Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/wMRua81DP0XDP8KptHbiHx1Ay-w.roa
File: wMRua81DP0XDP8KptHbiHx1Ay-w.roa (raw, json)
Hash identifier: TfJKVEyaCPziNkBiGr7HwkTnXLN9sJXXH0nQfXyGVY0=
Subject key identifier: C0:C4:6E:6B:CD:43:3F:45:C3:3F:C2:A9:B4:76:E2:1F:1D:40:CB:EC
Certificate issuer: /CN=633bca0ed1f9b60bc0ed423022d0389e29b6cdd4
Certificate serial: 018CC3492E209A8A49F665866F0E059C2147
Authority key identifier: 63:3B:CA:0E:D1:F9:B6:0B:C0:ED:42:30:22:D0:38:9E:29:B6:CD:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzvKDtH5tgvA7UIwItA4nim2zdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/wMRua81DP0XDP8KptHbiHx1Ay-w.roa
Signing time: Mon 01 Jan 2024 04:30:02 +0000
ROA not before: Mon 01 Jan 2024 04:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212149
IP address blocks: 2a11:5cc1:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2e:20:9a:8a:49:f6:65:86:6f:0e:05:9c:21:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=633bca0ed1f9b60bc0ed423022d0389e29b6cdd4
Validity
Not Before: Jan 1 04:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0c46e6bcd433f45c33fc2a9b476e21f1d40cbec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:33:18:76:9f:2a:59:91:f8:d4:b2:df:37:dc:
57:0c:f4:fb:0f:69:85:c6:7f:08:a4:fc:5a:24:f9:
a8:09:bc:77:97:73:26:f3:42:f9:9e:82:37:1c:4b:
34:4e:d1:03:21:9c:0b:3c:f1:4e:ab:a3:5c:10:c4:
23:15:72:58:be:9b:b3:b5:7c:84:3d:bb:ad:5f:b1:
8d:cc:f4:6a:ba:b2:dd:59:de:f6:dc:71:4d:08:e4:
c8:84:4f:92:8a:af:8a:b9:0a:a3:e2:35:a1:5e:2a:
13:f4:5b:ff:8b:11:4f:a7:75:ae:34:0d:52:5f:09:
4f:63:c8:53:7e:e6:2b:86:cf:f1:82:db:3e:e5:a6:
33:9d:29:f6:55:45:ee:9c:2a:ea:70:e4:35:49:88:
8b:b2:83:ef:33:8c:80:de:22:00:34:0d:a6:e2:e8:
99:b9:9c:b0:71:23:97:c5:19:4c:78:2b:3a:3c:b8:
99:9e:df:2b:c4:a8:26:02:83:5f:d9:d1:bd:13:45:
db:db:fd:f0:78:70:d0:b2:42:43:0f:66:df:ab:b9:
ec:8f:cf:46:47:1f:3a:99:80:9c:46:eb:a5:e5:c6:
53:6a:03:03:28:c0:55:3d:7c:e5:f5:ee:7a:2b:f1:
ce:71:07:a3:cc:bb:86:0f:ae:7c:e3:91:cc:8a:8e:
5d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:C4:6E:6B:CD:43:3F:45:C3:3F:C2:A9:B4:76:E2:1F:1D:40:CB:EC
X509v3 Authority Key Identifier:
keyid:63:3B:CA:0E:D1:F9:B6:0B:C0:ED:42:30:22:D0:38:9E:29:B6:CD:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzvKDtH5tgvA7UIwItA4nim2zdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/wMRua81DP0XDP8KptHbiHx1Ay-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/e387ff-5348-4b32-b136-d05184c25e9a/1/YzvKDtH5tgvA7UIwItA4nim2zdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5cc1:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
