25vFQOz8JxgJBPuDIR5u4yZDCsqFdMVFJlHTtHtko4m8i
M3TpReeqOoLTjfowxtx4d0GJeNzbFpjmJOfv/hrZ3IdShJCu+OmBh1Le98t7u2Qx
UIrWoN1iz3NhDDU44A7Zrd653/GkT5mOKTKWdU15/aLKHftyn+NuEIf6zXISn9ZT
PKzddl+g3/RS4PoYRS8BenB53bnbf7I1ccN8p4XFMPdNvTzl8BRvEAGvtNDraSbC
QnaKtC8+xncDCp5PnZ6ZCSBXGwuf4iw1uokw3bSyVKB8Q4W3fKc+QZNVnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGD80b1OvWNERevtzY3YwmorzpwsMB8GA1UdIwQY
MBaAFFC6W3ROjfUD2U9B+ykCQonG+l5bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgt
ZjU1OWNkYThkNDlmLzEvWVB6UnZVNjlZMFJGNi0zTmpkakNhaXZPbkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi83YWZmNjgtYmFlNi00OThhLTlmNTgtZjU1OWNkYThkNDlm
LzEvVUxwYmRFNk45UVBaVDBIN0tRSkNpY2I2WGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXrHAwQA
bXrRMA0GCSqGSIb3DQEBCwUAA4IBAQAxHTC6y8W6tIlrIR6J80pj94dNHKlZpIFw
GZD3cSS4L9yTCa6Pilu3ko7Ec5nR/ses9u4b1DxTzGU/2BR65XXITeeK0bI2Bwsx
ckWmq0X9EFf/Z6+t+vUB2mxPznFvEtXEq8V9BNmJ3GGGg4rjdX8sLHno9F0x8Hwm
hLv5cGt66zWdSNSouolFItXi/CykjDo6mTqxqtDDHkRt0cyKSTWRmi97FgFCjwly
egkVjSUikqt2e5KsW5pg8UKGLEUQFvamGhndN3yJF1RR4rFqw24842aElIuPxDoM
fruaU1HPkdLzvTVtkLzVsjzE3jsMCnMIarkBw4BdFx1x1yewTWbL
-----END CERTIFICATE-----
Generated at Tue May 13 20:12:42 2025 by rpki-client