Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/yGPqrJa3Zwq1lr8NTpt5X86glXI.roa
File: yGPqrJa3Zwq1lr8NTpt5X86glXI.roa (raw, json)
Hash identifier: 2jZcVKME4/6iNnTYuGCTDlNJXCs1FpJb/MUDlyZ9cDM=
Subject key identifier: C8:63:EA:AC:96:B7:67:0A:B5:96:BF:0D:4E:9B:79:5F:CE:A0:95:72
Certificate issuer: /CN=ac345e7c5920cc89a3ea6cada2be505283684270
Certificate serial: 018B94AE0CC6239AAE32CD3EAB0AE8543666
Authority key identifier: AC:34:5E:7C:59:20:CC:89:A3:EA:6C:AD:A2:BE:50:52:83:68:42:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rDRefFkgzImj6mytor5QUoNoQnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/yGPqrJa3Zwq1lr8NTpt5X86glXI.roa
Signing time: Fri 03 Nov 2023 10:15:16 +0000
ROA not before: Fri 03 Nov 2023 10:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 62.3.54.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:ae:0c:c6:23:9a:ae:32:cd:3e:ab:0a:e8:54:36:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac345e7c5920cc89a3ea6cada2be505283684270
Validity
Not Before: Nov 3 10:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c863eaac96b7670ab596bf0d4e9b795fcea09572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:76:ca:7e:54:31:72:5a:2d:99:c1:88:e1:12:
45:fd:90:49:c6:2c:75:20:a5:e3:72:c4:8a:47:4f:
ee:c8:8a:82:c9:08:57:53:eb:12:cc:a7:90:3b:9d:
16:63:d8:ac:16:34:94:2f:58:74:da:44:ed:65:b7:
9b:77:5d:48:71:f4:04:c1:d9:90:a0:da:d5:9e:ad:
af:d9:d4:3c:98:c7:34:a3:d6:e7:85:15:e6:a0:bd:
dd:18:29:61:fb:3f:f5:5b:dc:69:c9:f0:c7:18:b3:
90:ec:e6:11:38:6a:81:c0:93:be:4d:21:20:23:6b:
3b:bc:e4:58:8c:43:03:97:e6:32:02:bd:4c:68:b6:
dd:f6:13:43:62:15:cb:a8:64:ef:ad:66:16:67:be:
99:ae:14:54:de:5f:ba:85:46:bd:73:88:21:9f:77:
9b:7b:98:ac:c3:99:19:71:be:ac:11:6f:f6:b1:75:
44:4e:09:92:f1:c0:07:d9:fb:0f:1d:eb:ab:7a:ad:
95:c6:42:9d:f6:2b:5d:df:65:b8:2c:46:3d:4e:0b:
9b:1b:08:81:a7:09:c2:76:30:31:20:3d:55:45:57:
75:2d:37:ae:27:a3:31:e5:c5:22:de:76:86:4b:7a:
3a:f1:74:fd:37:ee:16:74:fd:4a:72:b4:7e:c3:ad:
99:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:63:EA:AC:96:B7:67:0A:B5:96:BF:0D:4E:9B:79:5F:CE:A0:95:72
X509v3 Authority Key Identifier:
keyid:AC:34:5E:7C:59:20:CC:89:A3:EA:6C:AD:A2:BE:50:52:83:68:42:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rDRefFkgzImj6mytor5QUoNoQnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/yGPqrJa3Zwq1lr8NTpt5X86glXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/578642-9428-4a17-b936-88329b03b2aa/1/rDRefFkgzImj6mytor5QUoNoQnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.54.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:4a:d2:13:95:fa:fb:e0:10:28:bb:6a:72:06:3a:4c:eb:9a:
