Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/YxdHjBspbev4c6wpMrvGTIQmKNw.roa
File: YxdHjBspbev4c6wpMrvGTIQmKNw.roa (raw, json)
Hash identifier: Di9hYOa680JFEYC2+KK51U5HyB76OARKRnq2zFchJs8=
Subject key identifier: 63:17:47:8C:1B:29:6D:EB:F8:73:AC:29:32:BB:C6:4C:84:26:28:DC
Certificate issuer: /CN=1ea1f59a96797271e1fd6673a9c534257da88e6b
Certificate serial: 01941FFA285085268D87E5D4CB0E4970ED7F
Authority key identifier: 1E:A1:F5:9A:96:79:72:71:E1:FD:66:73:A9:C5:34:25:7D:A8:8E:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqH1mpZ5cnHh_WZzqcU0JX2ojms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/YxdHjBspbev4c6wpMrvGTIQmKNw.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48918
IP address blocks: 212.58.64.0/19 maxlen: 24
2a00:fb80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:28:50:85:26:8d:87:e5:d4:cb:0e:49:70:ed:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea1f59a96797271e1fd6673a9c534257da88e6b
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6317478c1b296debf873ac2932bbc64c842628dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1b:b0:15:e9:26:02:4a:b6:60:02:eb:83:f6:
f3:9f:c0:b5:67:c0:c1:fe:c3:88:3e:60:14:9d:f4:
bf:78:ff:92:c0:d8:59:24:fc:3f:d9:a7:74:c4:67:
95:63:9e:b0:98:44:87:61:7e:8d:89:d2:2c:3d:bb:
d5:a3:5b:c0:b6:27:a5:57:9e:7f:62:da:4f:b7:1a:
56:ce:77:c6:9d:1c:2d:a8:3a:7c:59:5e:70:9c:44:
da:8e:f1:f7:91:93:0a:c7:c4:04:8a:18:3d:7f:72:
6e:36:53:19:8c:34:0b:ad:d3:c1:ee:b6:18:c6:19:
e0:fa:b6:5a:56:41:7d:d6:cb:4b:b2:f7:2c:f1:04:
30:03:6c:d2:e0:44:0d:94:28:c6:7a:cc:9a:62:27:
55:64:5e:7c:7c:f0:24:c6:c4:dc:22:b5:65:9b:88:
af:50:f7:70:db:23:b0:48:7a:ee:5b:ef:95:84:28:
e3:d4:7b:cf:20:2e:e3:fe:4e:f2:88:0f:2e:c6:1d:
4a:48:a6:37:a6:c8:ac:1c:05:ef:65:5d:94:e5:3a:
68:b7:c9:86:86:18:b4:8b:73:54:26:72:36:30:56:
db:d8:99:40:dc:3a:b2:9e:89:1a:c6:41:78:d6:9e:
3f:64:ea:c1:96:83:99:7f:ab:dc:3d:02:91:a5:9b:
97:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:17:47:8C:1B:29:6D:EB:F8:73:AC:29:32:BB:C6:4C:84:26:28:DC
X509v3 Authority Key Identifier:
keyid:1E:A1:F5:9A:96:79:72:71:E1:FD:66:73:A9:C5:34:25:7D:A8:8E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqH1mpZ5cnHh_WZzqcU0JX2ojms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/YxdHjBspbev4c6wpMrvGTIQmKNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/92b508-1fad-4299-8720-7c4afb88e2f2/1/HqH1mpZ5cnHh_WZzqcU0JX2ojms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.58.64.0/19
IPv6:
2a00:fb80::/32
Signature Algorithm: sha256WithRSAEncryption
