Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/TYsIS3O-zzJUM31FOE8V5LwUjck.roa
File: TYsIS3O-zzJUM31FOE8V5LwUjck.roa (raw, json)
Hash identifier: PgdOwzc5CsTmGlgxhk4B6gx5Y87krg/eEL18bNqE8Rk=
Subject key identifier: 4D:8B:08:4B:73:BE:CF:32:54:33:7D:45:38:4F:15:E4:BC:14:8D:C9
Certificate issuer: /CN=84abf0c981701aba97e4fcd0bed4e4cdb8692047
Certificate serial: 0194236A36F20A87A0696ED980ECB95B64BC
Authority key identifier: 84:AB:F0:C9:81:70:1A:BA:97:E4:FC:D0:BE:D4:E4:CD:B8:69:20:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKvwyYFwGrqX5PzQvtTkzbhpIEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/TYsIS3O-zzJUM31FOE8V5LwUjck.roa
Signing time: Wed 01 Jan 2025 19:49:10 +0000
ROA not before: Wed 01 Jan 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32482
IP address blocks: 2a0f:58c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:36:f2:0a:87:a0:69:6e:d9:80:ec:b9:5b:64:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84abf0c981701aba97e4fcd0bed4e4cdb8692047
Validity
Not Before: Jan 1 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d8b084b73becf3254337d45384f15e4bc148dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:5c:99:e8:32:3e:db:fe:62:98:69:30:d4:5b:
7f:e8:94:e1:13:87:a8:c8:35:68:f2:d0:9b:af:db:
90:a3:3b:5d:7d:26:0b:d8:73:e1:b5:d3:13:af:50:
79:52:34:25:fa:af:08:17:8b:0b:94:2c:6e:83:0c:
03:06:52:d4:93:ad:a0:7f:1d:2e:38:c0:90:37:5c:
8e:b1:27:12:ea:3c:87:bc:b0:f8:ce:ed:74:a9:cd:
b1:a0:96:6b:83:3f:b9:4b:29:d9:c2:0c:8f:35:e9:
73:26:54:ed:27:71:20:bc:c3:b1:0f:0d:ff:77:d4:
7d:3b:74:e5:d4:1c:7e:33:97:0b:2f:11:76:30:16:
ef:ea:04:2a:48:c9:8b:9f:92:2a:c8:de:d2:90:f8:
a3:ab:0c:c2:68:fe:bc:03:be:23:ab:dd:74:de:d4:
6a:89:1a:4f:e3:c6:ad:80:d9:a5:ee:ce:74:31:14:
6b:84:39:a2:1a:11:c5:77:af:79:77:1f:35:c0:50:
39:14:76:16:56:f2:5c:a5:0e:36:17:39:ee:38:e0:
d2:4b:79:28:37:d1:ad:be:e7:48:22:6e:a0:92:84:
9a:59:b2:e6:0a:bf:e2:bb:6a:07:83:98:10:c2:08:
dc:1d:db:aa:3c:7b:aa:f3:c0:f9:77:6a:8c:44:c7:
22:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8B:08:4B:73:BE:CF:32:54:33:7D:45:38:4F:15:E4:BC:14:8D:C9
X509v3 Authority Key Identifier:
keyid:84:AB:F0:C9:81:70:1A:BA:97:E4:FC:D0:BE:D4:E4:CD:B8:69:20:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKvwyYFwGrqX5PzQvtTkzbhpIEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/TYsIS3O-zzJUM31FOE8V5LwUjck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9952c8-2d40-41e2-ba70-61bc7ecc485c/1/hKvwyYFwGrqX5PzQvtTkzbhpIEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:58c0::/32
