Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/fyZQsu5bzOst03Al5FJRpvSLsoo.roa
File: fyZQsu5bzOst03Al5FJRpvSLsoo.roa (raw, json)
Hash identifier: MRRTMhVAXN/buVo3idrb+5O9n9y8Lo0sdRtwg3OeKfA=
Subject key identifier: 7F:26:50:B2:EE:5B:CC:EB:2D:D3:70:25:E4:52:51:A6:F4:8B:B2:8A
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 019424459A93EA95C660E9B6BC531BDBB051
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/fyZQsu5bzOst03Al5FJRpvSLsoo.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a11:e101::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:9a:93:ea:95:c6:60:e9:b6:bc:53:1b:db:b0:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f2650b2ee5bcceb2dd37025e45251a6f48bb28a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:7c:8b:5d:4f:5c:3a:0b:a6:74:1a:ee:e6:f9:
85:89:9f:32:35:10:68:ba:b9:d2:e7:7e:0e:5f:db:
10:72:71:66:a1:2c:3e:f2:49:5b:67:53:b2:90:47:
88:9f:f6:04:be:2d:4e:96:a2:69:ca:e7:2d:59:5e:
ee:3c:a9:46:48:ec:19:44:80:23:8b:23:97:c6:27:
fd:e4:76:ef:aa:b0:c5:1f:6d:1e:d4:03:4a:99:c6:
da:a1:31:58:54:5e:2e:84:88:aa:e4:35:e2:8b:9b:
93:22:7b:77:a2:6a:00:0e:9f:50:5a:2b:a6:b2:3c:
64:69:87:ec:65:04:e8:1b:56:c8:51:1c:5b:84:3d:
e9:37:c5:d0:3c:26:79:f6:39:9f:1d:ff:bb:86:78:
41:90:c5:38:68:3a:d5:68:d2:3f:85:8a:e9:39:b9:
83:5d:ac:2a:f3:17:6c:5e:3f:dd:f9:62:26:7f:65:
95:5a:ea:24:3c:af:5b:8b:ad:d4:bc:c1:1c:6b:da:
03:85:ba:41:53:a8:55:5f:65:f7:9a:e6:21:27:e1:
fe:e7:7e:86:0a:08:b1:29:f8:03:d7:fd:d7:5e:38:
83:ff:a8:a4:89:e4:a1:74:5e:4e:b8:65:65:b1:54:
0a:50:82:30:3c:61:94:ad:76:e3:c2:53:8a:a3:d0:
6c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:26:50:B2:EE:5B:CC:EB:2D:D3:70:25:E4:52:51:A6:F4:8B:B2:8A
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/fyZQsu5bzOst03Al5FJRpvSLsoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:e101::/32
Signature Algorithm: sha256WithRSAEncryption
6f:44:9c:22:8f:11:29:6a:70:8f:02:4d:87:23:55:48:a9:04:
9a:fa:59:46:43:3e:05:aa:10:6c:ef:ec:88:fc:db:6f:60:ea:
91:3b:94:90:92:9c:f7:f2:e7:df:54:2b:fc:13:2a:00:9d:e9:
41:4d:a7:43:b2:f9:8b:28:d3:25:86:b3:3e:f6:8c:81:63:9e:
72:39:0d:75:e4:15:42:88:44:d7:28:74:d8:3a:dd:a8:d9:a1:
c4:e9:e7:d3:09:ad:26:89:00:de:1e:09:1a:f2:91:1b:32:da:
45:9b:76:b1:ec:05:25:3e:c6:14:18:64:8d:8d:02:ec:68:39:
24:62:5e:00:2d:ce:f6:e7:1d:4b:cc:ad:90:a9:c6:55:ed:b5:
a4:14:90:68:77:0d:45:46:5c:ab:ec:52:c9:5b:ac:a4:63:46:
dd:c3:f6:f8:e6:c3:d4:86:83:05:bf:d4:50:04:16:9c:84:dc:
fe:20:12:8f:f1:dc:df:13:3e:ef:54:96:f0:d8:8c:59:11:f2:
e5:da:61:ff:cb:7c:49:8a:1a:1d:7a:2a:dd:0f:d8:75:b9:c2:
6a:bc:a7:73:2a:db:b3:e3:a3:d2:69:85:59:3c:05:32:5f:0c:
6b:5e:70:fa:6e:e1:fc:90:90:6a:e4:b2:5c:43:9e:02:87:3b:
9a:f7:ae:f1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRZqT6pXGYOm2vFMb27BRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjI2NTBiMmVlNWJjY2ViMmRkMzcwMjVlNDUyNTFhNmY0OGJiMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43yLXU9cOgumdBru5vmFiZ8yNRBo
urnS534OX9sQcnFmoSw+8klbZ1OykEeIn/YEvi1OlqJpyuctWV7uPKlGSOwZRIAj
iyOXxif95HbvqrDFH20e1ANKmcbaoTFYVF4uhIiq5DXii5uTInt3omoADp9QWium
sjxkaYfsZQToG1bIURxbhD3pN8XQPCZ59jmfHf+7hnhBkMU4aDrVaNI/hYrpObmD
Xawq8xdsXj/d+WImf2WVWuokPK9bi63UvMEca9oDhbpBU6hVX2X3muYhJ+H+536G
CgixKfgD1/3XXjiD/6ikieShdF5OuGVlsVQKUIIwPGGUrXbjwlOKo9BsIQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH8mULLuW8zrLdNwJeRSUab0i7KKMB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvZnlaUXN1NWJ6T3N0MDNBbDVGSlJwdlNMc29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhHhATAN
BgkqhkiG9w0BAQsFAAOCAQEAb0ScIo8RKWpwjwJNhyNVSKkEmvpZRkM+BaoQbO/s
iPzbb2DqkTuUkJKc9/Ln31Qr/BMqAJ3pQU2nQ7L5iyjTJYazPvaMgWOecjkNdeQV
QohE1yh02DrdqNmhxOnn0wmtJokA3h4JGvKRGzLaRZt2sewFJT7GFBhkjY0C7Gg5
JGJeAC3O9ucdS8ytkKnGVe21pBSQaHcNRUZcq+xSyVuspGNG3cP2+ObD1IaDBb/U
UAQWnITc/iASj/Hc3xM+71SW8NiMWRHy5dph/8t8SYoaHXoq3Q/YdbnCaryncyrb
s+Oj0mmFWTwFMl8Ma15w+m7h/JCQauSyXEOeAoc7mveu8Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:57:03 2025 by rpki-client