Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/yJroNTaVvlT2NMbeqc_SwP9EFa8.roa
File: yJroNTaVvlT2NMbeqc_SwP9EFa8.roa (raw, json)
Hash identifier: uK6E/53K4TtzRidnGsebqPQ704WPwr/ML/5bFXdXLZo=
Subject key identifier: C8:9A:E8:35:36:95:BE:54:F6:34:C6:DE:A9:CF:D2:C0:FF:44:15:AF
Certificate issuer: /CN=2fe5b7ccb403d30a44857d47c58cf1346546d283
Certificate serial: 01941FFA02D362D1335C14B395C7371FED95
Authority key identifier: 2F:E5:B7:CC:B4:03:D3:0A:44:85:7D:47:C5:8C:F1:34:65:46:D2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-W3zLQD0wpEhX1HxYzxNGVG0oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/yJroNTaVvlT2NMbeqc_SwP9EFa8.roa
Signing time: Wed 01 Jan 2025 03:47:45 +0000
ROA not before: Wed 01 Jan 2025 03:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29399
IP address blocks: 159.253.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:02:d3:62:d1:33:5c:14:b3:95:c7:37:1f:ed:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fe5b7ccb403d30a44857d47c58cf1346546d283
Validity
Not Before: Jan 1 03:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c89ae8353695be54f634c6dea9cfd2c0ff4415af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:66:c2:9d:57:00:59:09:54:bb:30:93:8f:ed:
18:0b:6b:4b:ef:67:82:0b:42:02:0e:28:3a:0a:cf:
c7:fd:0c:36:e0:4d:15:ef:ff:64:ab:8b:f0:fb:7e:
5e:13:a0:01:2c:2f:1b:58:a1:19:2b:53:10:2c:9d:
a5:b8:f7:94:85:97:ff:7f:66:07:ee:41:ee:e7:48:
2e:7e:0a:f9:51:00:e2:43:24:a0:7b:6f:25:4e:4a:
40:29:f9:51:f4:cb:c4:99:c6:06:2c:07:cd:65:ac:
e8:49:aa:e3:1a:76:cd:d3:a5:7c:50:90:82:4b:6f:
8c:c6:f4:e6:dc:23:33:b5:a2:87:25:af:fb:60:07:
32:a7:49:29:0a:fa:56:59:fd:e3:f8:14:d5:f3:2c:
3e:b2:14:97:27:b7:ec:96:39:c6:15:94:17:16:5e:
29:4c:0a:99:ce:c5:1f:ae:66:58:cb:f4:ab:f9:ce:
75:22:34:2c:97:ed:8f:0d:06:00:21:cf:d8:fe:06:
eb:7d:aa:95:86:28:32:4a:56:60:49:c8:8d:a1:ba:
20:0e:ba:7f:34:80:03:ad:0a:17:29:12:7f:9c:b6:
65:f7:38:db:27:92:0d:14:b7:b2:6c:36:97:15:9f:
b9:5d:54:87:bc:0e:59:ee:aa:af:83:ac:bd:34:8e:
53:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9A:E8:35:36:95:BE:54:F6:34:C6:DE:A9:CF:D2:C0:FF:44:15:AF
X509v3 Authority Key Identifier:
keyid:2F:E5:B7:CC:B4:03:D3:0A:44:85:7D:47:C5:8C:F1:34:65:46:D2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-W3zLQD0wpEhX1HxYzxNGVG0oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/yJroNTaVvlT2NMbeqc_SwP9EFa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91cdfd-2c72-4236-a4c2-2b8f7346f350/1/L-W3zLQD0wpEhX1HxYzxNGVG0oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.86.0/24
