Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/IYymNdWawqstgCP4XTcQ0LRxyO4.roa
File: IYymNdWawqstgCP4XTcQ0LRxyO4.roa (raw, json)
Hash identifier: zZeH4Zhf/0r9N1702in9DCWq7U55L0ULISwTrHj2H68=
Subject key identifier: 21:8C:A6:35:D5:9A:C2:AB:2D:80:23:F8:5D:37:10:D0:B4:71:C8:EE
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 019421B1C46A3AAACB6EFEDEFA64F77F979C
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/IYymNdWawqstgCP4XTcQ0LRxyO4.roa
Signing time: Wed 01 Jan 2025 11:48:05 +0000
ROA not before: Wed 01 Jan 2025 11:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29216
IP address blocks: 2001:7fe::/32 maxlen: 32
2001:7fe::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c4:6a:3a:aa:cb:6e:fe:de:fa:64:f7:7f:97:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=218ca635d59ac2ab2d8023f85d3710d0b471c8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:67:2a:c3:48:f5:30:27:6a:40:4b:ff:75:6a:
cb:38:06:56:15:99:bd:a4:23:38:5b:4c:c9:56:f5:
ba:a9:c8:d8:cc:05:f2:6d:d0:c9:07:42:aa:fa:64:
a1:87:65:87:ee:14:7e:47:43:a4:90:b2:0a:5c:43:
a9:89:79:a8:d1:ad:63:40:b1:43:36:10:27:f1:ae:
42:25:52:6a:78:74:dd:e1:28:d5:b4:e3:d4:7c:4b:
dc:c0:0e:78:b5:bd:1b:2e:89:83:2c:94:4f:23:74:
b5:25:75:93:13:21:b5:1c:92:48:b6:9f:58:78:8b:
69:cf:39:64:7d:57:ec:74:2e:0f:19:12:1f:ad:89:
8a:e1:03:93:9a:6c:e3:26:d9:ce:0a:e9:c5:b8:d0:
5f:15:94:e2:07:28:10:c2:06:10:db:b1:e3:83:7b:
e2:94:1b:83:e9:30:b5:f8:fa:ad:22:d1:bf:f6:f5:
3f:d8:01:c8:1d:bd:de:8e:21:1b:9f:39:ac:8d:31:
ac:15:32:94:f7:07:27:df:02:2c:bf:57:b2:0b:cc:
85:ae:0b:1f:32:fb:e0:ef:90:38:65:5c:45:bf:36:
da:c3:6c:e6:11:3b:e7:8a:82:dc:d5:7c:61:72:e1:
7e:e9:e8:eb:fa:c4:90:b9:f5:f0:ce:7e:02:8c:03:
b4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8C:A6:35:D5:9A:C2:AB:2D:80:23:F8:5D:37:10:D0:B4:71:C8:EE
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/IYymNdWawqstgCP4XTcQ0LRxyO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:7fe::/32
Signature Algorithm: sha256WithRSAEncryption
44:4d:aa:08:ea:8a:e0:f9:66:55:c7:06:76:67:95:1f:4a:87:
87:c6:df:b8:4e:f7:ac:57:da:5a:00:e5:32:64:32:85:7f:90:
37:b3:25:09:37:1e:5f:76:5a:dc:95:67:4a:04:af:a6:66:e2:
9b:82:9e:28:f8:14:62:1c:33:e0:fe:0c:63:10:fc:7d:de:d7:
e5:12:25:3a:d9:6c:06:0d:2f:14:95:d5:09:36:f2:91:fb:a5:
8d:4f:b5:eb:ff:0b:69:a9:80:48:69:9e:96:c8:7d:52:0f:fd:
d0:00:73:21:42:ed:fc:b9:c1:e2:e0:b6:f8:a7:a6:fa:bd:75:
fa:24:1d:83:75:7a:09:e5:00:e5:1e:59:6d:83:8d:3d:4f:cc:
12:82:c1:3c:4d:4e:b2:fb:a2:28:22:bd:b8:4c:a2:89:a7:ef:
a7:23:1c:44:c2:0c:f0:82:f0:8f:3a:6f:cd:0a:39:69:23:f3:
e2:9b:38:cf:ac:f5:de:4b:a2:d1:0d:42:18:05:68:ef:83:c5:
c7:6a:55:5d:fa:8d:64:3f:f8:7d:3a:ed:88:71:11:6c:c8:e8:
ed:66:eb:b7:92:8f:bd:51:14:64:93:49:18:13:af:fb:3f:6f:
81:99:61:43:2e:f8:99:39:31:7c:38:dd:73:5e:d2:f9:69:9b:
14:c6:0f:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhscRqOqrLbv7e+mT3f5ecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThjYTYzNWQ1OWFjMmFiMmQ4MDIzZjg1ZDM3MTBkMGI0NzFjOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2cqw0j1MCdqQEv/dWrLOAZWFZm9
pCM4W0zJVvW6qcjYzAXybdDJB0Kq+mShh2WH7hR+R0OkkLIKXEOpiXmo0a1jQLFD
NhAn8a5CJVJqeHTd4SjVtOPUfEvcwA54tb0bLomDLJRPI3S1JXWTEyG1HJJItp9Y
eItpzzlkfVfsdC4PGRIfrYmK4QOTmmzjJtnOCunFuNBfFZTiBygQwgYQ27Hjg3vi
lBuD6TC1+PqtItG/9vU/2AHIHb3ejiEbnzmsjTGsFTKU9wcn3wIsv1eyC8yFrgsf
Mvvg75A4ZVxFvzbaw2zmETvnioLc1XxhcuF+6ejr+sSQufXwzn4CjAO0oQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCGMpjXVmsKrLYAj+F03ENC0ccjuMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvSVl5bU5kV2F3cXN0Z0NQNFhUY1EwTFJ4eU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAEH/jAN
BgkqhkiG9w0BAQsFAAOCAQEARE2qCOqK4PlmVccGdmeVH0qHh8bfuE73rFfaWgDl
MmQyhX+QN7MlCTceX3Za3JVnSgSvpmbim4KeKPgUYhwz4P4MYxD8fd7X5RIlOtls
Bg0vFJXVCTbykfuljU+16/8LaamASGmelsh9Ug/90ABzIULt/LnB4uC2+Kem+r11
+iQdg3V6CeUA5R5ZbYONPU/MEoLBPE1OsvuiKCK9uEyiiafvpyMcRMIM8ILwjzpv
zQo5aSPz4ps4z6z13kui0Q1CGAVo74PFx2pVXfqNZD/4fTrtiHERbMjo7Wbrt5KP
vVEUZJNJGBOv+z9vgZlhQy74mTkxfDjdc17S+WmbFMYPHg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:28:53 2025 by rpki-client