Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/YhneglxU-YMRltelD3FSRlJ3Zwc.roa
File: YhneglxU-YMRltelD3FSRlJ3Zwc.roa (raw, json)
Hash identifier: Ncwlfcg8RLjA+nxHVjFBtQFwEe7HoERaw1MC4MeS+rw=
Subject key identifier: 62:19:DE:82:5C:54:F9:83:11:96:D7:A5:0F:71:52:46:52:77:67:07
Certificate issuer: /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial: 019423D749BB4B9963D072A959A9AC7283BD
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/YhneglxU-YMRltelD3FSRlJ3Zwc.roa
Signing time: Wed 01 Jan 2025 21:48:19 +0000
ROA not before: Wed 01 Jan 2025 21:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139138
IP address blocks: 199.182.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:49:bb:4b:99:63:d0:72:a9:59:a9:ac:72:83:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Validity
Not Before: Jan 1 21:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6219de825c54f9831196d7a50f71524652776707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b9:e3:03:aa:af:11:d6:2e:18:8f:bf:a8:2e:
a2:b0:a3:9c:49:fc:82:46:2c:a2:6b:f6:c8:5f:8a:
81:51:68:77:05:62:d4:f0:66:ab:16:07:de:80:b9:
ce:8b:e6:12:33:a0:05:20:20:64:90:dc:b5:79:c9:
27:cb:8b:b9:d9:3c:bb:6a:b4:48:19:07:d3:51:26:
6f:b2:18:5a:dc:17:21:e3:27:62:28:1d:1a:f4:db:
6c:f8:1d:b3:51:5e:86:9a:75:55:7f:b4:df:eb:a5:
44:98:34:e0:d6:8e:da:66:f9:41:7e:ba:01:57:7c:
82:42:7d:cd:c2:6e:71:38:52:09:cb:b3:47:32:9f:
9a:0e:2d:73:8c:9d:d0:03:6e:7b:2f:7e:99:a7:11:
ca:18:97:fb:49:af:81:34:a0:05:b4:ff:17:3a:91:
ad:f3:b5:a5:a9:3a:26:c7:39:02:0f:5e:91:ff:b7:
0b:10:22:bf:c4:d4:97:3d:91:88:5a:c2:be:f8:52:
17:d8:ec:10:ab:6a:30:7d:c9:62:3d:ce:1b:a4:77:
d0:51:67:dc:e6:de:26:67:d6:42:4d:bb:7f:69:e4:
60:a0:79:e8:8a:9c:09:f5:2e:4a:b8:9b:51:ae:b5:
08:86:16:1f:fb:1f:0c:7e:42:9d:cb:a0:e2:cf:1c:
bb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:19:DE:82:5C:54:F9:83:11:96:D7:A5:0F:71:52:46:52:77:67:07
X509v3 Authority Key Identifier:
keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/YhneglxU-YMRltelD3FSRlJ3Zwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.182.239.0/24
Signature Algorithm: sha256WithRSAEncryption
74:1b:ac:e1:af:d9:0b:1e:dd:fe:96:1a:27:c3:fb:81:a2:a2:
35:9f:6d:24:8b:61:cc:c1:f7:ee:f1:05:bf:63:08:34:71:9e:
f6:02:dc:81:93:1d:9c:6d:50:dc:d0:56:6b:c0:71:51:a9:08:
4a:70:7f:54:69:3e:ba:a6:fb:b5:3c:7c:18:e6:ca:38:22:d7:
00:20:d9:f6:21:bf:13:c1:af:72:1d:21:d1:97:9f:98:9a:72:
de:f8:23:1f:b7:8f:0e:42:3c:74:f4:ef:a2:9b:d2:c7:2b:0f:
4d:07:4f:dc:2c:63:01:59:8f:6b:08:e7:ec:1a:e4:18:36:a5:
42:ab:9d:88:07:bd:35:59:e8:2f:c0:33:76:d2:cf:b2:3a:5a:
0a:97:19:c9:bb:cc:47:9d:5b:65:8e:67:20:79:1b:e3:69:1a:
cf:a6:b7:cf:4f:0c:48:7b:a0:9d:b2:c7:bb:a9:02:b6:39:3a:
0c:40:e7:75:87:6f:24:1f:64:83:8a:b2:57:3b:31:49:97:80:
c3:95:4d:ba:7f:c5:75:81:e6:74:59:d2:9e:da:9e:84:9c:63:
77:0d:99:ad:f2:91:89:b6:14:2f:36:98:0a:f8:1c:c8:be:f5:
7b:7c:0e:60:15:96:02:99:5e:42:04:68:6c:83:10:bf:69:7d:
46:df:91:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj10m7S5lj0HKpWamscoO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjUwMTAxMjE0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjE5ZGU4MjVjNTRmOTgzMTE5NmQ3YTUwZjcxNTI0NjUyNzc2NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbnjA6qvEdYuGI+/qC6isKOcSfyC
Riyia/bIX4qBUWh3BWLU8GarFgfegLnOi+YSM6AFICBkkNy1eckny4u52Ty7arRI
GQfTUSZvshha3Bch4ydiKB0a9Nts+B2zUV6GmnVVf7Tf66VEmDTg1o7aZvlBfroB
V3yCQn3Nwm5xOFIJy7NHMp+aDi1zjJ3QA257L36ZpxHKGJf7Sa+BNKAFtP8XOpGt
87WlqTomxzkCD16R/7cLECK/xNSXPZGIWsK++FIX2OwQq2owfcliPc4bpHfQUWfc
5t4mZ9ZCTbt/aeRgoHnoipwJ9S5KuJtRrrUIhhYf+x8MfkKdy6Dizxy7AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIZ3oJcVPmDEZbXpQ9xUkZSd2cHMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvWWhuZWdseFUtWU1SbHRlbEQzRlNSbEozWndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx7bvMA0G
CSqGSIb3DQEBCwUAA4IBAQB0G6zhr9kLHt3+lhonw/uBoqI1n20ki2HMwffu8QW/
Ywg0cZ72AtyBkx2cbVDc0FZrwHFRqQhKcH9UaT66pvu1PHwY5so4ItcAINn2Ib8T
wa9yHSHRl5+YmnLe+CMft48OQjx09O+im9LHKw9NB0/cLGMBWY9rCOfsGuQYNqVC
q52IB701WegvwDN20s+yOloKlxnJu8xHnVtljmcgeRvjaRrPprfPTwxIe6Cdsse7
qQK2OToMQOd1h28kH2SDirJXOzFJl4DDlU26f8V1geZ0WdKe2p6EnGN3DZmt8pGJ
thQvNpgK+BzIvvV7fA5gFZYCmV5CBGhsgxC/aX1G35HY
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:18:25 2025 by rpki-client