Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/n6Wyt3faNKWbYMKkn5PEP-ye3uo.roa
File: n6Wyt3faNKWbYMKkn5PEP-ye3uo.roa (raw, json)
Hash identifier: dY4BYFMUjOYkYHFpRXEolqHG+4jJetToXOTWdXYn9Ao=
Subject key identifier: 9F:A5:B2:B7:77:DA:34:A5:9B:60:C2:A4:9F:93:C4:3F:EC:9E:DE:EA
Certificate issuer: /CN=021b3ea35edfdd138c15506d74a76022dd37694b
Certificate serial: 019427B5C3EC053F762F45B51748F2C9D94A
Authority key identifier: 02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/n6Wyt3faNKWbYMKkn5PEP-ye3uo.roa
Signing time: Thu 02 Jan 2025 15:50:10 +0000
ROA not before: Thu 02 Jan 2025 15:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204680
IP address blocks: 192.67.189.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c3:ec:05:3f:76:2f:45:b5:17:48:f2:c9:d9:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=021b3ea35edfdd138c15506d74a76022dd37694b
Validity
Not Before: Jan 2 15:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fa5b2b777da34a59b60c2a49f93c43fec9edeea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:59:59:b7:18:77:cf:02:e3:f0:92:4b:19:
d1:d5:d6:54:c8:3f:dc:98:01:64:10:be:6b:6d:cf:
ac:0b:db:c9:b0:a3:a4:df:75:77:16:1f:31:9a:04:
a8:13:3b:e8:70:a8:6a:83:3a:19:f7:9b:6a:9f:61:
cd:4e:22:cb:fb:43:67:cf:1b:a4:3a:02:6a:a0:99:
6a:50:11:e6:43:47:e1:ef:79:81:00:66:84:4f:7e:
fb:e5:87:f1:41:5a:f1:6c:22:67:79:54:26:83:20:
3b:47:eb:59:1f:31:ba:c5:a8:e9:7b:eb:b2:53:25:
59:27:13:16:a4:9c:6f:12:cf:e2:2c:e4:74:98:b0:
f2:50:b5:fb:38:27:26:f1:ae:f8:00:82:c0:02:09:
82:6f:2c:0b:a8:71:0e:4c:9e:51:08:03:55:1e:36:
8b:aa:21:45:a9:1e:eb:00:31:bb:0b:11:a6:ab:64:
2e:01:e9:e9:38:b3:69:e4:e1:2f:4a:6e:b5:dc:c7:
5c:7b:3b:66:00:a7:53:66:09:c4:85:58:d8:d8:df:
0b:56:68:bf:95:5a:a2:95:ec:ba:0b:e9:0b:34:a0:
d5:9f:2a:2c:d2:61:a5:5b:9e:0e:4b:bc:06:fc:fb:
ed:3f:b9:4d:52:47:17:94:c7:0f:90:97:e6:60:f8:
bb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A5:B2:B7:77:DA:34:A5:9B:60:C2:A4:9F:93:C4:3F:EC:9E:DE:EA
X509v3 Authority Key Identifier:
keyid:02:1B:3E:A3:5E:DF:DD:13:8C:15:50:6D:74:A7:60:22:DD:37:69:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ahs-o17f3ROMFVBtdKdgIt03aUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/n6Wyt3faNKWbYMKkn5PEP-ye3uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f89b64-87b7-48f4-8b60-c3204bde7773/1/Ahs-o17f3ROMFVBtdKdgIt03aUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.67.189.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:48:93:e4:1f:f3:e8:49:ef:c9:aa:2c:2d:df:8f:0b:bf:62:
65:b5:ba:46:28:17:6e:5e:f0:a4:6d:49:0a:95:61:e4:df:67:
0b:70:5c:c4:b0:5f:c5:14:03:c0:0b:52:43:e7:4f:ff:e8:00:
39:f6:3d:f3:b3:7f:04:0d:e3:c4:14:31:87:ca:5f:aa:64:49:
76:7c:c3:2f:00:1e:39:ce:23:42:e1:5c:c2:5a:b8:e6:d0:8a:
fd:a2:c4:19:51:7d:37:71:3e:40:c4:3d:ca:75:65:06:fe:a0:
9b:13:36:36:f3:8f:3e:c0:dc:95:ee:88:ba:10:c0:b9:96:92:
1c:f0:1f:fc:85:53:82:e2:40:da:a4:69:2c:d3:d1:8c:90:12:
0b:0a:08:8e:a7:f4:ea:98:76:6c:d0:4e:ff:d5:46:be:c0:ae:
e6:19:76:98:22:1a:ce:ca:8c:a8:b6:1d:5a:4f:f8:0d:90:41:
44:b5:da:ad:bb:e9:a3:39:1d:40:30:12:f1:fc:b7:11:60:f5:
c1:1f:18:ea:2c:71:3b:a8:54:48:9a:67:72:99:0a:ee:83:b6:
1d:bd:28:a6:81:f0:8e:06:26:0b:d2:75:3e:20:2d:89:e3:48:
e0:a3:42:fd:b7:8d:9d:36:64:d6:78:3d:a7:e5:dc:e3:69:5f:
8e:b1:31:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntcPsBT92L0W1F0jyydlKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMWIzZWEzNWVkZmRkMTM4YzE1NTA2ZDc0YTc2MDIyZGQz
NzY5NGIwHhcNMjUwMTAyMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmE1YjJiNzc3ZGEzNGE1OWI2MGMyYTQ5ZjkzYzQzZmVjOWVkZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9VZWbcYd88C4/CSSxnR1dZUyD/c
mAFkEL5rbc+sC9vJsKOk33V3Fh8xmgSoEzvocKhqgzoZ95tqn2HNTiLL+0Nnzxuk
OgJqoJlqUBHmQ0fh73mBAGaET3775YfxQVrxbCJneVQmgyA7R+tZHzG6xajpe+uy
UyVZJxMWpJxvEs/iLOR0mLDyULX7OCcm8a74AILAAgmCbywLqHEOTJ5RCANVHjaL
qiFFqR7rADG7CxGmq2QuAenpOLNp5OEvSm613MdceztmAKdTZgnEhVjY2N8LVmi/
lVqiley6C+kLNKDVnyos0mGlW54OS7wG/PvtP7lNUkcXlMcPkJfmYPi7wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+lsrd32jSlm2DCpJ+TxD/snt7qMB8GA1UdIwQY
MBaAFAIbPqNe390TjBVQbXSnYCLdN2lLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAt
YzMyMDRiZGU3NzczLzEvbjZXeXQzZmFOS1diWU1La241UEVQLXllM3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mODliNjQtODdiNy00OGY0LThiNjAtYzMyMDRiZGU3Nzcz
LzEvQWhzLW8xN2YzUk9NRlZCdGRLZGdJdDAzYVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEO9MA0G
CSqGSIb3DQEBCwUAA4IBAQA8SJPkH/PoSe/Jqiwt348Lv2JltbpGKBduXvCkbUkK
lWHk32cLcFzEsF/FFAPAC1JD50//6AA59j3zs38EDePEFDGHyl+qZEl2fMMvAB45
ziNC4VzCWrjm0Ir9osQZUX03cT5AxD3KdWUG/qCbEzY2848+wNyV7oi6EMC5lpIc
8B/8hVOC4kDapGks09GMkBILCgiOp/TqmHZs0E7/1Ua+wK7mGXaYIhrOyoyoth1a
T/gNkEFEtdqtu+mjOR1AMBLx/LcRYPXBHxjqLHE7qFRImmdymQrug7YdvSimgfCO
BiYL0nU+IC2J40jgo0L9t42dNmTWeD2n5dzjaV+OsTH0
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:34:13 2025 by rpki-client