25:93:57:b2:23:88:67:e4:3c:80:f9:af:39:eb:f7:51:7d:03:
94:17:2f:13:db:dd:28:fb:9c:c2:fe:1e:f8:4d:74:f5:85:58:
9f:04:ec:f2:5e:1f:e8:c3:ad:61:58:ee:ef:61:a0:d4:c8:e5:
7a:d6:fd:6d:df:1d:1f:6c:23:f0:69:fe:02:98:86:eb:2a:10:
46:b6:62:8b:15:95:18:82:c1:d7:33:03:ea:9f:1c:2e:fd:f2:
bb:08:d0:bf:71:5f:44:fa:a4:4b:af:6d:94:b7:f2:1b:e3:76:
b9:f0:1d:4c:bb:4b:81:cd:bd:c5:92:39:5c:b7:a4:15:11:80:
fc:69:ba:4c:fb:4e:ad:59:5f:ab:0c:0c:95:08:56:1f:c4:f7:
aa:0d:0a:7d:00:58:8a:61:75:9d:91:6a:49:20:be:07:c8:4c:
78:85:ca:5a:30:d0:67:f6:d6:be:a6:cd:f1:9a:00:a8:a2:5f:
8a:fe:17:e6:71:24:4c:b5:42:45:e3:1b:98:f7:75:95:06:ca:
cc:ff:8d:87:df:57:2c:58:9c:57:22:db:b7:58:67:9c:fb:6a:
9d:9e:de:a8:74:4b:0e:45:5b:07:6d:8b:c0:42:01:c9:3a:41:
70:08:1f:e5:77:ce:3d:b4:69:39:95:ae:7c:e0:11:2c:91:eb:
83:d7:eb:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+ihQhSaNh+XUyw5JcO1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTFmNTlhOTY3OTcyNzFlMWZkNjY3M2E5YzUzNDI1N2Rh
ODhlNmIwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE3NDc4YzFiMjk2ZGViZjg3M2FjMjkzMmJiYzY0Yzg0MjYyOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBuwFekmAkq2YALrg/bzn8C1Z8DB
/sOIPmAUnfS/eP+SwNhZJPw/2ad0xGeVY56wmESHYX6NidIsPbvVo1vAtielV55/
YtpPtxpWznfGnRwtqDp8WV5wnETajvH3kZMKx8QEihg9f3JuNlMZjDQLrdPB7rYY
xhng+rZaVkF91stLsvcs8QQwA2zS4EQNlCjGesyaYidVZF58fPAkxsTcIrVlm4iv
UPdw2yOwSHruW++VhCjj1HvPIC7j/k7yiA8uxh1KSKY3psisHAXvZV2U5Tpot8mG
hhi0i3NUJnI2MFbb2JlA3DqynokaxkF41p4/ZOrBloOZf6vcPQKRpZuXpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGMXR4wbKW3r+HOsKTK7xkyEJijcMB8GA1UdIwQY
MBaAFB6h9ZqWeXJx4f1mc6nFNCV9qI5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFIMW1wWjVjbkhoX1daenFjVTBKWDJvam1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC85MmI1MDgtMWZhZC00Mjk5LTg3MjAt
N2M0YWZiODhlMmYyLzEvWXhkSGpCc3BiZXY0YzZ3cE1ydkdUSVFtS053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC85MmI1MDgtMWZhZC00Mjk5LTg3MjAtN2M0YWZiODhlMmYy
LzEvSHFIMW1wWjVjbkhoX1daenFjVTBKWDJvam1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1DpAMA0E
AgACMAcDBQAqAPuAMA0GCSqGSIb3DQEBCwUAA4IBAQAlk1eyI4hn5DyA+a856/dR
fQOUFy8T290o+5zC/h74TXT1hVifBOzyXh/ow61hWO7vYaDUyOV61v1t3x0fbCPw
af4CmIbrKhBGtmKLFZUYgsHXMwPqnxwu/fK7CNC/cV9E+qRLr22Ut/Ib43a58B1M
u0uBzb3Fkjlct6QVEYD8abpM+06tWV+rDAyVCFYfxPeqDQp9AFiKYXWdkWpJIL4H
yEx4hcpaMNBn9ta+ps3xmgCool+K/hfmcSRMtUJF4xuY93WVBsrM/42H31csWJxX
Itu3WGec+2qdnt6odEsORVsHbYvAQgHJOkFwCB/ld849tGk5la584BEskeuD1+vF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:44 2025 by rpki-client