Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/d-ZlW2COhoa6zbEdEEZzVxNr0yM.roa
File: d-ZlW2COhoa6zbEdEEZzVxNr0yM.roa (raw, json)
Hash identifier: A1J/sm20ihPpJTE+NyzOZjKMvybT/qYABhJDDsZKwwY=
Subject key identifier: 77:E6:65:5B:60:8E:86:86:BA:CD:B1:1D:10:46:73:57:13:6B:D3:23
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBE0368AAE7E0E8AFB52994DC94F5B
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/d-ZlW2COhoa6zbEdEEZzVxNr0yM.roa
Signing time: Wed 01 Jan 2025 17:48:39 +0000
ROA not before: Wed 01 Jan 2025 17:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205920
IP address blocks: 2a10:a500::/32 maxlen: 32
2a10:a500::/48 maxlen: 48
2a10:a500:10::/48 maxlen: 48
2a10:a500:1a::/48 maxlen: 48
2a10:a500:20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e0:36:8a:ae:7e:0e:8a:fb:52:99:4d:c9:4f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77e6655b608e8686bacdb11d10467357136bd323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ce:ad:76:6f:68:82:a3:8d:25:24:69:bb:ad:
6b:80:da:2e:38:3f:0b:84:ea:fd:6d:1f:d6:ba:72:
a9:f6:56:e8:cd:b0:ee:2a:86:0d:3e:f0:0b:e0:55:
6b:72:4c:c3:91:32:60:a1:22:c3:cc:35:47:53:c2:
33:42:fb:f4:b6:c7:09:9d:54:07:52:c8:b8:34:7c:
2f:de:58:0f:d4:7e:b1:ec:b5:7f:56:67:4f:6a:78:
80:52:28:78:69:db:ab:d1:43:58:72:76:6b:10:36:
56:ba:63:59:a8:66:bd:fe:94:97:ae:ab:eb:17:16:
09:20:c4:23:1d:83:38:46:dd:17:71:c0:3c:ed:b6:
05:84:5b:ed:e0:e2:e3:02:64:88:d1:e5:45:2f:12:
d0:f9:13:d9:cc:6d:27:ff:3d:5c:f5:c1:71:46:83:
58:a1:d4:ca:a8:9f:14:38:81:be:b7:56:b1:5a:25:
42:9a:e2:91:b1:f5:ef:ae:d4:54:c7:0a:bd:ee:a7:
9f:4e:51:c8:c2:8e:47:76:ee:23:ac:fb:90:7d:78:
e0:d0:e4:67:04:90:87:4c:23:ad:53:d1:e8:ef:26:
96:c3:4c:ac:b6:e1:9a:d3:cb:12:88:fe:ce:b6:e4:
a4:6e:53:56:19:57:31:eb:74:b1:67:ae:65:f8:98:
b0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E6:65:5B:60:8E:86:86:BA:CD:B1:1D:10:46:73:57:13:6B:D3:23
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/d-ZlW2COhoa6zbEdEEZzVxNr0yM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:a500::/32
Signature Algorithm: sha256WithRSAEncryption
bc:4d:5e:6a:35:7d:a3:e7:56:a5:f3:7f:38:68:3f:87:bf:8b:
ff:b3:ea:b6:c5:c7:1a:76:b0:9d:7b:4f:3d:34:cc:bc:6b:e1:
8c:e8:2f:b2:59:9f:3d:b8:f5:c7:9a:08:d2:24:2f:f7:17:d4:
1d:60:9a:c2:71:35:b2:cf:4a:9e:59:6e:3d:59:b1:5e:93:01:
1a:46:53:07:e8:ce:2e:5f:fc:d8:c4:e8:00:a5:68:da:07:6b:
19:13:79:fe:0f:2a:2f:ce:20:e9:e5:92:0b:37:56:34:82:88:
68:bd:f4:0b:8c:29:b3:12:6d:2a:d5:31:f6:92:b7:03:f0:d6:
86:c7:ee:41:b3:4f:13:63:d2:d8:53:66:df:24:47:8d:a1:11:
70:d5:10:a8:b6:c0:ef:be:d1:7f:24:6f:07:da:2c:d5:28:70:
7e:61:d6:33:49:4b:9b:f2:3e:71:fe:fb:e6:de:3d:7b:e2:93:
f1:b5:be:3b:65:c6:8f:dc:e4:16:43:00:35:56:f8:cb:a1:95:
82:49:df:79:a7:1e:31:cc:6f:fb:a0:e8:3d:eb:38:d1:f9:38:
be:ba:0e:52:96:75:66:9d:c7:26:ea:a5:1c:b5:4e:15:79:81:
00:64:be:89:3a:2d:de:29:f2:a4:14:e4:a9:a9:c0:0f:c1:e6:
5a:f1:04:5f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi++A2iq5+Dor7UplNyU9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2U2NjU1YjYwOGU4Njg2YmFjZGIxMWQxMDQ2NzM1NzEzNmJkMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks6tdm9ogqONJSRpu61rgNouOD8L
hOr9bR/WunKp9lbozbDuKoYNPvAL4FVrckzDkTJgoSLDzDVHU8IzQvv0tscJnVQH
Usi4NHwv3lgP1H6x7LV/VmdPaniAUih4adur0UNYcnZrEDZWumNZqGa9/pSXrqvr
FxYJIMQjHYM4Rt0XccA87bYFhFvt4OLjAmSI0eVFLxLQ+RPZzG0n/z1c9cFxRoNY
odTKqJ8UOIG+t1axWiVCmuKRsfXvrtRUxwq97qefTlHIwo5Hdu4jrPuQfXjg0ORn
BJCHTCOtU9Ho7yaWw0ystuGa08sSiP7OtuSkblNWGVcx63SxZ65l+Jiw2wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHfmZVtgjoaGus2xHRBGc1cTa9MjMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZC1abFcyQ09ob2E2emJFZEVFWnpWeE5yMHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhClADAN
BgkqhkiG9w0BAQsFAAOCAQEAvE1eajV9o+dWpfN/OGg/h7+L/7PqtsXHGnawnXtP
PTTMvGvhjOgvslmfPbj1x5oI0iQv9xfUHWCawnE1ss9KnlluPVmxXpMBGkZTB+jO
Ll/82MToAKVo2gdrGRN5/g8qL84g6eWSCzdWNIKIaL30C4wpsxJtKtUx9pK3A/DW
hsfuQbNPE2PS2FNm3yRHjaERcNUQqLbA777RfyRvB9os1ShwfmHWM0lLm/I+cf77
5t49e+KT8bW+O2XGj9zkFkMANVb4y6GVgknfeaceMcxv+6DoPes40fk4vroOUpZ1
Zp3HJuqlHLVOFXmBAGS+iTot3inypBTkqanAD8HmWvEEXw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:36:39 2025 by rpki-client