Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/SYmYEPxKLxZh6c3-MXblu3M5Kdk.roa
File: SYmYEPxKLxZh6c3-MXblu3M5Kdk.roa (raw, json)
Hash identifier: uMOvwdNxylFgJ11y31h0VRFk89Sfs25xLoK9OyLbapc=
Subject key identifier: 49:89:98:10:FC:4A:2F:16:61:E9:CD:FE:31:76:E5:BB:73:39:29:D9
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 0194266B66174B3366A489D99EDB53439014
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/SYmYEPxKLxZh6c3-MXblu3M5Kdk.roa
Signing time: Thu 02 Jan 2025 09:49:20 +0000
ROA not before: Thu 02 Jan 2025 09:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210712
IP address blocks: 2a02:17a0::/30 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:66:17:4b:33:66:a4:89:d9:9e:db:53:43:90:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 09:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49899810fc4a2f1661e9cdfe3176e5bb733929d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:94:1c:4c:2d:1f:94:95:9e:88:a0:dd:46:f4:
8e:e8:ba:9a:7a:4a:df:1c:94:6d:91:cc:6f:68:71:
ae:dc:5b:1f:e1:0e:c9:5a:28:96:d0:57:3a:3f:47:
63:f6:67:44:aa:f6:46:3c:24:47:71:7a:ff:94:8f:
c5:ef:51:cb:40:be:4b:98:f2:14:2c:d1:04:75:2d:
d7:e9:de:1a:ed:6a:d4:72:74:ce:1a:7b:a0:cd:6f:
85:3f:64:b5:29:2b:db:c1:6d:2a:83:dc:f3:07:0c:
ee:4a:74:ba:30:39:d0:ec:e7:9e:8b:25:3d:01:81:
72:e8:24:cb:2b:3a:4f:9d:8e:60:2a:74:ca:a8:44:
83:eb:57:36:02:8d:30:39:d1:af:87:f8:35:7d:c9:
ae:f8:7c:00:83:97:46:34:af:8a:87:46:8f:d3:a0:
8f:e4:4d:79:d7:f0:c4:82:a3:e1:00:d3:16:90:bf:
61:15:a8:d8:4f:9d:c0:0f:ee:64:e0:cb:a7:ca:b8:
b5:72:9b:ec:3d:d2:24:76:a3:03:f6:04:8c:2d:4a:
15:62:d9:dc:8b:b0:5a:1c:55:60:c2:3e:ad:77:f1:
60:6e:4c:95:98:95:8c:8d:50:21:d7:fe:24:1d:f3:
ee:87:2d:73:b2:d5:20:21:60:43:15:42:99:c5:6b:
0b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:89:98:10:FC:4A:2F:16:61:E9:CD:FE:31:76:E5:BB:73:39:29:D9
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/SYmYEPxKLxZh6c3-MXblu3M5Kdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:17a0::/30
Signature Algorithm: sha256WithRSAEncryption
2c:d7:bf:f1:01:0c:f2:59:d5:4e:0f:aa:46:52:18:ee:a4:07:
c3:22:0a:79:e4:0d:74:c8:85:e7:b1:9e:2b:6a:b8:fa:36:79:
2e:0c:33:04:0a:f9:77:c6:79:0b:c9:64:e1:11:b2:b1:e0:0e:
f0:76:5b:cf:27:5c:85:e8:39:3e:57:dd:84:3a:84:89:2b:8b:
d3:1e:06:f1:fc:99:67:89:6a:fb:ad:44:74:2b:bf:34:c2:6f:
f4:33:33:c4:04:63:96:b4:34:f9:89:b6:9b:b0:08:31:32:03:
c2:ea:e4:b5:ae:5e:34:70:bb:af:ae:2e:c6:2d:3c:e0:b6:49:
78:9e:11:b2:a3:cb:81:a3:25:cc:d6:69:2e:36:65:d4:9e:4d:
40:ca:20:dc:3e:68:0e:b5:78:3a:3e:d7:58:ac:5d:57:86:2e:
1c:80:c6:0b:7c:e7:d1:f0:a5:27:28:ec:85:94:eb:7e:37:a3:
f5:81:ee:a9:49:05:20:32:d9:46:a7:25:93:29:80:ba:24:ab:
4b:66:fc:33:ce:fd:c9:7f:79:91:48:30:6a:44:77:1f:de:50:
db:26:4c:78:ec:b4:ca:8e:16:fa:f2:03:29:74:58:b3:25:f4:
d7:57:9f:01:e4:72:96:9d:af:ee:42:15:a1:56:10:95:10:5a:
31:1f:3a:47
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQma2YXSzNmpInZnttTQ5AUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjUwMTAyMDk0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTg5OTgxMGZjNGEyZjE2NjFlOWNkZmUzMTc2ZTViYjczMzkyOWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZQcTC0flJWeiKDdRvSO6Lqaekrf
HJRtkcxvaHGu3Fsf4Q7JWiiW0Fc6P0dj9mdEqvZGPCRHcXr/lI/F71HLQL5LmPIU
LNEEdS3X6d4a7WrUcnTOGnugzW+FP2S1KSvbwW0qg9zzBwzuSnS6MDnQ7OeeiyU9
AYFy6CTLKzpPnY5gKnTKqESD61c2Ao0wOdGvh/g1fcmu+HwAg5dGNK+Kh0aP06CP
5E151/DEgqPhANMWkL9hFajYT53AD+5k4Munyri1cpvsPdIkdqMD9gSMLUoVYtnc
i7BaHFVgwj6td/FgbkyVmJWMjVAh1/4kHfPuhy1zstUgIWBDFUKZxWsLwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEmJmBD8Si8WYenN/jF25btzOSnZMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvU1ltWUVQeEtMeFpoNmMzLU1YYmx1M001S2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKgIXoDAN
BgkqhkiG9w0BAQsFAAOCAQEALNe/8QEM8lnVTg+qRlIY7qQHwyIKeeQNdMiF57Ge
K2q4+jZ5LgwzBAr5d8Z5C8lk4RGyseAO8HZbzydcheg5PlfdhDqEiSuL0x4G8fyZ
Z4lq+61EdCu/NMJv9DMzxARjlrQ0+Ym2m7AIMTIDwurkta5eNHC7r64uxi084LZJ
eJ4RsqPLgaMlzNZpLjZl1J5NQMog3D5oDrV4Oj7XWKxdV4YuHIDGC3zn0fClJyjs
hZTrfjej9YHuqUkFIDLZRqclkymAuiSrS2b8M879yX95kUgwakR3H95Q2yZMeOy0
yo4W+vIDKXRYsyX011efAeRylp2v7kIVoVYQlRBaMR86Rw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:27:19 2025 by rpki-client