Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/rWSnUoFSizQeONQqtbmoxgRXQLg.roa
File: rWSnUoFSizQeONQqtbmoxgRXQLg.roa (raw, json)
Hash identifier: WRwAsaYm/Kcb4E7MVkOhb4dnAP9wdxMUgAV7X/La5Vs=
Subject key identifier: AD:64:A7:52:81:52:8B:34:1E:38:D4:2A:B5:B9:A8:C6:04:57:40:B8
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B569C3D61A3B9D2545D0EB47585565
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/rWSnUoFSizQeONQqtbmoxgRXQLg.roa
Signing time: Thu 02 Jan 2025 15:49:47 +0000
ROA not before: Thu 02 Jan 2025 15:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216187
IP address blocks: 2a10:4646:3a0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:69:c3:d6:1a:3b:9d:25:45:d0:eb:47:58:55:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad64a75281528b341e38d42ab5b9a8c6045740b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:07:e9:ba:d2:7b:fa:45:0e:76:0c:fc:6e:63:
c2:5a:c9:4a:58:be:bf:68:8c:11:32:bb:e1:d8:6a:
ff:2f:db:f7:91:98:f5:cd:2c:ce:40:46:3b:0d:a2:
71:0c:3e:0b:54:b3:0f:a7:63:14:d1:4d:9f:de:df:
42:9f:87:44:1c:28:70:4e:c6:e2:29:8a:15:17:b1:
d2:48:46:90:b4:00:c5:bf:e7:42:da:0d:21:a4:45:
4c:84:d5:ff:6e:6a:99:8f:74:6c:3e:37:0f:40:2c:
9f:df:25:7b:5d:ca:bc:6f:4e:f9:9e:dc:d2:fe:c0:
a4:e1:78:83:89:9e:bc:fa:9c:12:39:09:d0:74:a5:
f2:28:23:53:81:9c:87:d5:fe:80:8d:09:da:35:a1:
07:d8:e3:81:a8:10:58:d0:77:f8:cf:80:d0:a1:53:
5b:42:71:af:ee:6c:5a:9d:f3:b6:5b:d2:56:71:3c:
f1:84:ff:66:5f:a6:48:95:fb:9f:00:47:9b:19:32:
16:56:b7:77:53:58:73:71:1a:27:00:a6:ee:4f:71:
df:1f:03:ae:4a:b8:2e:66:5e:c3:c7:28:f3:05:74:
24:80:fe:23:e1:79:e1:8e:a9:c3:0f:c0:76:fc:26:
c9:c8:db:4f:ad:69:09:e8:1d:ca:72:22:a6:b5:8b:
95:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:64:A7:52:81:52:8B:34:1E:38:D4:2A:B5:B9:A8:C6:04:57:40:B8
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/rWSnUoFSizQeONQqtbmoxgRXQLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:3a0::/44
Signature Algorithm: sha256WithRSAEncryption
46:81:23:34:d0:d5:e0:0c:31:59:5e:ea:71:06:e6:7e:0a:c7:
56:60:17:76:c9:8a:db:45:b3:db:d7:0b:a0:4c:07:c0:e9:84:
fc:0f:7a:66:f8:dd:c9:da:26:2b:a0:2c:c7:1a:22:9f:89:6c:
9c:b4:d5:26:9f:a2:91:d4:8c:1d:5e:aa:a7:9d:a2:aa:b5:fb:
e2:45:1b:39:a0:e8:f7:20:16:e2:7b:89:4e:f5:6b:7f:91:64:
fa:4b:37:df:84:f8:fa:b9:30:18:2f:bd:72:a5:72:07:13:be:
34:39:09:e3:03:f0:21:ea:d7:45:8b:90:8a:7f:58:94:76:04:
05:3c:50:1f:d8:d1:fb:08:ec:30:be:5c:96:bc:6b:60:0a:df:
fe:2a:9d:4a:bb:a6:a7:43:60:38:7e:0d:27:75:cb:b2:bd:c8:
9e:e1:c7:f3:5f:73:13:f2:28:b0:0e:1b:2a:3b:94:72:12:e9:
85:dc:a5:d4:62:5b:26:80:8c:4b:e2:3f:41:f6:e7:3d:fc:e4:
cb:e4:a9:1d:b5:a1:b1:68:c1:d5:34:74:80:d6:49:d4:dd:a7:
74:84:a1:61:f6:d8:95:d5:7b:af:66:f2:c3:4e:28:02:d3:9f:
27:98:d8:0d:47:40:0e:34:5b:96:c6:29:76:81:bd:fd:ed:8c:
c9:ad:7b:72
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntWnD1ho7nSVF0OtHWFVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY0YTc1MjgxNTI4YjM0MWUzOGQ0MmFiNWI5YThjNjA0NTc0MGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgfputJ7+kUOdgz8bmPCWslKWL6/
aIwRMrvh2Gr/L9v3kZj1zSzOQEY7DaJxDD4LVLMPp2MU0U2f3t9Cn4dEHChwTsbi
KYoVF7HSSEaQtADFv+dC2g0hpEVMhNX/bmqZj3RsPjcPQCyf3yV7Xcq8b075ntzS
/sCk4XiDiZ68+pwSOQnQdKXyKCNTgZyH1f6AjQnaNaEH2OOBqBBY0Hf4z4DQoVNb
QnGv7mxanfO2W9JWcTzxhP9mX6ZIlfufAEebGTIWVrd3U1hzcRonAKbuT3HfHwOu
SrguZl7DxyjzBXQkgP4j4XnhjqnDD8B2/CbJyNtPrWkJ6B3KciKmtYuVdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK1kp1KBUos0HjjUKrW5qMYEV0C4MB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvcldTblVvRlNpelFlT05RcXRibW94Z1JYUUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhBGRgOg
MA0GCSqGSIb3DQEBCwUAA4IBAQBGgSM00NXgDDFZXupxBuZ+CsdWYBd2yYrbRbPb
1wugTAfA6YT8D3pm+N3J2iYroCzHGiKfiWyctNUmn6KR1IwdXqqnnaKqtfviRRs5
oOj3IBbie4lO9Wt/kWT6SzffhPj6uTAYL71ypXIHE740OQnjA/Ah6tdFi5CKf1iU
dgQFPFAf2NH7COwwvlyWvGtgCt/+Kp1Ku6anQ2A4fg0ndcuyvcie4cfzX3MT8iiw
DhsqO5RyEumF3KXUYlsmgIxL4j9B9uc9/OTL5KkdtaGxaMHVNHSA1knU3ad0hKFh
9tiV1XuvZvLDTigC058nmNgNR0AONFuWxil2gb397YzJrXty
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:05:56 2025 by rpki-client