Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/UX1FG7BPxLN_6ufljGY3tuBoI2k.roa
File: UX1FG7BPxLN_6ufljGY3tuBoI2k.roa (raw, json)
Hash identifier: 2XU8mmir09zmdANIc3P91NSucr1JlTpLnKmXeZUmmHU=
Subject key identifier: 51:7D:45:1B:B0:4F:C4:B3:7F:EA:E7:E5:8C:66:37:B6:E0:68:23:69
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 019423D7C0DB4ED2CDC457C4DB6928A05E6C
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/UX1FG7BPxLN_6ufljGY3tuBoI2k.roa
Signing time: Wed 01 Jan 2025 21:48:49 +0000
ROA not before: Wed 01 Jan 2025 21:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216435
IP address blocks: 2a06:cac0::/29 maxlen: 48
2a11:f140::/29 maxlen: 48
2a12:ec0::/29 maxlen: 48
2a12:1900::/29 maxlen: 48
2a12:28c0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:c0:db:4e:d2:cd:c4:57:c4:db:69:28:a0:5e:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Jan 1 21:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=517d451bb04fc4b37feae7e58c6637b6e0682369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ec:0f:4a:f4:ea:4e:31:7a:bf:fc:c0:d5:a2:
67:d8:d8:01:ad:34:83:6a:9a:0d:c2:82:5e:24:66:
c8:42:e3:1f:6d:9b:04:b3:cb:25:38:a6:04:d9:05:
63:80:94:ad:64:6d:fc:a2:1c:a8:f8:2e:95:dc:d3:
8d:c8:24:b3:94:a3:fa:b6:b9:99:e0:62:33:c7:11:
e0:0d:57:75:26:96:d8:ab:4e:c3:26:38:29:63:b8:
2b:11:6e:6e:30:43:f1:f1:8f:f8:ac:ef:1f:8c:a3:
68:6d:87:06:c8:a1:75:3b:1a:7d:b5:51:96:82:bd:
40:47:bb:6b:eb:ea:fd:e5:95:9e:de:ba:cf:b4:48:
3e:5e:f1:4b:20:6d:7f:f3:0f:01:19:6a:f9:54:ff:
f3:28:d4:96:18:f3:af:71:48:1f:93:9d:97:7d:71:
f1:07:1d:d5:e7:80:51:ef:88:4f:25:0b:fe:01:7a:
68:89:68:27:91:cc:1a:8c:b3:64:1f:83:e1:24:ae:
29:8b:7b:f2:58:52:fc:9d:0a:26:3c:bc:ff:60:b0:
48:58:27:a3:f0:77:aa:28:6d:15:f1:c9:63:e1:da:
b0:a4:41:b9:ea:b1:0a:52:38:71:0d:9c:12:cc:aa:
a9:99:06:14:0d:d1:3a:4c:d0:a5:df:2a:c3:4c:43:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:7D:45:1B:B0:4F:C4:B3:7F:EA:E7:E5:8C:66:37:B6:E0:68:23:69
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/UX1FG7BPxLN_6ufljGY3tuBoI2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:cac0::/29
2a11:f140::/29
2a12:ec0::/29
2a12:1900::/29
2a12:28c0::/29
Signature Algorithm: sha256WithRSAEncryption
bf:c0:b8:f2:99:1e:85:7a:47:f8:4f:c1:32:06:e6:85:5d:2d:
ab:64:a9:c4:9e:1e:e0:68:49:94:c3:80:5c:32:d8:3c:60:ef:
e3:92:8e:9f:d3:a5:82:d4:a2:0d:6a:89:ab:3a:0f:ac:37:1a:
37:ef:0b:01:cb:03:79:db:fd:8d:c9:9d:17:07:dd:f1:84:2e:
a8:92:21:21:85:a1:2f:bf:74:1b:7a:df:49:19:f0:5d:04:12:
26:3a:34:b1:cd:f5:77:d4:16:cf:7b:e3:1f:3e:02:9d:37:8f:
f9:4e:e5:92:d2:2f:80:33:f7:b4:a1:91:2c:b6:81:0a:75:23:
39:76:cd:2c:7b:7b:69:82:40:2b:9b:b8:5c:99:60:73:a2:57:
a8:e8:ec:b4:42:b3:a9:4c:48:83:2d:67:d7:37:1c:58:54:2a:
1a:ad:e1:2f:77:47:d1:6f:ae:a9:86:2c:58:35:d7:94:9a:48:
ec:e2:8f:0b:d2:ec:be:09:f3:87:2d:42:e7:e6:e7:54:3a:06:
bc:52:55:dc:ad:e7:48:9b:15:e9:c1:6c:f1:3f:8d:49:e7:f7:
a1:fb:19:81:a6:fb:cb:9d:11:1b:9d:4a:4d:2f:5a:3c:a8:e9:
69:d6:65:b8:d1:84:b9:a4:46:47:f0:a5:a0:da:3a:a4:6a:8f:
60:27:2a:09
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQj18DbTtLNxFfE22kooF5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwMTAxMjE0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTdkNDUxYmIwNGZjNGIzN2ZlYWU3ZTU4YzY2MzdiNmUwNjgyMzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ewPSvTqTjF6v/zA1aJn2NgBrTSD
apoNwoJeJGbIQuMfbZsEs8slOKYE2QVjgJStZG38ohyo+C6V3NONyCSzlKP6trmZ
4GIzxxHgDVd1JpbYq07DJjgpY7grEW5uMEPx8Y/4rO8fjKNobYcGyKF1Oxp9tVGW
gr1AR7tr6+r95ZWe3rrPtEg+XvFLIG1/8w8BGWr5VP/zKNSWGPOvcUgfk52XfXHx
Bx3V54BR74hPJQv+AXpoiWgnkcwajLNkH4PhJK4pi3vyWFL8nQomPLz/YLBIWCej
8HeqKG0V8clj4dqwpEG56rEKUjhxDZwSzKqpmQYUDdE6TNCl3yrDTEMgXwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFF9RRuwT8Szf+rn5YxmN7bgaCNpMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvVVgxRkc3QlB4TE5fNnVmbGpHWTN0dUJvSTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgbKwAMF
AyoR8UADBQMqEg7AAwUDKhIZAAMFAyoSKMAwDQYJKoZIhvcNAQELBQADggEBAL/A
uPKZHoV6R/hPwTIG5oVdLatkqcSeHuBoSZTDgFwy2Dxg7+OSjp/TpYLUog1qias6
D6w3GjfvCwHLA3nb/Y3JnRcH3fGELqiSISGFoS+/dBt630kZ8F0EEiY6NLHN9XfU
Fs974x8+Ap03j/lO5ZLSL4Az97ShkSy2gQp1Izl2zSx7e2mCQCubuFyZYHOiV6jo
7LRCs6lMSIMtZ9c3HFhUKhqt4S93R9FvrqmGLFg115SaSOzijwvS7L4J84ctQufm
51Q6BrxSVdyt50ibFenBbPE/jUnn96H7GYGm+8udERudSk0vWjyo6WnWZbjRhLmk
RkfwpaDaOqRqj2AnKgk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:29:28 2025 by rpki-client