Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/YM3gYtjsCSk6V1--bovb_wYt7qI.roa
File: YM3gYtjsCSk6V1--bovb_wYt7qI.roa (raw, json)
Hash identifier: HYnXH43Els8xcyz2VLZSSOsrk9jNKw0kKYdJbAGPWYk=
Subject key identifier: 60:CD:E0:62:D8:EC:09:29:3A:57:5F:BE:6E:8B:DB:FF:06:2D:EE:A2
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 0194228E433A10BCD5FF030129F82C7DC6BC
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/YM3gYtjsCSk6V1--bovb_wYt7qI.roa
Signing time: Wed 01 Jan 2025 15:48:56 +0000
ROA not before: Wed 01 Jan 2025 15:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 213.145.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:43:3a:10:bc:d5:ff:03:01:29:f8:2c:7d:c6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 15:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60cde062d8ec09293a575fbe6e8bdbff062deea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3f:c9:96:9e:ef:88:54:1b:77:99:df:a3:bb:
77:48:68:2f:d2:f1:37:b8:6a:65:36:bb:cd:16:ef:
5a:cf:59:47:74:9b:67:ce:73:a2:48:fe:61:33:be:
2a:e6:46:c6:cd:cb:77:94:32:1b:b8:7b:b7:1b:12:
f6:bd:5a:bf:ff:a0:89:18:01:8a:9b:cd:f7:19:f6:
32:13:1e:a9:cb:b2:e0:55:5d:98:66:4d:f9:4a:5d:
ee:cd:e8:77:35:b5:15:c6:90:7d:ad:7a:d1:3e:7b:
f2:58:6d:ce:3f:10:ca:dd:92:40:07:9a:6c:0e:b1:
4f:dd:a9:43:c7:02:b5:6b:14:e0:43:1c:c5:f0:7d:
34:24:d4:67:cd:15:c7:a1:df:42:48:1a:fd:3e:5d:
04:18:79:e0:9f:e1:2e:4f:b8:ce:72:7c:6f:e9:44:
a9:65:15:70:53:95:84:45:11:ea:08:1e:a9:a0:7a:
b4:ee:14:fa:98:8e:30:37:4d:83:7b:6b:a2:e4:7c:
ae:fa:ba:14:5a:40:67:9c:20:6f:ea:73:67:da:44:
74:4e:72:75:d6:18:d0:cf:19:2a:28:53:9f:f4:9c:
ea:34:a0:5b:04:23:67:af:b9:7a:ba:5b:f2:0e:a0:
7a:a2:87:dc:f8:a7:07:78:f1:09:71:bb:51:eb:0d:
3e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CD:E0:62:D8:EC:09:29:3A:57:5F:BE:6E:8B:DB:FF:06:2D:EE:A2
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/YM3gYtjsCSk6V1--bovb_wYt7qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.89.0/24
Signature Algorithm: sha256WithRSAEncryption
72:16:9d:4a:29:73:84:69:bd:05:67:01:6e:ef:58:b1:09:0d:
05:6e:1d:24:80:36:87:d6:64:90:03:36:6b:29:72:3c:78:10:
1a:b5:ac:74:a4:86:da:18:0d:71:13:0e:34:28:09:f6:df:dc:
d1:84:ea:26:78:1c:71:d5:db:65:74:cf:a3:b7:3e:a6:d0:3a:
65:7a:c3:58:04:15:62:aa:4a:c5:93:18:02:99:b4:68:07:49:
7d:35:ad:27:3a:57:bd:a5:97:1c:b7:0e:0a:c3:1c:19:56:af:
97:c1:e5:08:a2:38:4a:b3:0e:18:06:ba:db:39:3b:92:64:c6:
53:bb:74:d9:ba:3c:1f:ae:f9:40:73:f1:e4:1d:d4:a6:99:54:
01:50:99:30:e1:bc:7c:93:9e:df:fd:a6:ad:70:01:b1:67:c3:
5e:78:6d:78:18:b1:1b:f3:0d:79:ca:b3:ab:93:db:5d:80:04:
ef:04:a0:f9:36:1d:84:10:6d:9c:49:76:99:29:79:c6:9c:b5:
66:1a:a3:e9:ba:03:01:c9:6e:dd:34:a6:28:5a:80:53:15:6b:
ec:87:63:b0:f0:b1:0b:f4:be:2b:eb:92:23:02:d0:5a:3a:24:
d2:d6:b7:93:47:43:31:d9:f6:b4:51:41:39:e3:59:c9:5a:86:
63:83:36:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijkM6ELzV/wMBKfgsfca8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwMTAxMTU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNkZTA2MmQ4ZWMwOTI5M2E1NzVmYmU2ZThiZGJmZjA2MmRlZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD/Jlp7viFQbd5nfo7t3SGgv0vE3
uGplNrvNFu9az1lHdJtnznOiSP5hM74q5kbGzct3lDIbuHu3GxL2vVq//6CJGAGK
m833GfYyEx6py7LgVV2YZk35Sl3uzeh3NbUVxpB9rXrRPnvyWG3OPxDK3ZJAB5ps
DrFP3alDxwK1axTgQxzF8H00JNRnzRXHod9CSBr9Pl0EGHngn+EuT7jOcnxv6USp
ZRVwU5WERRHqCB6poHq07hT6mI4wN02De2ui5Hyu+roUWkBnnCBv6nNn2kR0TnJ1
1hjQzxkqKFOf9JzqNKBbBCNnr7l6ulvyDqB6oofc+KcHePEJcbtR6w0+IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDN4GLY7AkpOldfvm6L2/8GLe6iMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvWU0zZ1l0anNDU2s2VjEtLWJvdmJfd1l0N3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZFZMA0G
CSqGSIb3DQEBCwUAA4IBAQByFp1KKXOEab0FZwFu71ixCQ0Fbh0kgDaH1mSQAzZr
KXI8eBAatax0pIbaGA1xEw40KAn239zRhOomeBxx1dtldM+jtz6m0DplesNYBBVi
qkrFkxgCmbRoB0l9Na0nOle9pZcctw4KwxwZVq+XweUIojhKsw4YBrrbOTuSZMZT
u3TZujwfrvlAc/HkHdSmmVQBUJkw4bx8k57f/aatcAGxZ8NeeG14GLEb8w15yrOr
k9tdgATvBKD5Nh2EEG2cSXaZKXnGnLVmGqPpugMByW7dNKYoWoBTFWvsh2Ow8LEL
9L4r65IjAtBaOiTS1reTR0Mx2fa0UUE541nJWoZjgzbH
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:24:33 2025 by rpki-client