Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/ysJIpB4l74nPHUw_L6jIVjFmAEo.roa
File: ysJIpB4l74nPHUw_L6jIVjFmAEo.roa (raw, json)
Hash identifier: keknKfYJUcOWnQDb9GHMfNuDlkhBJBxvlbHOR/QYMiA=
Subject key identifier: CA:C2:48:A4:1E:25:EF:89:CF:1D:4C:3F:2F:A8:C8:56:31:66:00:4A
Certificate issuer: /CN=90c8d07022ce502da1365e573b8c3b1484df1e87
Certificate serial: 019421B1C24FCCCA51E509F01228844D3CE9
Authority key identifier: 90:C8:D0:70:22:CE:50:2D:A1:36:5E:57:3B:8C:3B:14:84:DF:1E:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMjQcCLOUC2hNl5XO4w7FITfHoc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/ysJIpB4l74nPHUw_L6jIVjFmAEo.roa
Signing time: Wed 01 Jan 2025 11:48:05 +0000
ROA not before: Wed 01 Jan 2025 11:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205227
IP address blocks: 2a06:e940::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c2:4f:cc:ca:51:e5:09:f0:12:28:84:4d:3c:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90c8d07022ce502da1365e573b8c3b1484df1e87
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cac248a41e25ef89cf1d4c3f2fa8c8563166004a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:60:89:fb:99:31:1f:33:52:2a:cc:3e:95:7d:
d3:1c:19:0b:e3:eb:5b:0c:a1:5f:0d:34:3d:60:74:
32:48:da:68:49:ac:e4:86:5b:6c:3e:e9:c9:fe:f5:
77:ce:ff:08:da:95:ae:f2:48:78:e9:8a:cb:6f:9f:
e2:58:81:90:e7:26:2c:c8:eb:db:89:aa:5c:31:70:
46:59:86:31:d4:37:91:de:09:36:7d:10:ab:95:39:
40:ad:e8:85:9c:c9:a0:17:65:ec:45:43:0a:c9:d8:
46:86:3e:4b:9d:22:84:e2:e4:fe:00:4c:9c:57:7d:
31:6d:4e:a4:3b:fa:42:50:28:3a:2b:0a:fd:e6:98:
aa:1d:53:3e:11:51:07:02:21:31:f6:b9:a1:94:2b:
b4:00:91:4e:70:88:cc:6f:5c:38:76:85:25:b9:3a:
8e:aa:e6:ce:64:05:c6:68:08:f2:70:96:c3:f9:a2:
66:54:68:01:0c:12:52:1b:c2:16:74:bc:43:a9:8f:
0b:26:24:51:42:c6:dd:90:c1:ea:c4:85:70:09:6c:
e9:20:33:96:62:18:3e:ce:29:a7:c4:2e:b6:04:20:
eb:19:e6:66:1c:5c:fd:97:42:b5:18:6a:87:67:1b:
0a:ea:2a:09:75:b9:81:67:0b:95:8b:ba:c7:d2:a1:
7c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C2:48:A4:1E:25:EF:89:CF:1D:4C:3F:2F:A8:C8:56:31:66:00:4A
X509v3 Authority Key Identifier:
keyid:90:C8:D0:70:22:CE:50:2D:A1:36:5E:57:3B:8C:3B:14:84:DF:1E:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMjQcCLOUC2hNl5XO4w7FITfHoc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/ysJIpB4l74nPHUw_L6jIVjFmAEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/2bde01-365c-4084-a7d6-9e9e4caf3175/1/kMjQcCLOUC2hNl5XO4w7FITfHoc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e940::/29
