Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uObkOfdiva2KwlQ-a1VSr3qXCds.roa
File: uObkOfdiva2KwlQ-a1VSr3qXCds.roa (raw, json)
Hash identifier: gx0iUsrL5SJuXH2i8LEF5OQIDKMYwbVFCQy4inr6FWw=
Subject key identifier: B8:E6:E4:39:F7:62:BD:AD:8A:C2:54:3E:6B:55:52:AF:7A:97:09:DB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0195CE83AC40D9AF5F88E6A9DF1BC89D0320
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uObkOfdiva2KwlQ-a1VSr3qXCds.roa
Signing time: Tue 25 Mar 2025 18:14:50 +0000
ROA not before: Tue 25 Mar 2025 18:14:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:8e0::/48 maxlen: 48
2a0e:b107:19a0::/48 maxlen: 48
2a0e:b107:1a63::/48 maxlen: 48
2a0e:b107:1a64::/48 maxlen: 48
2a0e:b107:2880::/46 maxlen: 48
2a10:cc40:216::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ce:83:ac:40:d9:af:5f:88:e6:a9:df:1b:c8:9d:03:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 25 18:14:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8e6e439f762bdad8ac2543e6b5552af7a9709db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b4:ed:9f:5d:d9:81:ac:80:f5:08:13:6f:69:
dd:61:dd:94:1b:b0:ea:a8:39:7a:c2:c0:02:fe:22:
be:0a:f8:7b:76:31:6a:03:0e:46:55:8c:52:2e:a9:
dd:b2:d5:bd:c1:24:83:35:33:3d:7c:6e:b2:4f:27:
58:ad:b9:09:fe:a9:9b:0f:1f:b1:3f:6e:fc:52:2c:
47:76:bd:77:be:35:46:7c:53:70:38:ec:d2:e0:1a:
63:d5:cb:1f:42:84:b2:e8:49:77:75:73:a8:e0:ca:
9b:de:97:ad:bb:cf:55:fc:7a:15:63:5b:a8:6f:a1:
4d:57:2c:28:47:27:f2:39:65:42:3c:4c:a8:c0:da:
23:53:9e:7b:78:1a:62:31:f6:c1:2d:f0:d5:41:da:
91:06:22:37:76:ac:b3:a7:5f:05:b0:90:4f:23:8f:
69:8a:15:48:88:4d:6e:01:a2:a8:3f:09:3b:3b:ff:
b5:fb:5f:8b:7d:18:af:77:de:9c:58:40:2c:0e:ed:
c6:84:de:86:65:15:3f:65:46:2a:5d:2a:25:89:b9:
14:a8:5a:c9:b3:d8:f6:5a:10:c4:68:47:0f:4b:10:
2b:5e:21:56:ad:89:54:7e:4c:41:e7:15:f5:5b:ab:
80:85:57:64:61:52:64:ab:74:40:53:dc:de:aa:fd:
bd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E6:E4:39:F7:62:BD:AD:8A:C2:54:3E:6B:55:52:AF:7A:97:09:DB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/uObkOfdiva2KwlQ-a1VSr3qXCds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:411::/48
2a0e:97c0:8e0::/48
2a0e:b107:19a0::/48
2a0e:b107:1a63::-2a0e:b107:1a64:ffff:ffff:ffff:ffff:ffff
2a0e:b107:2880::/46
2a10:cc40:216::/48
Signature Algorithm: sha256WithRSAEncryption
8f:0f:cb:46:4c:f2:34:b8:78:6a:81:ce:f5:8c:3f:59:ab:52:
6b:36:94:de:67:af:c3:4e:ee:55:66:21:59:28:24:45:34:82:
09:c3:08:dc:45:05:49:b9:e3:51:f6:48:a0:c8:07:d4:18:07:
62:8a:45:a4:5a:cf:14:cb:07:47:45:ce:64:81:2d:0d:75:81:
1f:c2:57:11:59:23:30:cf:18:cc:56:65:1f:0b:f7:80:9e:db:
84:fc:87:cd:04:ec:15:04:fc:69:60:4b:b8:61:81:9d:53:5b:
42:ce:df:ca:c9:7e:b3:8c:a6:e3:09:4f:49:e9:dd:9c:ac:55:
57:3c:bb:c9:f3:c8:ab:b1:78:7e:11:72:f7:80:83:5f:05:6a:
d0:35:08:be:75:d5:ce:7f:8f:bd:1b:f6:7b:dd:6c:f3:cf:5a:
0c:17:30:8f:83:63:88:bc:51:09:9e:ef:a0:b0:38:01:c9:f2:
26:14:76:c9:30:f1:12:e5:58:5b:7b:ea:d0:e4:0e:3e:13:ee:
67:b2:b3:9d:36:72:c3:aa:c4:88:71:2a:27:d2:b7:89:8d:11:
87:59:10:d9:2c:87:f5:5b:cc:fd:fb:d5:ea:ab:c7:42:99:46:
a3:a2:a9:3e:52:0d:29:06:42:15:5a:11:76:eb:66:cd:40:80:
26:d6:a2:a3
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZXOg6xA2a9fiOap3xvInQMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzI1MTgxNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGU2ZTQzOWY3NjJiZGFkOGFjMjU0M2U2YjU1NTJhZjdhOTcwOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7Ttn13ZgayA9QgTb2ndYd2UG7Dq
qDl6wsAC/iK+Cvh7djFqAw5GVYxSLqndstW9wSSDNTM9fG6yTydYrbkJ/qmbDx+x
P278UixHdr13vjVGfFNwOOzS4Bpj1csfQoSy6El3dXOo4Mqb3petu89V/HoVY1uo
b6FNVywoRyfyOWVCPEyowNojU557eBpiMfbBLfDVQdqRBiI3dqyzp18FsJBPI49p
ihVIiE1uAaKoPwk7O/+1+1+LfRivd96cWEAsDu3GhN6GZRU/ZUYqXSolibkUqFrJ
s9j2WhDEaEcPSxArXiFWrYlUfkxB5xX1W6uAhVdkYVJkq3RAU9zeqv296wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFLjm5Dn3Yr2tisJUPmtVUq96lwnbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdU9ia09mZGl2YTJLd2xRLWExVlNyM3FYQ2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwcAKg6XwAQR
AwcAKg6XwAjgAwcAKg6xBxmgMBIDBwAqDrEHGmMDBwAqDrEHGmQDBwIqDrEHKIAD
BwAqEMxAAhYwDQYJKoZIhvcNAQELBQADggEBAI8Py0ZM8jS4eGqBzvWMP1mrUms2
lN5nr8NO7lVmIVkoJEU0ggnDCNxFBUm541H2SKDIB9QYB2KKRaRazxTLB0dFzmSB
LQ11gR/CVxFZIzDPGMxWZR8L94Ce24T8h80E7BUE/GlgS7hhgZ1TW0LO38rJfrOM
puMJT0np3ZysVVc8u8nzyKuxeH4RcveAg18FatA1CL511c5/j70b9nvdbPPPWgwX
MI+DY4i8UQme76CwOAHJ8iYUdskw8RLlWFt76tDkDj4T7meys502csOqxIhxKifS
t4mNEYdZENksh/VbzP371eqrx0KZRqOiqT5SDSkGQhVaEXbrZs1AgCbWoqM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:21:54 2025 by rpki-client