2d:50:80:fa:a8:87:ac:9b:59:94:76:15:9f:6c:19:56:30:ce:
34:8f:ba:4d:cf:c3:11:d9:cd:73:31:7d:42:ad:ea:2d:35:69:
21:05:2c:cb:3d:d2:78:ee:ba:13:b2:1e:ba:49:ad:9c:66:c4:
63:46:df:9d:77:0e:60:04:eb:1a:ca:f0:e5:fb:59:b1:4f:6f:
72:76:95:1e:c7:c2:c2:c8:f7:0a:eb:97:20:86:fb:02:ba:ae:
79:59:eb:ce:4d:35:97:89:cd:4e:9b:51:43:03:ab:81:ef:73:
0d:ad:70:02:26:f6:6d:23:b9:63:ab:2b:87:29:2c:24:97:a3:
67:30:be:ba:8b:7e:9e:99:84:b3:47:57:c3:00:83:28:3d:50:
c7:79:1a:1e:3d:ab:79:0b:37:ca:20:93:00:4f:3b:1c:72:32:
14:85:26:a0:cf:cf:8c:f6:9a:cd:e5:b4:af:99:c5:d5:92:28:
01:40:3f:e4:42:5b:7d:94:4c:de:2c:a5:ca:d0:a1:1b:75:af:
ac:4c:33:01:12:8c:4f:79:0e:d3:bb:9c:ff:f6:d3:26:78:16:
ec:37:c9:59:41:12:77:cf:85:f5:bd:7e:c6:85:e7:7b:e9:23:
3d:32:74:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuUrgzGI5quMs0+qwroVDZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMzQ1ZTdjNTkyMGNjODlhM2VhNmNhZGEyYmU1MDUyODM2
ODQyNzAwHhcNMjMxMTAzMTAxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODYzZWFhYzk2Yjc2NzBhYjU5NmJmMGQ0ZTliNzk1ZmNlYTA5NTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHbKflQxclotmcGI4RJF/ZBJxix1
IKXjcsSKR0/uyIqCyQhXU+sSzKeQO50WY9isFjSUL1h02kTtZbebd11IcfQEwdmQ
oNrVnq2v2dQ8mMc0o9bnhRXmoL3dGClh+z/1W9xpyfDHGLOQ7OYROGqBwJO+TSEg
I2s7vORYjEMDl+YyAr1MaLbd9hNDYhXLqGTvrWYWZ76ZrhRU3l+6hUa9c4ghn3eb
e5isw5kZcb6sEW/2sXVETgmS8cAH2fsPHeureq2VxkKd9itd32W4LEY9TgubGwiB
pwnCdjAxID1VRVd1LTeuJ6Mx5cUi3naGS3o68XT9N+4WdP1KcrR+w62ZPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMhj6qyWt2cKtZa/DU6beV/OoJVyMB8GA1UdIwQY
MBaAFKw0XnxZIMyJo+psraK+UFKDaEJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckRSZWZGa2d6SW1qNm15dG9yNVFVb05vUW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2NDItOTQyOC00YTE3LWI5MzYt
ODgzMjliMDNiMmFhLzEveUdQcXJKYTNad3ExbHI4TlRwdDVYODZnbFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2NDItOTQyOC00YTE3LWI5MzYtODgzMjliMDNiMmFh
LzEvckRSZWZGa2d6SW1qNm15dG9yNVFVb05vUW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgM2MA0G
CSqGSIb3DQEBCwUAA4IBAQBqStITlfr74BAou2pyBjpM65otUID6qIesm1mUdhWf
bBlWMM40j7pNz8MR2c1zMX1CreotNWkhBSzLPdJ47roTsh66Sa2cZsRjRt+ddw5g
BOsayvDl+1mxT29ydpUex8LCyPcK65cghvsCuq55WevOTTWXic1Om1FDA6uB73MN
rXACJvZtI7ljqyuHKSwkl6NnML66i36emYSzR1fDAIMoPVDHeRoePat5CzfKIJMA
TzsccjIUhSagz8+M9prN5bSvmcXVkigBQD/kQlt9lEzeLKXK0KEbda+sTDMBEoxP
eQ7Tu5z/9tMmeBbsN8lZQRJ3z4X1vX7Ghed76SM9MnSn
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:48:11 2025 by rpki-client