Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/uQpDv6_WpxIORk7MF0CkwlUdu-I.roa
File: uQpDv6_WpxIORk7MF0CkwlUdu-I.roa (raw, json)
Hash identifier: Y5wIpaLoJWPZkcJrf68AZMylVyk3XWqZktzm9naZ8+o=
Subject key identifier: B9:0A:43:BF:AF:D6:A7:12:0E:46:4E:CC:17:40:A4:C2:55:1D:BB:E2
Certificate issuer: /CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Certificate serial: 019492067DE8E097AA00F44DBD7B59676564
Authority key identifier: CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/uQpDv6_WpxIORk7MF0CkwlUdu-I.roa
Signing time: Thu 23 Jan 2025 07:18:06 +0000
ROA not before: Thu 23 Jan 2025 07:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:7f40::/32 maxlen: 32
2a0e:7f41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:92:06:7d:e8:e0:97:aa:00:f4:4d:bd:7b:59:67:65:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca9ccd830b7e03308bf5cf25e67a7fc2bde0957c
Validity
Not Before: Jan 23 07:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b90a43bfafd6a7120e464ecc1740a4c2551dbbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4e:1b:aa:63:a0:d3:06:ba:f3:1b:50:42:d5:
6d:b3:19:ba:ae:d8:94:36:ff:19:fa:21:24:ca:89:
c8:6f:d1:43:d6:6f:d7:b7:11:9d:9a:02:26:fc:be:
1c:2b:07:c6:27:c0:60:f3:78:7b:dd:18:1c:df:7a:
50:07:90:b5:83:1c:18:c0:23:55:f8:c4:e1:b1:8f:
69:dd:72:49:27:06:33:bd:41:58:a9:58:82:75:7b:
3a:28:3f:a3:a5:99:08:8f:85:52:ce:27:8b:24:9c:
5e:f0:f3:0e:25:05:74:8e:e5:f0:fa:80:3f:c7:d9:
0f:34:6e:a8:4a:e9:a1:6f:6a:92:f5:ae:2a:a8:48:
32:ef:eb:11:70:90:88:46:18:25:9e:84:38:9b:38:
ed:f9:c3:50:40:f6:58:db:a8:42:32:fb:ca:3c:ab:
ea:6a:2c:fe:4c:7a:26:2d:4e:51:55:8c:94:1e:93:
b3:e8:7f:93:ad:9c:ba:bb:55:34:b6:09:ad:9b:c6:
23:fc:3e:77:23:f4:10:47:20:60:da:ea:bc:b3:ba:
e8:e4:18:07:40:49:c4:1a:5e:e3:75:41:24:56:7b:
60:5c:af:9e:82:e5:34:80:06:83:f0:83:fa:63:49:
27:65:e4:3f:87:61:20:9d:95:20:70:9b:06:d8:4f:
d9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0A:43:BF:AF:D6:A7:12:0E:46:4E:CC:17:40:A4:C2:55:1D:BB:E2
X509v3 Authority Key Identifier:
keyid:CA:9C:CD:83:0B:7E:03:30:8B:F5:CF:25:E6:7A:7F:C2:BD:E0:95:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypzNgwt-AzCL9c8l5np_wr3glXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/uQpDv6_WpxIORk7MF0CkwlUdu-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a68f21-9ff8-4a44-a36d-d1cde2465f89/1/ypzNgwt-AzCL9c8l5np_wr3glXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7f40::/31
Signature Algorithm: sha256WithRSAEncryption