1e:99:78:f8:bb:5c:48:14:0c:a9:0c:b0:7c:26:60:33:85:71:
c5:18:38:a3:ee:d8:63:19:b6:e6:97:ba:a0:4e:61:99:f4:f7:
7e:25:46:66:7f:51:6e:58:da:03:04:2b:24:59:2e:96:b9:75:
d2:fb:d1:dc:5a:3e:33:fc:a0:63:8d:69:a7:0e:39:6b:42:57:
8b:b0:d8:a0:49:de:a7:64:bb:03:f7:0c:0d:cf:4d:e0:20:3b:
28:e5:0c:95:79:9d:42:8d:31:12:87:02:d4:18:d5:02:87:9f:
fb:35:ac:91:2a:cb:e5:04:45:a3:f2:34:4f:88:05:62:5c:70:
dc:9c:cd:d6:1f:ea:0f:2c:0a:41:90:c8:b0:3d:15:63:52:91:
f8:cc:fe:b2:28:1e:63:16:07:fb:20:62:fb:f6:9a:41:15:6d:
4c:41:93:ff:95:f0:1a:11:59:83:99:14:bc:04:8a:eb:23:fc:
a4:14:57:ce:ba:11:4c:eb:b7:e3:33:d0:4a:1e:9e:d2:10:f9:
12:cf:98:77:95:f0:39:4e:96:05:89:36:56:af:0f:b5:b9:50:
41:de:87:fe:b5:da:cb:03:6f:a4:af:ab:50:21:eb:d4:aa:2f:
3f:0c:4e:a8:35:8f:dc:09:39:a2:01:aa:ce:83:29:4e:d1:33:
3e:36:e4:cc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzDSS4gmopJ9mWGbw4FnCFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzM2JjYTBlZDFmOWI2MGJjMGVkNDIzMDIyZDAzODllMjli
NmNkZDQwHhcNMjQwMTAxMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGM0NmU2YmNkNDMzZjQ1YzMzZmMyYTliNDc2ZTIxZjFkNDBjYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTMYdp8qWZH41LLfN9xXDPT7D2mF
xn8IpPxaJPmoCbx3l3Mm80L5noI3HEs0TtEDIZwLPPFOq6NcEMQjFXJYvpuztXyE
PbutX7GNzPRqurLdWd723HFNCOTIhE+Siq+KuQqj4jWhXioT9Fv/ixFPp3WuNA1S
XwlPY8hTfuYrhs/xgts+5aYznSn2VUXunCrqcOQ1SYiLsoPvM4yA3iIANA2m4uiZ
uZywcSOXxRlMeCs6PLiZnt8rxKgmAoNf2dG9E0Xb2/3weHDQskJDD2bfq7nsj89G
Rx86mYCcRuul5cZTagMDKMBVPXzl9e56K/HOcQejzLuGD65845HMio5dcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMDEbmvNQz9Fwz/CqbR24h8dQMvsMB8GA1UdIwQY
MBaAFGM7yg7R+bYLwO1CMCLQOJ4pts3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXp2S0R0SDV0Z3ZBN1VJd0l0QTRuaW0yemRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9lMzg3ZmYtNTM0OC00YjMyLWIxMzYt
ZDA1MTg0YzI1ZTlhLzEvd01SdWE4MURQMFhEUDhLcHRIYmlIeDFBeS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9lMzg3ZmYtNTM0OC00YjMyLWIxMzYtZDA1MTg0YzI1ZTlh
LzEvWXp2S0R0SDV0Z3ZBN1VJd0l0QTRuaW0yemRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhFcwbAL
MA0GCSqGSIb3DQEBCwUAA4IBAQAemXj4u1xIFAypDLB8JmAzhXHFGDij7thjGbbm
l7qgTmGZ9Pd+JUZmf1FuWNoDBCskWS6WuXXS+9HcWj4z/KBjjWmnDjlrQleLsNig
Sd6nZLsD9wwNz03gIDso5QyVeZ1CjTEShwLUGNUCh5/7NayRKsvlBEWj8jRPiAVi
XHDcnM3WH+oPLApBkMiwPRVjUpH4zP6yKB5jFgf7IGL79ppBFW1MQZP/lfAaEVmD
mRS8BIrrI/ykFFfOuhFM67fjM9BKHp7SEPkSz5h3lfA5TpYFiTZWrw+1uVBB3of+
tdrLA2+kr6tQIevUqi8/DE6oNY/cCTmiAarOgylO0TM+NuTM
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:16 2025 by rpki-client