Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/YryU8ed-CWdvi9wNt2CzCkr5goY.roa
File: YryU8ed-CWdvi9wNt2CzCkr5goY.roa (raw, json)
Hash identifier: b+QiHdYw+NGfYrD1L0v4i1uFIX/gtkCIuFQRFLnePlU=
Subject key identifier: 62:BC:94:F1:E7:7E:09:67:6F:8B:DC:0D:B7:60:B3:0A:4A:F9:82:86
Certificate issuer: /CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Certificate serial: 019424453D483618990D1343447CDF198DCB
Authority key identifier: 2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/YryU8ed-CWdvi9wNt2CzCkr5goY.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4002
IP address blocks: 2a02:970:2006::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3d:48:36:18:99:0d:13:43:44:7c:df:19:8d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62bc94f1e77e09676f8bdc0db760b30a4af98286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b9:2e:f1:90:81:77:cc:31:1c:61:6e:81:93:
0e:63:a2:94:09:27:de:8d:3e:cd:a8:86:6c:bc:08:
bd:fe:59:3e:68:1b:88:f4:da:ea:16:c3:c3:08:32:
cc:2c:c6:c5:1a:14:90:74:a1:fe:d1:e6:2a:19:71:
c7:f3:4d:78:50:f3:b4:28:ff:62:d7:f8:19:1a:3c:
e5:c0:6b:ac:8d:73:c7:b8:a5:3c:ec:e5:06:ab:ed:
aa:fa:ca:d4:fa:17:2e:49:ce:1b:02:50:00:ae:23:
79:51:d0:c1:24:45:86:3c:7e:60:19:d8:35:08:73:
99:9d:36:fb:5b:9e:ff:ae:25:4a:b4:71:d6:0b:40:
d5:d3:a0:49:a0:e0:49:54:d1:cd:88:78:99:54:04:
cb:1a:1b:2b:3b:17:69:4a:65:a5:96:0f:5d:ef:a6:
98:15:3e:7d:4c:a0:1b:16:d2:4a:75:7e:e8:c4:06:
b7:82:1c:24:54:ba:4d:ea:3d:e3:75:15:0a:30:fe:
57:61:58:5f:18:9d:63:e2:b1:b4:3f:a7:44:1d:37:
ba:8b:6a:e1:41:2d:dd:32:cd:e4:a0:ec:7e:a8:d6:
44:08:9f:93:1b:04:03:a9:49:84:4d:f3:85:33:8c:
10:f6:a4:67:45:90:70:6b:92:30:80:62:11:65:6f:
e3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:BC:94:F1:E7:7E:09:67:6F:8B:DC:0D:B7:60:B3:0A:4A:F9:82:86
X509v3 Authority Key Identifier:
keyid:2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/YryU8ed-CWdvi9wNt2CzCkr5goY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/LwNC4NI-9-BrHf9cxu5PoXr4vZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:970:2006::/48
Signature Algorithm: sha256WithRSAEncryption
22:5b:1d:de:59:22:9d:8a:b7:99:d4:12:96:93:02:26:8f:da:
fb:c8:88:4c:78:0a:f1:b7:92:c7:46:e6:ea:6d:50:6f:dd:a0:
39:d1:99:aa:f0:38:73:5b:e3:e5:1e:b9:50:9b:76:7a:2b:f0:
49:aa:4b:d4:16:ae:5d:3f:2c:05:8a:f5:e9:e6:3e:10:bd:2e:
a8:3e:ab:fc:13:1e:ae:ea:39:65:5d:5a:13:5b:04:0a:88:0d:
36:55:40:dd:bd:0b:b9:5b:ab:a6:9d:79:b3:ef:bc:48:e8:46:
46:45:98:a8:69:b4:00:38:dc:36:77:ea:67:f0:f2:ba:65:d6:
3f:bb:1a:cb:08:17:0d:cd:ce:b7:3c:25:e8:46:27:f5:e0:2f:
bd:b6:57:8a:c0:40:15:47:9c:3d:c7:81:98:bb:bb:72:d5:ff:
3c:bf:1d:fe:d9:54:ce:00:7f:2c:47:61:89:f4:9f:de:77:63:
ac:0d:a0:0c:fc:0d:50:96:48:ee:e6:ff:1b:b8:74:46:3b:38:
8c:4c:fb:b9:cb:be:b2:4e:90:39:a8:b9:d3:52:54:97:7a:e7:
c1:12:67:ca:e2:f0:02:9b:71:9e:15:a8:0f:59:10:85:33:9e:
70:3c:73:a4:9f:33:63:8b:ac:d5:92:e1:5b:da:c5:cd:e0:72:
d0:b6:34:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQkRT1INhiZDRNDRHzfGY3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMDM0MmUwZDIzZWY3ZTA2YjFkZmY1Y2M2ZWU0ZmExN2Fm
OGJkOTgwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmJjOTRmMWU3N2UwOTY3NmY4YmRjMGRiNzYwYjMwYTRhZjk4Mjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbku8ZCBd8wxHGFugZMOY6KUCSfe
jT7NqIZsvAi9/lk+aBuI9NrqFsPDCDLMLMbFGhSQdKH+0eYqGXHH8014UPO0KP9i
1/gZGjzlwGusjXPHuKU87OUGq+2q+srU+hcuSc4bAlAAriN5UdDBJEWGPH5gGdg1
CHOZnTb7W57/riVKtHHWC0DV06BJoOBJVNHNiHiZVATLGhsrOxdpSmWllg9d76aY
FT59TKAbFtJKdX7oxAa3ghwkVLpN6j3jdRUKMP5XYVhfGJ1j4rG0P6dEHTe6i2rh
QS3dMs3koOx+qNZECJ+TGwQDqUmETfOFM4wQ9qRnRZBwa5IwgGIRZW/jkwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGK8lPHnfglnb4vcDbdgswpK+YKGMB8GA1UdIwQY
MBaAFC8DQuDSPvfgax3/XMbuT6F6+L2YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2Mt
YzkxMGFmOTNlNDI2LzEvWXJ5VThlZC1DV2R2aTl3TnQyQ3pDa3I1Z29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9kMWZkNDgtOTE2Yi00ZDgzLTk2Y2MtYzkxMGFmOTNlNDI2
LzEvTHdOQzROSS05LUJySGY5Y3h1NVBvWHI0dlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIJcCAG
MA0GCSqGSIb3DQEBCwUAA4IBAQAiWx3eWSKdireZ1BKWkwImj9r7yIhMeArxt5LH
RubqbVBv3aA50Zmq8DhzW+PlHrlQm3Z6K/BJqkvUFq5dPywFivXp5j4QvS6oPqv8
Ex6u6jllXVoTWwQKiA02VUDdvQu5W6umnXmz77xI6EZGRZioabQAONw2d+pn8PK6
ZdY/uxrLCBcNzc63PCXoRif14C+9tleKwEAVR5w9x4GYu7ty1f88vx3+2VTOAH8s
R2GJ9J/ed2OsDaAM/A1Qlkju5v8buHRGOziMTPu5y76yTpA5qLnTUlSXeufBEmfK
4vACm3GeFagPWRCFM55wPHOknzNji6zVkuFb2sXN4HLQtjQO
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:02:39 2025 by rpki-client