18:f1:13:30:1a:70:91:d3:6f:d8:b7:20:91:22:42:3e:18:96:
08:bb:9e:e5:93:37:10:e2:e3:a1:61:17:76:ea:8d:b3:60:f9:
cd:69:08:8b:44:3a:fc:de:0f:7f:fc:93:2a:04:7a:d8:8d:ac:
73:46:14:10:8d:7c:00:b1:1a:7a:4e:ab:19:85:07:74:89:56:
80:f9:41:19:d1:03:b5:85:60:94:52:1d:cd:a6:33:12:36:47:
51:83:67:b9:73:73:32:c6:ee:22:35:61:ce:e6:c1:be:5b:62:
33:79:dc:3e:c9:ba:2e:cc:ac:f7:92:a0:8f:26:0b:e3:40:1f:
3c:00:d7:30:73:eb:8e:e8:de:f5:7b:1b:bf:55:87:58:91:8f:
44:9e:0f:43:85:69:a4:67:8e:d6:7c:e1:e2:f4:b5:04:95:b3:
28:ba:81:8e:38:68:0d:03:30:86:43:f2:e5:ba:a6:15:0d:9d:
6c:a2:d5:f9:4d:f6:d6:1b:5c:56:8e:95:17:62:a5:91:24:73:
11:93:ec:3c:4f:48:92:7f:36:06:37:54:dd:9e:0a:ae:2f:7c:
be:3b:d6:1b:a5:b9:57:6b:39:f4:62:07:8c:c5:aa:69:cb:8c:
67:94:cd:e3:6e:a5:5d:dc:09:5e:47:dd:77:73:06:7e:7f:eb:
9f:bd:8b:39
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZSSBn3o4JeqAPRNvXtZZ2VkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOWNjZDgzMGI3ZTAzMzA4YmY1Y2YyNWU2N2E3ZmMyYmRl
MDk1N2MwHhcNMjUwMTIzMDcxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTBhNDNiZmFmZDZhNzEyMGU0NjRlY2MxNzQwYTRjMjU1MWRiYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm04bqmOg0wa68xtQQtVtsxm6rtiU
Nv8Z+iEkyonIb9FD1m/XtxGdmgIm/L4cKwfGJ8Bg83h73Rgc33pQB5C1gxwYwCNV
+MThsY9p3XJJJwYzvUFYqViCdXs6KD+jpZkIj4VSzieLJJxe8PMOJQV0juXw+oA/
x9kPNG6oSumhb2qS9a4qqEgy7+sRcJCIRhglnoQ4mzjt+cNQQPZY26hCMvvKPKvq
aiz+THomLU5RVYyUHpOz6H+TrZy6u1U0tgmtm8Yj/D53I/QQRyBg2uq8s7ro5BgH
QEnEGl7jdUEkVntgXK+eguU0gAaD8IP6Y0knZeQ/h2EgnZUgcJsG2E/ZrQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLkKQ7+v1qcSDkZOzBdApMJVHbviMB8GA1UdIwQY
MBaAFMqczYMLfgMwi/XPJeZ6f8K94JV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQt
ZDFjZGUyNDY1Zjg5LzEvdVFwRHY2X1dweElPUms3TUYwQ2t3bFVkdS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hNjhmMjEtOWZmOC00YTQ0LWEzNmQtZDFjZGUyNDY1Zjg5
LzEveXB6Tmd3dC1BekNMOWM4bDVucF93cjNnbFh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKg5/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAGPETMBpwkdNv2LcgkSJCPhiWCLue5ZM3EOLjoWEX
duqNs2D5zWkIi0Q6/N4Pf/yTKgR62I2sc0YUEI18ALEaek6rGYUHdIlWgPlBGdED
tYVglFIdzaYzEjZHUYNnuXNzMsbuIjVhzubBvltiM3ncPsm6Lsys95KgjyYL40Af
PADXMHPrjuje9Xsbv1WHWJGPRJ4PQ4VppGeO1nzh4vS1BJWzKLqBjjhoDQMwhkPy
5bqmFQ2dbKLV+U321htcVo6VF2KlkSRzEZPsPE9Ikn82BjdU3Z4Kri98vjvWG6W5
V2s59GIHjMWqacuMZ5TN426lXdwJXkfdd3MGfn/rn72LOQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:03:09 2025 by rpki-client