Signature Algorithm: sha256WithRSAEncryption
96:fa:75:75:61:50:8f:c9:26:84:55:2c:f4:0b:8b:16:6d:29:
73:2e:60:50:ab:7e:7e:f2:67:55:7a:ee:53:de:ae:a0:30:e5:
10:48:e6:c5:a2:bc:c1:9e:c3:40:b2:c6:2f:9b:7e:90:80:c0:
e5:91:48:67:dc:69:42:68:44:54:44:f4:c0:be:08:12:48:54:
62:18:f5:80:2a:f0:ea:36:2c:a2:4b:26:55:b2:ba:70:27:4e:
df:e3:94:de:46:de:eb:e6:a3:4a:55:c2:ae:91:ea:1a:87:84:
83:8d:71:54:73:41:3d:31:4a:86:b4:c5:0c:d6:2e:4d:1a:a6:
c6:d6:23:48:97:df:ce:5c:20:ab:2d:b6:bf:6c:0e:f6:af:82:
0b:e1:94:3d:df:68:40:80:1f:73:0f:50:f1:bc:21:f1:d7:13:
15:2e:20:58:27:f7:bf:31:d1:b9:ad:8c:32:34:e8:ce:6b:be:
70:ec:05:1e:be:7e:58:40:f7:af:46:58:04:21:43:f5:45:83:
8c:e8:99:b9:ca:c1:ec:33:f3:1c:b1:8b:cc:a6:e1:9d:b2:96:
a5:43:95:1b:58:9c:06:da:c3:87:fc:70:ff:b2:75:06:6c:97:
c3:40:4f:05:69:a6:ea:f1:e0:1a:08:96:2a:de:e8:2c:49:d2:
f3:2e:31:10
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjajbyCoegaW7ZgOy5W2S8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YWJmMGM5ODE3MDFhYmE5N2U0ZmNkMGJlZDRlNGNkYjg2
OTIwNDcwHhcNMjUwMTAxMTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDhiMDg0YjczYmVjZjMyNTQzMzdkNDUzODRmMTVlNGJjMTQ4ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglyZ6DI+2/5imGkw1Ft/6JThE4eo
yDVo8tCbr9uQoztdfSYL2HPhtdMTr1B5UjQl+q8IF4sLlCxugwwDBlLUk62gfx0u
OMCQN1yOsScS6jyHvLD4zu10qc2xoJZrgz+5SynZwgyPNelzJlTtJ3EgvMOxDw3/
d9R9O3Tl1Bx+M5cLLxF2MBbv6gQqSMmLn5IqyN7SkPijqwzCaP68A74jq9103tRq
iRpP48atgNml7s50MRRrhDmiGhHFd695dx81wFA5FHYWVvJcpQ42FznuOODSS3ko
N9GtvudIIm6gkoSaWbLmCr/iu2oHg5gQwgjcHduqPHuq88D5d2qMRMci0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE2LCEtzvs8yVDN9RThPFeS8FI3JMB8GA1UdIwQY
MBaAFISr8MmBcBq6l+T80L7U5M24aSBHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEt2d3lZRndHcnFYNVB6UXZ0VGt6YmhwSUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85OTUyYzgtMmQ0MC00MWUyLWJhNzAt
NjFiYzdlY2M0ODVjLzEvVFlzSVMzTy16ekpVTTMxRk9FOFY1THdVamNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85OTUyYzgtMmQ0MC00MWUyLWJhNzAtNjFiYzdlY2M0ODVj
LzEvaEt2d3lZRndHcnFYNVB6UXZ0VGt6YmhwSUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9YwDAN
BgkqhkiG9w0BAQsFAAOCAQEAlvp1dWFQj8kmhFUs9AuLFm0pcy5gUKt+fvJnVXru
U96uoDDlEEjmxaK8wZ7DQLLGL5t+kIDA5ZFIZ9xpQmhEVET0wL4IEkhUYhj1gCrw
6jYsoksmVbK6cCdO3+OU3kbe6+ajSlXCrpHqGoeEg41xVHNBPTFKhrTFDNYuTRqm
xtYjSJffzlwgqy22v2wO9q+CC+GUPd9oQIAfcw9Q8bwh8dcTFS4gWCf3vzHRua2M
MjTozmu+cOwFHr5+WED3r0ZYBCFD9UWDjOiZucrB7DPzHLGLzKbhnbKWpUOVG1ic
BtrDh/xw/7J1BmyXw0BPBWmm6vHgGgiWKt7oLEnS8y4xEA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:41:28 2025 by rpki-client