Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/YyzLMTt87Ecy3ghXnphVjvqquQ0.roa
File: YyzLMTt87Ecy3ghXnphVjvqquQ0.roa (raw, json)
Hash identifier: ZwuNLZzvOtpWGtNlX0gjt9977y68KkozP3OVholZME0=
Subject key identifier: 63:2C:CB:31:3B:7C:EC:47:32:DE:08:57:9E:98:55:8E:FA:AA:B9:0D
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 01942143B6D4CB730ECA72B8FC058133BBDE
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/YyzLMTt87Ecy3ghXnphVjvqquQ0.roa
Signing time: Wed 01 Jan 2025 09:47:53 +0000
ROA not before: Wed 01 Jan 2025 09:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60421
IP address blocks: 148.81.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:b6:d4:cb:73:0e:ca:72:b8:fc:05:81:33:bb:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Jan 1 09:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=632ccb313b7cec4732de08579e98558efaaab90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:76:08:99:6b:c8:b8:dc:ee:89:e9:f4:8b:19:
b3:c7:41:22:8d:5d:d2:76:1a:43:a4:02:b4:35:4d:
8a:be:62:d7:97:e7:b4:12:06:76:e6:5e:1a:5c:11:
ad:ce:8a:ad:d4:72:c9:35:a0:db:4f:4f:c0:a0:9b:
3c:c3:a8:18:81:6b:f0:b1:97:ba:dd:9e:26:fd:ca:
dd:3f:5e:41:78:e4:20:6a:9a:43:7f:d0:a2:55:9f:
aa:6a:73:6b:f1:70:83:42:6b:2e:da:87:d3:08:6f:
8d:3c:c0:c1:61:59:17:33:da:23:ad:f7:17:10:79:
d8:d9:2f:56:89:46:3b:8a:31:16:5e:c5:5f:2c:e6:
de:9b:8f:c6:86:85:c1:19:5f:a3:8a:08:dd:22:d2:
0e:9d:e1:77:28:2c:c5:77:40:85:9e:0b:44:07:27:
68:9c:dd:97:7f:68:76:96:58:f8:0c:db:1a:05:b4:
be:6e:14:5c:fe:90:e1:89:f9:7b:e4:72:20:c6:b1:
07:28:a3:ee:ed:3b:b2:0c:9a:49:d9:01:93:86:4c:
5b:9e:54:c5:0e:c1:29:ad:02:0e:26:f1:d8:b9:fe:
d4:da:bb:50:f6:2a:9b:61:68:8d:9b:55:31:ea:ff:
a6:cc:f7:e8:6e:4e:6e:60:7f:22:11:ee:75:41:c6:
62:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2C:CB:31:3B:7C:EC:47:32:DE:08:57:9E:98:55:8E:FA:AA:B9:0D
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/YyzLMTt87Ecy3ghXnphVjvqquQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.81.116.0/24
Signature Algorithm: sha256WithRSAEncryption
35:64:42:cb:c3:87:4c:a0:08:68:42:85:97:3f:91:bf:e7:0e:
44:5e:c9:e7:b4:9b:1a:3c:75:56:28:70:0b:32:75:a9:0b:00:
96:84:4c:3c:26:69:32:2c:aa:3b:39:ef:f1:8a:25:6b:8b:5a:
0a:26:ca:14:3c:08:71:9a:af:9f:72:4f:c9:d0:36:34:2a:a3:
1e:ae:11:a9:f8:35:62:64:5b:1c:f5:80:67:86:c5:45:dd:2c:
6e:6b:c4:8e:77:70:a0:f7:8a:01:3a:2d:82:4a:19:b4:6d:0b:
31:ac:35:ae:14:86:99:92:ba:69:80:02:18:62:09:f1:b6:18:
33:2b:84:0d:e9:b0:40:13:f6:9a:f9:1f:2b:c1:04:ae:90:15:
c2:1f:ff:58:3e:61:ae:6c:ad:1c:69:29:8a:f3:ad:ad:28:23:
09:3d:b0:5b:f2:93:f3:0b:fb:de:40:16:be:e6:cd:be:e7:69:
d5:a9:f4:53:05:9a:fa:13:b5:1b:34:ee:66:16:5e:64:74:ef:
70:55:1e:e2:2a:65:02:a3:16:99:88:2f:1c:93:bf:a7:e2:2e:
25:9b:2d:e7:9a:c8:ad:d2:33:74:7a:4a:4c:09:55:0d:16:c8:
0b:7d:99:cc:e8:d2:eb:7a:fd:8f:2e:fd:4a:5c:ad:0e:57:d4:
5a:7d:01:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ7bUy3MOynK4/AWBM7veMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwMTAxMDk0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzJjY2IzMTNiN2NlYzQ3MzJkZTA4NTc5ZTk4NTU4ZWZhYWFiOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHYImWvIuNzuien0ixmzx0EijV3S
dhpDpAK0NU2KvmLXl+e0EgZ25l4aXBGtzoqt1HLJNaDbT0/AoJs8w6gYgWvwsZe6
3Z4m/crdP15BeOQgappDf9CiVZ+qanNr8XCDQmsu2ofTCG+NPMDBYVkXM9ojrfcX
EHnY2S9WiUY7ijEWXsVfLObem4/GhoXBGV+jigjdItIOneF3KCzFd0CFngtEBydo
nN2Xf2h2llj4DNsaBbS+bhRc/pDhifl75HIgxrEHKKPu7TuyDJpJ2QGThkxbnlTF
DsEprQIOJvHYuf7U2rtQ9iqbYWiNm1Ux6v+mzPfobk5uYH8iEe51QcZixQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGMsyzE7fOxHMt4IV56YVY76qrkNMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvWXl6TE1UdDg3RWN5M2doWG5waFZqdnFxdVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlFF0MA0G
CSqGSIb3DQEBCwUAA4IBAQA1ZELLw4dMoAhoQoWXP5G/5w5EXsnntJsaPHVWKHAL
MnWpCwCWhEw8JmkyLKo7Oe/xiiVri1oKJsoUPAhxmq+fck/J0DY0KqMerhGp+DVi
ZFsc9YBnhsVF3Sxua8SOd3Cg94oBOi2CShm0bQsxrDWuFIaZkrppgAIYYgnxthgz
K4QN6bBAE/aa+R8rwQSukBXCH/9YPmGubK0caSmK862tKCMJPbBb8pPzC/veQBa+
5s2+52nVqfRTBZr6E7UbNO5mFl5kdO9wVR7iKmUCoxaZiC8ck7+n4i4lmy3nmsit
0jN0ekpMCVUNFsgLfZnM6NLrev2PLv1KXK0OV9RafQHe
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:23:19 2025 by rpki-client