Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/yZKr3MkjOL236i5PxJm5JOrjeZQ.roa
File: yZKr3MkjOL236i5PxJm5JOrjeZQ.roa (raw, json)
Hash identifier: P3Sg9X6HUsmoHVeRhUz452rlFrDzI8l8SS7MoZsVvQs=
Subject key identifier: C9:92:AB:DC:C9:23:38:BD:B7:EA:2E:4F:C4:99:B9:24:EA:E3:79:94
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 019421B1F2F767B107E4E7719138F3630703
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/yZKr3MkjOL236i5PxJm5JOrjeZQ.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
2a06:f940::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f2:f7:67:b1:07:e4:e7:71:91:38:f3:63:07:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c992abdcc92338bdb7ea2e4fc499b924eae37994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dd:85:61:9a:50:fc:33:68:37:18:99:11:4a:
b8:72:60:70:1b:5f:6b:3a:11:7c:ab:38:93:c8:b9:
95:b8:2d:d5:25:cd:03:cf:41:6f:6c:9b:60:f6:21:
53:c0:5b:2c:62:49:53:97:60:3d:74:f0:0d:d3:bb:
2c:fe:8f:80:57:a0:8c:ba:a6:00:d7:42:fc:d3:d8:
d6:2a:bf:d1:60:cc:cc:00:66:a6:59:12:76:36:d5:
90:b2:b5:7f:c5:db:18:3a:06:a0:ad:4b:12:e7:5e:
da:85:4d:33:37:3d:80:a2:c1:85:35:7a:1f:ba:a0:
f9:17:e3:5a:81:87:c5:b3:70:df:3d:4e:12:ff:8a:
8d:89:81:f2:71:f5:4b:cf:fe:ab:2a:fa:c7:a6:df:
f8:db:1a:4f:72:24:8a:d5:4d:0b:a6:78:cd:f6:ce:
25:a6:d5:11:c9:7e:44:25:c1:1f:63:63:2f:96:ad:
70:05:81:6d:67:e2:4c:3f:6a:47:ec:53:a7:9a:16:
fd:a6:26:c7:a3:20:e4:88:10:4e:e2:da:58:ff:8c:
2b:c7:de:2f:22:39:ea:9a:ec:41:ae:77:e2:bf:e8:
b8:97:21:af:5c:9c:27:8d:e7:f4:b5:1e:5d:93:37:
32:91:ca:dd:0d:f3:6b:7e:9a:6d:d8:a8:30:b9:2b:
12:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:92:AB:DC:C9:23:38:BD:B7:EA:2E:4F:C4:99:B9:24:EA:E3:79:94
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/yZKr3MkjOL236i5PxJm5JOrjeZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
IPv6:
2a06:f940::/48
Signature Algorithm: sha256WithRSAEncryption
9d:a9:ce:92:5f:75:09:c4:ff:85:c7:0d:fc:14:f8:1e:22:64:
6c:31:3f:d3:93:4e:bc:3d:64:15:97:41:fe:c1:5f:6b:72:4c:
cf:57:28:78:43:b8:be:44:8e:97:76:a4:3c:ab:f8:5a:96:72:
11:89:f6:a7:9c:0e:72:58:0a:b8:ba:d3:e5:3c:d2:60:cd:e2:
3a:22:86:e8:21:01:f2:55:4b:f6:d3:f4:e5:7c:b9:f3:ce:7b:
b9:43:a2:8e:65:6d:bd:84:cd:ea:3f:72:46:ac:74:3b:97:a3:
54:cf:8a:03:cd:54:36:7d:0d:92:06:70:f5:2f:3e:65:fd:17:
20:ca:52:4f:e8:32:d1:39:01:6d:e5:61:5d:bb:05:50:29:eb:
e6:10:04:2b:8a:59:d8:06:fe:0f:aa:83:ab:27:3c:e4:33:2b:
5e:a0:6b:82:ac:d6:ac:b0:8b:93:f2:45:40:ea:c6:10:2c:41:
d2:ae:23:d3:2b:a9:91:8c:49:77:03:26:fe:f8:ba:69:c7:27:
8c:ec:e2:9e:42:c5:88:0a:e6:9a:fb:75:4a:16:e4:69:12:e3:
3f:72:6a:8f:1e:51:d8:8e:b5:96:31:96:98:7b:8a:bb:82:a4:
db:f8:f3:a7:1c:90:67:69:54:b3:c9:b7:79:68:62:1d:f9:51:
fd:c2:26:97
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQhsfL3Z7EH5OdxkTjzYwcDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkyYWJkY2M5MjMzOGJkYjdlYTJlNGZjNDk5YjkyNGVhZTM3OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud2FYZpQ/DNoNxiZEUq4cmBwG19r
OhF8qziTyLmVuC3VJc0Dz0FvbJtg9iFTwFssYklTl2A9dPAN07ss/o+AV6CMuqYA
10L809jWKr/RYMzMAGamWRJ2NtWQsrV/xdsYOgagrUsS517ahU0zNz2AosGFNXof
uqD5F+NagYfFs3DfPU4S/4qNiYHycfVLz/6rKvrHpt/42xpPciSK1U0LpnjN9s4l
ptURyX5EJcEfY2Mvlq1wBYFtZ+JMP2pH7FOnmhb9pibHoyDkiBBO4tpY/4wrx94v
IjnqmuxBrnfiv+i4lyGvXJwnjef0tR5dkzcykcrdDfNrfppt2KgwuSsSZwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFMmSq9zJIzi9t+ouT8SZuSTq43mUMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL3laS3IzTWtqT0wyMzZpNVB4Sm01Sk9yamVaUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAG80MQw
DwQCAAIwCQMHACoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEAnanOkl91CcT/hccN
/BT4HiJkbDE/05NOvD1kFZdB/sFfa3JMz1coeEO4vkSOl3akPKv4WpZyEYn2p5wO
clgKuLrT5TzSYM3iOiKG6CEB8lVL9tP05Xy58857uUOijmVtvYTN6j9yRqx0O5ej
VM+KA81UNn0NkgZw9S8+Zf0XIMpST+gy0TkBbeVhXbsFUCnr5hAEK4pZ2Ab+D6qD
qyc85DMrXqBrgqzWrLCLk/JFQOrGECxB0q4j0yupkYxJdwMm/vi6accnjOzinkLF
iArmmvt1ShbkaRLjP3Jqjx5R2I61ljGWmHuKu4Kk2/jzpxyQZ2lUs8m3eWhiHflR
/cImlw==
-----END CERTIFICATE-----
Generated at Thu Apr 10 06:41:22 2025 by rpki-client