Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/pS3QOZ2wypZ71SVvS4_yCNQwDJE.roa
File: pS3QOZ2wypZ71SVvS4_yCNQwDJE.roa (raw, json)
Hash identifier: ftQJDmKbzx9RdLUMravYt2oMuiMTqqjLnLQ/z0Jk1Gg=
Subject key identifier: A5:2D:D0:39:9D:B0:CA:96:7B:D5:25:6F:4B:8F:F2:08:D4:30:0C:91
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B567FF9A7EF38EB3D6D6B7BF497608
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/pS3QOZ2wypZ71SVvS4_yCNQwDJE.roa
Signing time: Thu 02 Jan 2025 15:49:47 +0000
ROA not before: Thu 02 Jan 2025 15:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216147
IP address blocks: 2a10:4646:3d0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:67:ff:9a:7e:f3:8e:b3:d6:d6:b7:bf:49:76:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a52dd0399db0ca967bd5256f4b8ff208d4300c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:57:09:bb:36:6c:52:b1:00:ea:ea:f1:75:8c:
3b:ef:ad:d4:4d:a3:28:25:51:5f:28:b8:51:0a:8f:
73:0d:29:5b:75:b9:65:9e:ff:bf:47:7a:99:56:fb:
3b:6b:b3:5c:13:f2:02:c8:ba:f4:12:bc:2c:0f:a7:
ba:15:6b:f1:29:35:ad:38:b6:13:05:55:b3:b0:18:
6c:17:9d:ad:9d:39:76:5a:91:68:ed:01:f8:a6:a2:
46:a2:02:ff:d6:78:61:46:6b:2e:65:2f:d5:83:52:
6e:4f:ad:2c:7e:ce:28:a4:fb:a8:44:3b:de:f0:32:
09:1b:50:68:0c:4b:b9:03:66:ed:b9:1a:91:4f:9c:
71:5c:60:4f:79:47:6b:a6:7e:d7:88:c6:dc:bb:f8:
36:de:fd:00:f3:50:15:43:1d:4b:ca:a7:10:ea:5b:
33:99:c2:0f:2c:cc:63:61:d6:ae:6d:22:a7:9a:ff:
54:91:26:d4:8b:84:08:25:2c:1e:9a:f3:87:00:e1:
92:05:54:74:02:3c:ea:3f:1f:d5:f3:8f:d6:1e:b1:
be:17:75:f1:c3:46:22:7a:d2:74:05:4b:c5:a8:bb:
eb:ba:24:c9:38:9a:67:2b:fc:9f:f6:19:52:2f:0c:
17:5a:d2:b7:73:04:b8:62:71:28:f6:c6:d7:41:5d:
80:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2D:D0:39:9D:B0:CA:96:7B:D5:25:6F:4B:8F:F2:08:D4:30:0C:91
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/pS3QOZ2wypZ71SVvS4_yCNQwDJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:3d0::/48
Signature Algorithm: sha256WithRSAEncryption
d8:35:9e:38:c2:78:74:26:1e:1b:23:85:05:6f:e2:e8:da:20:
5c:16:85:4b:49:0c:be:06:66:eb:d9:49:e8:f8:a5:30:55:ca:
5c:42:54:45:a2:f6:c8:65:42:ac:ba:07:81:1c:41:b5:e7:2b:
72:fc:c3:46:0a:0b:34:b9:92:32:56:81:c9:0d:40:76:0f:2b:
cc:81:86:be:d6:db:e0:ac:82:28:68:40:fb:c5:c6:15:5a:56:
c8:06:64:d5:2e:ed:47:f2:37:17:f1:1a:06:ed:3b:84:cc:22:
04:b9:51:e5:83:2e:ac:8a:6c:a9:8e:b8:75:28:a0:29:d8:0c:
ca:88:83:de:2a:e4:bc:ae:c7:46:09:0f:81:ec:93:00:e2:25:
50:e4:71:a4:6b:7c:49:71:7f:8c:88:ac:93:5b:b1:31:12:6d:
19:aa:2f:2e:bb:35:0c:94:53:4b:9d:0d:ec:1d:38:ac:37:67:
8d:ba:5f:11:a1:76:ea:60:7e:5f:3c:4b:af:85:4c:be:7e:8d:
33:67:b3:a9:b3:d0:4d:45:04:a7:ae:a6:f1:74:27:7a:0d:4b:
5a:8a:f3:7d:c4:dc:ce:59:a5:7b:ce:fc:46:dc:15:52:b7:9b:
51:8b:98:da:ad:a8:69:8f:97:39:3d:8a:7b:7d:cb:17:dd:f6:
7d:32:c4:1e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntWf/mn7zjrPW1re/SXYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTJkZDAzOTlkYjBjYTk2N2JkNTI1NmY0YjhmZjIwOGQ0MzAwYzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFcJuzZsUrEA6urxdYw7763UTaMo
JVFfKLhRCo9zDSlbdbllnv+/R3qZVvs7a7NcE/ICyLr0ErwsD6e6FWvxKTWtOLYT
BVWzsBhsF52tnTl2WpFo7QH4pqJGogL/1nhhRmsuZS/Vg1JuT60sfs4opPuoRDve
8DIJG1BoDEu5A2btuRqRT5xxXGBPeUdrpn7XiMbcu/g23v0A81AVQx1LyqcQ6lsz
mcIPLMxjYdaubSKnmv9UkSbUi4QIJSwemvOHAOGSBVR0AjzqPx/V84/WHrG+F3Xx
w0YietJ0BUvFqLvruiTJOJpnK/yf9hlSLwwXWtK3cwS4YnEo9sbXQV2AtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKUt0DmdsMqWe9Ulb0uP8gjUMAyRMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvcFMzUU9aMnd5cFo3MVNWdlM0X3lDTlF3REpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBGRgPQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDYNZ44wnh0Jh4bI4UFb+Lo2iBcFoVLSQy+Bmbr
2Uno+KUwVcpcQlRFovbIZUKsugeBHEG15yty/MNGCgs0uZIyVoHJDUB2DyvMgYa+
1tvgrIIoaED7xcYVWlbIBmTVLu1H8jcX8RoG7TuEzCIEuVHlgy6simypjrh1KKAp
2AzKiIPeKuS8rsdGCQ+B7JMA4iVQ5HGka3xJcX+MiKyTW7ExEm0Zqi8uuzUMlFNL
nQ3sHTisN2eNul8RoXbqYH5fPEuvhUy+fo0zZ7Ops9BNRQSnrqbxdCd6DUtaivN9
xNzOWaV7zvxG3BVSt5tRi5jarahpj5c5PYp7fcsX3fZ9MsQe
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:22:24 2025 by rpki-client