Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/AYWfSZfm3-m6tTmXQ7ScTVje9jw.roa
File: AYWfSZfm3-m6tTmXQ7ScTVje9jw.roa (raw, json)
Hash identifier: jozIBgSrKgoY+kja8mOk3zf+5OHOQyudAHt7Y1IjLfc=
Subject key identifier: 01:85:9F:49:97:E6:DF:E9:BA:B5:39:97:43:B4:9C:4D:58:DE:F6:3C
Certificate issuer: /CN=63883a79789d9f65815292f18d4980ba9c5ed221
Certificate serial: 019421B1F49328CDCF10F8D8F42957A88E73
Authority key identifier: 63:88:3A:79:78:9D:9F:65:81:52:92:F1:8D:49:80:BA:9C:5E:D2:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/AYWfSZfm3-m6tTmXQ7ScTVje9jw.roa
Signing time: Wed 01 Jan 2025 11:48:17 +0000
ROA not before: Wed 01 Jan 2025 11:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49915
IP address blocks: 2a0a:1800::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f4:93:28:cd:cf:10:f8:d8:f4:29:57:a8:8e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63883a79789d9f65815292f18d4980ba9c5ed221
Validity
Not Before: Jan 1 11:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01859f4997e6dfe9bab5399743b49c4d58def63c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:01:48:df:5b:cb:b4:00:32:99:02:ad:67:02:
77:0b:d0:9e:d7:f4:8b:1e:ac:d9:3c:14:34:b0:21:
83:e5:83:0c:61:d6:9e:a2:31:40:5a:98:91:ab:c3:
3d:b3:60:c5:2c:1f:10:9d:a2:9b:dd:ae:ca:b6:76:
e8:cd:88:33:76:3e:26:8d:28:0f:a4:a5:fc:5e:3f:
0d:9f:f9:ac:12:f4:1c:18:5f:d6:22:22:40:bd:95:
c4:e4:4b:8b:3d:32:f2:0f:da:6d:89:c3:71:80:1f:
21:0c:93:52:9c:23:bf:a5:3b:d5:37:4d:73:ae:15:
81:57:a1:ad:31:28:4d:a7:dc:42:e0:5c:96:ba:1b:
3d:6a:57:f1:7a:f6:98:49:ce:0f:3e:d7:98:70:22:
43:f8:3a:1e:e2:dc:86:6e:8f:9c:88:15:a6:82:78:
2e:32:a2:4b:27:1a:2c:9d:8d:50:10:21:30:75:91:
f5:0e:59:7f:26:06:6b:14:4f:d8:a6:12:c0:a9:b8:
12:3f:c3:9d:b8:7e:99:a4:fb:0c:2c:1f:78:22:9f:
77:15:83:1a:31:d8:46:92:cb:ea:a9:b0:c8:0b:3c:
f1:59:e4:be:77:b8:9a:ca:cc:29:0d:bd:c8:43:ec:
9f:d6:66:d8:99:56:e6:41:35:83:a5:7b:79:4e:e1:
63:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:85:9F:49:97:E6:DF:E9:BA:B5:39:97:43:B4:9C:4D:58:DE:F6:3C
X509v3 Authority Key Identifier:
keyid:63:88:3A:79:78:9D:9F:65:81:52:92:F1:8D:49:80:BA:9C:5E:D2:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4g6eXidn2WBUpLxjUmAupxe0iE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/AYWfSZfm3-m6tTmXQ7ScTVje9jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ca0228-57ee-4f65-962f-35d0595e12f0/1/Y4g6eXidn2WBUpLxjUmAupxe0iE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1800::/32
Signature Algorithm: sha256WithRSAEncryption
