Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/drZfrWuDwYR5aiQwDghhhvqDdLE.roa
File: drZfrWuDwYR5aiQwDghhhvqDdLE.roa (raw, json)
Hash identifier: /4rqOMgvMqMR2//iDGadfKqmktpifWq/T8VVr18N+Oo=
Subject key identifier: 76:B6:5F:AD:6B:83:C1:84:79:6A:24:30:0E:08:61:86:FA:83:74:B1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521E38FC8199BE65ED33C6A8D722C4E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/drZfrWuDwYR5aiQwDghhhvqDdLE.roa
Signing time: Thu 02 Jan 2025 03:49:25 +0000
ROA not before: Thu 02 Jan 2025 03:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138632
IP address blocks: 2a0e:b107:1f0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e3:8f:c8:19:9b:e6:5e:d3:3c:6a:8d:72:2c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76b65fad6b83c184796a24300e086186fa8374b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:83:67:76:78:ab:55:06:ea:cc:45:50:9a:64:
08:ec:24:2f:d2:be:82:18:c6:34:73:9c:a3:db:50:
0c:cb:eb:c7:92:eb:74:60:b9:cf:01:79:b8:50:ba:
ca:b4:8f:39:8e:2f:9e:f2:89:d3:ca:4e:0a:8a:1a:
8d:79:90:77:67:88:07:d1:95:d6:1b:18:ed:a2:fc:
8d:a1:db:95:7c:8e:24:51:b8:c2:a3:29:bc:43:6b:
4a:bd:db:e2:58:90:df:1d:de:0c:14:3a:0a:3b:6a:
02:a0:b6:2a:57:b5:0d:b9:ed:f1:21:e1:20:2c:e7:
f6:59:f9:4b:df:91:08:77:07:d4:76:c0:ec:e4:42:
5d:21:3a:d6:3c:85:50:67:80:8e:4b:ae:90:e6:3d:
07:f3:2b:73:33:80:3f:bf:d0:1e:1f:86:c8:ce:ad:
5a:d3:3f:d6:ee:f2:58:99:9d:c8:92:a4:93:f8:8c:
99:91:ea:c3:cd:9f:d1:79:94:a3:ba:0e:e9:6b:7a:
0d:08:bb:1f:a7:f2:d3:79:d6:f2:1e:bd:68:6a:78:
24:98:a3:a5:0d:8c:96:e2:e9:99:39:93:ec:99:c3:
60:32:18:bd:33:d3:f6:b3:d3:a2:e7:67:aa:08:a1:
8e:1a:ce:21:ec:71:85:fa:68:19:ca:b0:94:30:df:
f4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B6:5F:AD:6B:83:C1:84:79:6A:24:30:0E:08:61:86:FA:83:74:B1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/drZfrWuDwYR5aiQwDghhhvqDdLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1f0::/48
Signature Algorithm: sha256WithRSAEncryption
94:4c:45:fc:75:c8:a3:1b:48:b5:72:69:1b:40:d7:c8:60:63:
ce:00:b1:18:ed:05:0a:f5:27:0c:29:d6:cb:8c:2c:3d:51:b6:
f0:59:33:89:af:56:2d:8a:30:6b:24:8e:af:a0:17:db:e1:e7:
31:7f:6a:59:fc:ed:71:e7:b6:81:41:3b:e9:3a:fc:aa:c8:54:
24:b2:24:c9:ff:53:b2:74:8c:11:a7:d0:87:b5:ca:9a:46:7e:
1f:1b:14:8a:6a:c5:a6:d8:24:7a:66:c5:64:0c:95:64:31:ad:
6a:e8:d0:65:12:9d:6e:ab:e5:2d:d0:3b:f0:04:6b:51:24:3c:
30:9b:b5:0e:eb:10:f4:d3:c5:4d:aa:ad:bb:bc:37:c9:13:77:
74:23:f6:a9:14:1d:df:32:81:0a:fb:a4:73:b0:c4:f6:b4:4a:
96:f2:06:22:01:dc:1c:3e:31:ce:7e:3b:cf:a4:db:b9:b4:52:
8d:d3:55:80:28:69:92:f5:1c:33:6a:b4:18:a0:f9:6d:fa:76:
d1:f2:f4:39:df:08:f4:cd:17:23:a5:57:4b:65:ed:b6:34:9b:
95:52:01:73:b5:30:6e:ce:05:8b:7f:d7:94:6a:6e:24:be:ca:
1b:c3:fa:1c:03:99:ef:72:1c:c2:31:b8:fb:ef:c8:78:6c:b1:
42:a6:5c:09
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIeOPyBmb5l7TPGqNcixOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmI2NWZhZDZiODNjMTg0Nzk2YTI0MzAwZTA4NjE4NmZhODM3NGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYNndnirVQbqzEVQmmQI7CQv0r6C
GMY0c5yj21AMy+vHkut0YLnPAXm4ULrKtI85ji+e8onTyk4KihqNeZB3Z4gH0ZXW
GxjtovyNoduVfI4kUbjCoym8Q2tKvdviWJDfHd4MFDoKO2oCoLYqV7UNue3xIeEg
LOf2WflL35EIdwfUdsDs5EJdITrWPIVQZ4COS66Q5j0H8ytzM4A/v9AeH4bIzq1a
0z/W7vJYmZ3IkqST+IyZkerDzZ/ReZSjug7pa3oNCLsfp/LTedbyHr1oangkmKOl
DYyW4umZOZPsmcNgMhi9M9P2s9Oi52eqCKGOGs4h7HGF+mgZyrCUMN/0IwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHa2X61rg8GEeWokMA4IYYb6g3SxMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZHJaZnJXdUR3WVI1YWlRd0RnaGhodnFEZExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwHw
MA0GCSqGSIb3DQEBCwUAA4IBAQCUTEX8dcijG0i1cmkbQNfIYGPOALEY7QUK9ScM
KdbLjCw9UbbwWTOJr1YtijBrJI6voBfb4ecxf2pZ/O1x57aBQTvpOvyqyFQksiTJ
/1OydIwRp9CHtcqaRn4fGxSKasWm2CR6ZsVkDJVkMa1q6NBlEp1uq+Ut0DvwBGtR
JDwwm7UO6xD008VNqq27vDfJE3d0I/apFB3fMoEK+6RzsMT2tEqW8gYiAdwcPjHO
fjvPpNu5tFKN01WAKGmS9RwzarQYoPlt+nbR8vQ53wj0zRcjpVdLZe22NJuVUgFz
tTBuzgWLf9eUam4kvsobw/ocA5nvchzCMbj778h4bLFCplwJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:48:57 2025 by rpki-client