Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/Yy3P_eLepPH97sx7uG_-ThMgEEo.roa
File: Yy3P_eLepPH97sx7uG_-ThMgEEo.roa (raw, json)
Hash identifier: 8nK1KDctbyjadkySvmdLv0JCMPOzSxuChYH79evajq8=
Subject key identifier: 63:2D:CF:FD:E2:DE:A4:F1:FD:EE:CC:7B:B8:6F:FE:4E:13:20:10:4A
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 0194266C256450AA1C788D6002CC0ED32DD2
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/Yy3P_eLepPH97sx7uG_-ThMgEEo.roa
Signing time: Thu 02 Jan 2025 09:50:09 +0000
ROA not before: Thu 02 Jan 2025 09:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60939
IP address blocks: 2a05:f300::/29 maxlen: 64
2a12:4b40::/29 maxlen: 64
2a13:c400::/29 maxlen: 64
2a13:c800::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:25:64:50:aa:1c:78:8d:60:02:cc:0e:d3:2d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 09:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=632dcffde2dea4f1fdeecc7bb86ffe4e1320104a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b3:2d:81:99:57:7a:2f:1b:b7:02:96:9b:16:
d9:40:a4:5a:4b:d3:76:0d:1c:75:fc:57:2f:b2:81:
22:0a:00:5a:b4:9a:73:58:63:9e:d4:fb:7e:e8:81:
4d:e6:8c:3c:37:b8:49:a2:ed:c7:8f:7a:2b:55:07:
54:bb:0c:b5:d0:68:9b:f8:24:6a:10:a2:ef:b3:7f:
46:13:6e:3b:f2:9b:c4:89:0a:46:8f:ec:51:ec:c8:
47:45:ba:07:72:33:ae:b4:03:12:7b:c9:6e:a4:c5:
fd:2a:91:71:e6:fe:a4:3f:5e:0e:9a:01:e7:90:7b:
e5:0d:70:c6:a4:72:d4:53:af:2a:b2:56:91:58:90:
4c:cf:56:47:5b:e4:2a:7f:fd:0f:36:f9:c1:25:bd:
23:9d:3e:9d:93:95:bb:c5:0a:ac:c7:05:48:2c:a5:
b7:55:59:33:73:33:a1:38:f3:e9:f8:bd:b7:bc:26:
1d:4d:23:be:52:39:c0:b6:b0:3e:5f:26:ec:70:f9:
59:b1:45:0a:b0:f5:e6:d0:bf:c5:28:19:b5:13:76:
36:c7:d8:a7:25:08:78:4e:cd:c5:63:1a:f8:2d:26:
09:d9:96:71:0c:61:fe:7b:75:35:ec:16:db:57:8c:
2c:c4:19:ac:74:39:16:a3:14:a0:01:76:54:8e:c1:
39:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:2D:CF:FD:E2:DE:A4:F1:FD:EE:CC:7B:B8:6F:FE:4E:13:20:10:4A
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/Yy3P_eLepPH97sx7uG_-ThMgEEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:f300::/29
2a12:4b40::/29
2a13:c400::/29
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
75:5a:9d:84:0d:7c:7c:40:be:33:16:f0:5a:53:f5:0b:3c:d6:
3a:a0:d2:5b:9a:87:0a:0a:47:30:91:cf:cd:f0:de:41:a2:af:
5a:d5:14:c6:df:4b:ab:f6:65:0b:98:34:72:27:88:74:b0:17:
0a:ad:5c:dd:f0:f0:66:a1:7e:e6:28:c2:ba:95:70:74:73:af:
d9:8d:01:93:f8:c9:cf:32:2e:fd:91:c8:96:f6:7d:62:d4:40:
a4:ec:7e:4f:9a:b2:65:a4:e3:f9:20:32:c7:65:0c:3d:b9:07:
22:e6:aa:6a:e9:e8:8d:53:eb:1e:b9:d5:55:6a:25:28:63:a6:
aa:f9:fb:91:0e:50:f3:f4:1a:33:da:4c:c1:37:dc:94:33:4c:
d4:86:5a:a9:ea:0c:27:07:8a:8f:13:55:ac:71:f5:95:ef:ea:
ff:01:b2:9c:ab:02:4d:5c:a1:c4:b5:c8:e2:08:d4:84:0b:e7:
af:f2:87:f2:cd:17:21:5a:bc:be:d3:b1:58:7d:ef:f4:19:f2:
e0:46:ff:b5:2b:c2:68:59:36:a9:93:b3:72:96:f1:85:3b:87:
7c:89:a6:f4:72:d6:5d:9d:9b:47:a8:8b:e5:7a:02:c8:ba:5a:
e2:75:f5:59:9d:40:2a:3b:52:7f:a9:20:08:17:ad:2b:fd:64:
0d:93:d9:3a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQmbCVkUKoceI1gAswO0y3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTAyMDk1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzJkY2ZmZGUyZGVhNGYxZmRlZWNjN2JiODZmZmU0ZTEzMjAxMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLMtgZlXei8btwKWmxbZQKRaS9N2
DRx1/FcvsoEiCgBatJpzWGOe1Pt+6IFN5ow8N7hJou3Hj3orVQdUuwy10Gib+CRq
EKLvs39GE2478pvEiQpGj+xR7MhHRboHcjOutAMSe8lupMX9KpFx5v6kP14OmgHn
kHvlDXDGpHLUU68qslaRWJBMz1ZHW+Qqf/0PNvnBJb0jnT6dk5W7xQqsxwVILKW3
VVkzczOhOPPp+L23vCYdTSO+UjnAtrA+XybscPlZsUUKsPXm0L/FKBm1E3Y2x9in
JQh4Ts3FYxr4LSYJ2ZZxDGH+e3U17BbbV4wsxBmsdDkWoxSgAXZUjsE57wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGMtz/3i3qTx/e7Me7hv/k4TIBBKMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvWXkzUF9lTGVwUEg5N3N4N3VHXy1UaE1nRUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgXzAAMF
AyoSS0ADBQMqE8QAAwUDKhPIADANBgkqhkiG9w0BAQsFAAOCAQEAdVqdhA18fEC+
MxbwWlP1CzzWOqDSW5qHCgpHMJHPzfDeQaKvWtUUxt9Lq/ZlC5g0cieIdLAXCq1c
3fDwZqF+5ijCupVwdHOv2Y0Bk/jJzzIu/ZHIlvZ9YtRApOx+T5qyZaTj+SAyx2UM
PbkHIuaqaunojVPrHrnVVWolKGOmqvn7kQ5Q8/QaM9pMwTfclDNM1IZaqeoMJweK
jxNVrHH1le/q/wGynKsCTVyhxLXI4gjUhAvnr/KH8s0XIVq8vtOxWH3v9Bny4Eb/
tSvCaFk2qZOzcpbxhTuHfImm9HLWXZ2bR6iL5XoCyLpa4nX1WZ1AKjtSf6kgCBet
K/1kDZPZOg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:34:46 2025 by rpki-client