Signature Algorithm: sha256WithRSAEncryption
7a:f1:3a:d0:42:cc:10:99:1f:18:f5:72:10:08:b8:3d:8d:b3:
55:48:71:ca:c0:8a:56:61:7b:19:c6:63:5a:62:e7:0d:c2:04:
23:54:2b:13:48:80:a2:fe:9a:34:7a:61:b8:3f:5e:97:15:7e:
00:6b:14:61:9c:5d:e5:e5:d8:70:95:78:75:7e:31:9c:8d:0c:
f7:cd:29:85:33:b9:37:58:05:1d:75:1b:8e:92:4c:4f:8c:99:
c3:0b:c2:c0:3c:3e:55:ab:e5:30:68:64:a9:38:3a:26:86:f8:
76:0f:5d:e3:d4:0c:a7:a0:81:f9:cf:55:c3:6a:26:e4:73:4b:
8a:aa:38:ca:4a:5c:7b:20:9e:de:72:ee:07:ce:ba:4a:44:b8:
c8:77:92:fd:fa:80:6f:93:31:a6:de:31:ab:1c:7c:2a:2f:8d:
47:d4:a1:70:c1:4d:81:a5:d6:dd:55:e5:1e:29:7f:0f:3c:0f:
84:2f:32:eb:b3:0b:1c:e5:ff:65:4b:40:0e:e4:13:ff:84:a8:
d0:4f:4b:d6:97:f8:39:98:c9:86:1f:7b:a3:c2:d6:0e:fe:44:
64:3c:e5:6f:64:3d:60:dc:85:4e:b9:fe:85:43:2b:57:a9:44:
86:65:01:a1:46:4c:e1:6f:ea:5b:13:de:92:9d:4d:9b:ed:b4:
2d:73:88:6f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhscJPzMpR5QnwEiiETTzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYzhkMDcwMjJjZTUwMmRhMTM2NWU1NzNiOGMzYjE0ODRk
ZjFlODcwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMyNDhhNDFlMjVlZjg5Y2YxZDRjM2YyZmE4Yzg1NjMxNjYwMDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWCJ+5kxHzNSKsw+lX3THBkL4+tb
DKFfDTQ9YHQySNpoSazkhltsPunJ/vV3zv8I2pWu8kh46YrLb5/iWIGQ5yYsyOvb
iapcMXBGWYYx1DeR3gk2fRCrlTlAreiFnMmgF2XsRUMKydhGhj5LnSKE4uT+AEyc
V30xbU6kO/pCUCg6Kwr95piqHVM+EVEHAiEx9rmhlCu0AJFOcIjMb1w4doUluTqO
qubOZAXGaAjycJbD+aJmVGgBDBJSG8IWdLxDqY8LJiRRQsbdkMHqxIVwCWzpIDOW
Yhg+zimnxC62BCDrGeZmHFz9l0K1GGqHZxsK6ioJdbmBZwuVi7rH0qF8mwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMrCSKQeJe+Jzx1MPy+oyFYxZgBKMB8GA1UdIwQY
MBaAFJDI0HAizlAtoTZeVzuMOxSE3x6HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva01qUWNDTE9VQzJoTmw1WE80dzdGSVRmSG9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8yYmRlMDEtMzY1Yy00MDg0LWE3ZDYt
OWU5ZTRjYWYzMTc1LzEveXNKSXBCNGw3NG5QSFV3X0w2aklWakZtQUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8yYmRlMDEtMzY1Yy00MDg0LWE3ZDYtOWU5ZTRjYWYzMTc1
LzEva01qUWNDTE9VQzJoTmw1WE80dzdGSVRmSG9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgbpQDAN
BgkqhkiG9w0BAQsFAAOCAQEAevE60ELMEJkfGPVyEAi4PY2zVUhxysCKVmF7GcZj
WmLnDcIEI1QrE0iAov6aNHphuD9elxV+AGsUYZxd5eXYcJV4dX4xnI0M980phTO5
N1gFHXUbjpJMT4yZwwvCwDw+VavlMGhkqTg6Job4dg9d49QMp6CB+c9Vw2om5HNL
iqo4ykpceyCe3nLuB866SkS4yHeS/fqAb5Mxpt4xqxx8Ki+NR9ShcMFNgaXW3VXl
Hil/DzwPhC8y67MLHOX/ZUtADuQT/4So0E9L1pf4OZjJhh97o8LWDv5EZDzlb2Q9
YNyFTrn+hUMrV6lEhmUBoUZM4W/qWxPekp1Nm+20LXOIbw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:02:07 2025 by rpki-client