66:ef:89:04:22:06:8c:02:09:13:5e:80:b4:f0:73:8f:08:f9:
fc:f4:ff:55:80:a1:50:ce:25:7e:26:ab:4f:33:f7:66:4c:7d:
de:4b:71:4c:2d:80:b5:a1:88:46:12:0b:40:1f:cd:76:74:c4:
34:3e:cb:8a:25:7a:d4:a3:84:d0:68:ca:51:c3:9d:1c:66:05:
35:42:48:fb:ec:8e:60:c4:49:6b:0e:db:c1:b5:4a:df:cb:08:
a1:ce:03:7b:84:47:15:53:d8:d6:b0:8d:9f:38:5e:cd:06:52:
b0:bc:46:c7:e4:78:11:5e:ec:c3:5f:54:32:54:17:7b:3d:74:
d0:a3:58:e3:ad:a5:c9:45:ce:16:3c:7d:bd:ff:8c:f6:eb:67:
a2:1b:cf:4d:25:4f:d5:63:2a:87:29:c2:9d:ac:4f:ce:a5:67:
d9:77:ba:de:a5:32:d0:1b:c3:c4:bd:c0:77:79:de:59:5b:65:
86:19:e0:07:7b:78:fc:78:b4:2a:ef:c7:db:4e:3c:f3:ae:72:
f4:ea:5b:c0:b8:f1:87:bb:11:3e:ac:0a:72:df:07:7c:d4:26:
54:fd:a0:06:d3:11:f1:c4:1f:7b:be:3e:a0:31:36:7c:69:7d:
5d:62:b0:7a:e7:fa:d8:12:b9:6b:9d:4d:f1:21:9b:ac:48:d1:
63:d5:fe:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhsfSTKM3PEPjY9ClXqI5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzODgzYTc5Nzg5ZDlmNjU4MTUyOTJmMThkNDk4MGJhOWM1
ZWQyMjEwHhcNMjUwMTAxMTE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg1OWY0OTk3ZTZkZmU5YmFiNTM5OTc0M2I0OWM0ZDU4ZGVmNjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygFI31vLtAAymQKtZwJ3C9Ce1/SL
HqzZPBQ0sCGD5YMMYdaeojFAWpiRq8M9s2DFLB8QnaKb3a7KtnbozYgzdj4mjSgP
pKX8Xj8Nn/msEvQcGF/WIiJAvZXE5EuLPTLyD9pticNxgB8hDJNSnCO/pTvVN01z
rhWBV6GtMShNp9xC4FyWuhs9alfxevaYSc4PPteYcCJD+Doe4tyGbo+ciBWmgngu
MqJLJxosnY1QECEwdZH1Dll/JgZrFE/YphLAqbgSP8OduH6ZpPsMLB94Ip93FYMa
MdhGksvqqbDICzzxWeS+d7iayswpDb3IQ+yf1mbYmVbmQTWDpXt5TuFjbQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAGFn0mX5t/purU5l0O0nE1Y3vY8MB8GA1UdIwQY
MBaAFGOIOnl4nZ9lgVKS8Y1JgLqcXtIhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTRnNmVYaWRuMldCVXBMeGpVbUF1cHhlMGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jYTAyMjgtNTdlZS00ZjY1LTk2MmYt
MzVkMDU5NWUxMmYwLzEvQVlXZlNaZm0zLW02dFRtWFE3U2NUVmplOWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jYTAyMjgtNTdlZS00ZjY1LTk2MmYtMzVkMDU5NWUxMmYw
LzEvWTRnNmVYaWRuMldCVXBMeGpVbUF1cHhlMGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgoYADAN
BgkqhkiG9w0BAQsFAAOCAQEAZu+JBCIGjAIJE16AtPBzjwj5/PT/VYChUM4lfiar
TzP3Zkx93ktxTC2AtaGIRhILQB/NdnTEND7LiiV61KOE0GjKUcOdHGYFNUJI++yO
YMRJaw7bwbVK38sIoc4De4RHFVPY1rCNnzhezQZSsLxGx+R4EV7sw19UMlQXez10
0KNY462lyUXOFjx9vf+M9utnohvPTSVP1WMqhynCnaxPzqVn2Xe63qUy0BvDxL3A
d3neWVtlhhngB3t4/Hi0Ku/H2048865y9OpbwLjxh7sRPqwKct8HfNQmVP2gBtMR
8cQfe74+oDE2fGl9XWKweuf62BK5a51N8SGbrEjRY9X+6w==
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:08:30 2025 by rpki-client