Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/UrWexY2aR1F3kwypEE5HFx5g2hc.roa
File: UrWexY2aR1F3kwypEE5HFx5g2hc.roa (raw, json)
Hash identifier: C02c1yLfBRYzWyfI0rsLMB8p0SQVeeHyV21BcW1iNnU=
Subject key identifier: 52:B5:9E:C5:8D:9A:47:51:77:93:0C:A9:10:4E:47:17:1E:60:DA:17
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019513C21AA9C1E23C94C001012F3B255144
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/UrWexY2aR1F3kwypEE5HFx5g2hc.roa
Signing time: Mon 17 Feb 2025 11:54:02 +0000
ROA not before: Mon 17 Feb 2025 11:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:7f45::/32 maxlen: 32
2a11:2082::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:c2:1a:a9:c1:e2:3c:94:c0:01:01:2f:3b:25:51:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Feb 17 11:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52b59ec58d9a475177930ca9104e47171e60da17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a8:98:26:b4:b4:95:6e:90:70:83:33:26:f9:
0f:97:e4:92:36:e2:23:d1:3b:74:ab:53:fa:a5:3c:
19:c2:49:26:0b:2c:a4:61:ff:c2:39:23:82:64:3a:
c5:10:d8:a3:5a:57:2f:d2:cf:6d:dc:76:b0:61:5d:
79:7f:0e:3c:08:f9:01:66:49:80:37:df:5c:48:98:
fc:e5:ad:bd:cf:15:13:b3:4c:54:d5:68:19:ec:3b:
c5:15:c2:05:cc:9e:88:44:43:79:a0:13:aa:fc:98:
cc:6f:68:03:c8:9b:06:05:0f:45:de:8a:8a:9c:34:
a1:f1:cd:40:cc:64:50:1f:11:1b:d2:2a:47:8c:b2:
f0:9c:c4:ed:5d:5b:ab:d5:82:98:f7:97:88:da:7a:
5e:8a:46:d4:b4:5b:28:55:7c:46:94:5e:ed:23:25:
d3:02:a7:fb:5a:48:f3:a0:12:11:38:22:66:1e:56:
b7:68:01:e9:aa:8b:26:05:5b:c6:f5:f2:0c:18:5e:
7b:d3:4a:e1:26:5e:13:62:7e:82:c7:e5:ca:8d:b4:
58:82:5a:5d:c9:2b:84:89:db:b6:f0:c8:2d:ea:27:
26:b9:0a:2c:7f:03:4e:fe:58:b5:42:5d:63:01:fc:
37:73:cd:b4:82:29:35:1c:b5:0b:4d:50:df:ec:eb:
f1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B5:9E:C5:8D:9A:47:51:77:93:0C:A9:10:4E:47:17:1E:60:DA:17
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/UrWexY2aR1F3kwypEE5HFx5g2hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f45::/32
2a11:2082::/32
Signature Algorithm: sha256WithRSAEncryption
b9:ae:76:ea:4d:9d:d8:15:fb:f6:f9:c4:2e:c5:21:3c:6f:66:
f3:d1:ec:55:4d:c1:88:f5:30:93:ea:60:cb:36:ca:d5:2a:59:
ae:19:48:4a:5a:1f:6d:c2:9b:ec:7d:05:01:7b:b6:2b:80:31:
41:ea:83:b6:d8:0a:10:60:fd:1b:cd:e7:1f:30:f8:08:c4:57:
17:ba:7e:f8:5c:ca:cd:bb:74:e3:b8:bb:d3:07:fb:79:b6:de:
82:45:df:87:92:3f:a4:85:1b:e7:d6:ea:2d:c5:2f:c7:03:90:
24:df:e7:ef:65:9f:ad:3f:2e:10:a1:bd:cb:7f:90:1e:4a:48:
22:64:e6:5b:c4:97:b1:27:ea:e8:b6:e5:46:8f:42:17:5a:41:
d2:20:99:0a:31:67:09:0c:8f:7c:76:5f:35:1d:f2:4f:7a:5e:
c8:13:70:3a:1f:3d:b7:44:13:f8:8e:b3:81:18:bb:37:5b:40:
ac:52:ff:85:b6:ca:ee:07:a3:69:f2:01:b3:c8:47:05:49:c9:
57:c5:05:75:fb:66:a3:31:59:cf:0e:e4:f6:d0:fe:eb:82:3b:
36:6f:8e:cf:81:de:4f:ae:0a:15:5a:3c:07:5c:f4:cf:26:7d:
21:ca:ea:fe:cb:4b:8e:d6:ac:bb:b2:c1:0a:19:5e:5b:8a:ac:
ed:62:06:b8
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZUTwhqpweI8lMABAS87JVFEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMjE3MTE1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmI1OWVjNThkOWE0NzUxNzc5MzBjYTkxMDRlNDcxNzFlNjBkYTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aiYJrS0lW6QcIMzJvkPl+SSNuIj
0Tt0q1P6pTwZwkkmCyykYf/COSOCZDrFENijWlcv0s9t3HawYV15fw48CPkBZkmA
N99cSJj85a29zxUTs0xU1WgZ7DvFFcIFzJ6IREN5oBOq/JjMb2gDyJsGBQ9F3oqK
nDSh8c1AzGRQHxEb0ipHjLLwnMTtXVur1YKY95eI2npeikbUtFsoVXxGlF7tIyXT
Aqf7WkjzoBIROCJmHla3aAHpqosmBVvG9fIMGF5700rhJl4TYn6Cx+XKjbRYglpd
ySuEidu28Mgt6icmuQosfwNO/li1Ql1jAfw3c820gik1HLULTVDf7OvxBQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFK1nsWNmkdRd5MMqRBORxceYNoXMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvVXJXZXhZMmFSMUYza3d5cEVFNUhGeDVnMmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg5/RQMF
ACoRIIIwDQYJKoZIhvcNAQELBQADggEBALmudupNndgV+/b5xC7FITxvZvPR7FVN
wYj1MJPqYMs2ytUqWa4ZSEpaH23Cm+x9BQF7tiuAMUHqg7bYChBg/RvN5x8w+AjE
Vxe6fvhcys27dOO4u9MH+3m23oJF34eSP6SFG+fW6i3FL8cDkCTf5+9ln60/LhCh
vct/kB5KSCJk5lvEl7En6ui25UaPQhdaQdIgmQoxZwkMj3x2XzUd8k96XsgTcDof
PbdEE/iOs4EYuzdbQKxS/4W2yu4Ho2nyAbPIRwVJyVfFBXX7ZqMxWc8O5PbQ/uuC
OzZvjs+B3k+uChVaPAdc9M8mfSHK6v7LS47WrLuywQoZXluKrO1iBrg=
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:03:09 2025 by rpki-client