Signature Algorithm: sha256WithRSAEncryption
42:22:1a:4b:c0:a8:4b:1f:dd:2e:50:20:d6:4a:6a:5f:4f:be:
f9:0d:0c:4e:e8:2a:f4:12:55:3b:8e:a5:dd:e8:17:44:83:ec:
41:46:ef:e9:e6:9d:ea:09:7b:5d:88:eb:c6:2d:2d:03:22:43:
7c:32:b8:be:06:60:0a:74:a2:41:b8:a9:67:f3:da:1a:7d:96:
15:aa:6f:01:05:2f:9b:94:85:a7:a5:e1:2f:ec:d1:4c:2a:e5:
0a:d4:5a:0e:a0:8b:58:21:90:4b:87:d7:58:61:9a:a9:ba:ac:
be:a1:81:14:c7:8e:3e:55:78:2d:e7:22:ce:aa:60:80:65:4c:
e8:ee:2a:90:86:8c:59:b7:5b:ed:9f:6d:dc:31:03:5c:1a:f9:
ca:5f:5c:8d:ae:1f:fc:f8:9c:30:8a:5f:a5:77:fc:ee:ae:33:
e3:4b:26:2c:40:2d:a4:2a:2f:e3:9c:02:f8:a7:94:f6:bd:4b:
4b:c4:db:81:bc:be:26:08:0e:0a:33:1f:ff:1a:d2:f1:1f:2f:
39:68:f9:a6:30:c7:d8:49:64:53:f1:d4:99:5f:1f:fa:2b:e2:
1b:1b:e2:fa:eb:e7:19:e4:fa:41:75:5c:3f:a6:1c:9f:78:69:
f5:e4:34:db:2b:a8:1b:75:49:d7:f4:73:61:2e:b4:b6:4a:cf:
15:8e:21:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gLTYtEzXBSzlcc3H+2VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTViN2NjYjQwM2QzMGE0NDg1N2Q0N2M1OGNmMTM0NjU0
NmQyODMwHhcNMjUwMTAxMDM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODlhZTgzNTM2OTViZTU0ZjYzNGM2ZGVhOWNmZDJjMGZmNDQxNWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWbCnVcAWQlUuzCTj+0YC2tL72eC
C0ICDig6Cs/H/Qw24E0V7/9kq4vw+35eE6ABLC8bWKEZK1MQLJ2luPeUhZf/f2YH
7kHu50gufgr5UQDiQySge28lTkpAKflR9MvEmcYGLAfNZazoSarjGnbN06V8UJCC
S2+MxvTm3CMztaKHJa/7YAcyp0kpCvpWWf3j+BTV8yw+shSXJ7fsljnGFZQXFl4p
TAqZzsUfrmZYy/Sr+c51IjQsl+2PDQYAIc/Y/gbrfaqVhigySlZgSciNobogDrp/
NIADrQoXKRJ/nLZl9zjbJ5INFLeybDaXFZ+5XVSHvA5Z7qqvg6y9NI5TBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMia6DU2lb5U9jTG3qnP0sD/RBWvMB8GA1UdIwQY
MBaAFC/lt8y0A9MKRIV9R8WM8TRlRtKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1XM3pMUUQwd3BFaFgxSHhZenhOR1ZHMG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85MWNkZmQtMmM3Mi00MjM2LWE0YzIt
MmI4ZjczNDZmMzUwLzEveUpyb05UYVZ2bFQyTk1iZXFjX1N3UDlFRmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85MWNkZmQtMmM3Mi00MjM2LWE0YzItMmI4ZjczNDZmMzUw
LzEvTC1XM3pMUUQwd3BFaFgxSHhZenhOR1ZHMG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/1WMA0G
CSqGSIb3DQEBCwUAA4IBAQBCIhpLwKhLH90uUCDWSmpfT775DQxO6Cr0ElU7jqXd
6BdEg+xBRu/p5p3qCXtdiOvGLS0DIkN8Mri+BmAKdKJBuKln89oafZYVqm8BBS+b
lIWnpeEv7NFMKuUK1FoOoItYIZBLh9dYYZqpuqy+oYEUx44+VXgt5yLOqmCAZUzo
7iqQhoxZt1vtn23cMQNcGvnKX1yNrh/8+Jwwil+ld/zurjPjSyYsQC2kKi/jnAL4
p5T2vUtLxNuBvL4mCA4KMx//GtLxHy85aPmmMMfYSWRT8dSZXx/6K+IbG+L66+cZ
5PpBdVw/phyfeGn15DTbK6gbdUnX9HNhLrS2Ss8VjiGo
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:13:39 2025 by rpki-client