Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/l73XbGk7c4j4MjyLCnCZ2AhSa5g.roa
File: l73XbGk7c4j4MjyLCnCZ2AhSa5g.roa (raw, json)
Hash identifier: zN4KADzvP9RDaA1coLbTnlm7K8otMtISf3HRhyFdP4I=
Subject key identifier: 97:BD:D7:6C:69:3B:73:88:F8:32:3C:8B:0A:70:99:D8:08:52:6B:98
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 0194221FC13F77F02A320497B0042C1CBB45
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/l73XbGk7c4j4MjyLCnCZ2AhSa5g.roa
Signing time: Wed 01 Jan 2025 13:48:13 +0000
ROA not before: Wed 01 Jan 2025 13:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210930
IP address blocks: 2a10:9903:501::/48 maxlen: 48
2a10:9903:511::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c1:3f:77:f0:2a:32:04:97:b0:04:2c:1c:bb:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 1 13:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97bdd76c693b7388f8323c8b0a7099d808526b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b6:1a:97:9b:a4:96:b5:f4:4d:b5:5a:c3:e8:
e7:bf:c8:72:79:d7:e8:db:05:fc:4f:60:c0:0f:eb:
f1:60:c0:21:35:bf:be:7b:d9:4b:63:f5:e2:77:fe:
9c:c5:7c:fb:66:2e:b6:91:a8:41:a7:bd:6b:f8:a3:
32:4a:10:e9:84:e6:1b:12:6d:54:a9:57:e1:fa:b2:
c8:e2:91:03:cb:a9:52:95:15:b1:cc:95:b8:d5:5a:
d6:4a:dc:09:23:29:0d:1d:88:c7:4f:87:43:3b:0e:
f4:55:dc:82:a3:c4:91:64:6c:c8:0a:e4:0f:82:b1:
f0:bd:52:bc:2c:65:88:2e:52:bd:0b:45:63:19:d3:
f0:b9:25:13:42:9f:43:ce:46:07:ef:b6:ec:ff:4c:
c3:d2:ec:92:3d:58:bd:f8:af:e7:30:c0:65:1c:95:
bf:95:f2:b7:f8:e1:9d:7d:68:56:36:3b:57:04:79:
30:60:cc:c5:4f:94:8f:f2:57:bf:72:8d:d6:01:b2:
8f:c5:32:d3:da:63:54:4b:09:eb:4f:1b:7e:f8:cc:
9c:b9:98:9e:87:05:30:5f:a7:21:c1:de:f5:0d:3c:
02:05:25:47:f5:b9:70:89:cd:b4:0b:80:22:12:6f:
83:ce:e5:21:1f:1d:a5:21:8c:24:21:d6:9e:c8:8f:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:BD:D7:6C:69:3B:73:88:F8:32:3C:8B:0A:70:99:D8:08:52:6B:98
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/l73XbGk7c4j4MjyLCnCZ2AhSa5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9903:501::/48
2a10:9903:511::/48
Signature Algorithm: sha256WithRSAEncryption
aa:8c:b1:34:98:fc:83:b1:d4:2d:d8:23:83:8e:1e:4a:1d:d0:
ef:39:ed:ef:27:33:e4:4e:6b:25:4f:cb:3c:3a:83:b2:07:eb:
5b:25:f0:5e:cf:dd:7e:a7:b2:bb:e5:75:f5:44:67:80:a9:ee:
0b:4b:3c:07:02:3c:28:9c:93:ce:a5:7b:b8:3d:e0:5d:b8:b1:
38:2f:85:d4:9c:f2:80:03:c1:08:4a:32:22:e8:e2:6c:f4:70:
8e:a5:87:43:f2:22:21:e8:bd:5e:36:ef:a5:60:61:c8:da:94:
93:57:69:c8:e2:5a:6d:a7:84:90:d5:b5:2a:1f:c1:06:8f:a0:
00:ac:e3:2d:1a:7b:d5:d6:25:7d:85:dc:de:2a:a1:80:cf:6f:
ce:02:71:14:db:c1:0f:ec:4a:ef:c1:6b:4a:52:fe:c2:f9:3d:
bc:97:6e:f9:f0:ea:74:4f:fd:d0:fa:df:cd:95:5e:06:f0:9d:
04:a7:25:0b:0d:d0:54:3a:a9:bb:eb:77:79:87:fc:5b:50:21:
57:3a:ca:a7:c5:11:f5:6f:26:fc:df:04:6c:94:1b:22:11:3f:
f6:e3:72:d9:bc:49:e4:26:c3:3e:45:29:7a:cb:02:15:3f:e1:
17:9e:46:ab:73:78:40:9a:3e:71:8f:81:6d:54:1e:21:23:48:
f1:3d:81:32
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQiH8E/d/AqMgSXsAQsHLtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjUwMTAxMTM0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2JkZDc2YzY5M2I3Mzg4ZjgzMjNjOGIwYTcwOTlkODA4NTI2Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77Yal5uklrX0TbVaw+jnv8hyedfo
2wX8T2DAD+vxYMAhNb++e9lLY/Xid/6cxXz7Zi62kahBp71r+KMyShDphOYbEm1U
qVfh+rLI4pEDy6lSlRWxzJW41VrWStwJIykNHYjHT4dDOw70VdyCo8SRZGzICuQP
grHwvVK8LGWILlK9C0VjGdPwuSUTQp9DzkYH77bs/0zD0uySPVi9+K/nMMBlHJW/
lfK3+OGdfWhWNjtXBHkwYMzFT5SP8le/co3WAbKPxTLT2mNUSwnrTxt++MycuZie
hwUwX6chwd71DTwCBSVH9blwic20C4AiEm+DzuUhHx2lIYwkIdaeyI8K2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJe912xpO3OI+DI8iwpwmdgIUmuYMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvbDczWGJHazdjNGo0TWp5TENuQ1oyQWhTYTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhCZAwUB
AwcAKhCZAwURMA0GCSqGSIb3DQEBCwUAA4IBAQCqjLE0mPyDsdQt2CODjh5KHdDv
Oe3vJzPkTmslT8s8OoOyB+tbJfBez91+p7K75XX1RGeAqe4LSzwHAjwonJPOpXu4
PeBduLE4L4XUnPKAA8EISjIi6OJs9HCOpYdD8iIh6L1eNu+lYGHI2pSTV2nI4lpt
p4SQ1bUqH8EGj6AArOMtGnvV1iV9hdzeKqGAz2/OAnEU28EP7ErvwWtKUv7C+T28
l2758Op0T/3Q+t/NlV4G8J0EpyULDdBUOqm763d5h/xbUCFXOsqnxRH1byb83wRs
lBsiET/243LZvEnkJsM+RSl6ywIVP+EXnkarc3hAmj5xj4FtVB4hI0jxPYEy
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:50:53 2025 by rpki-client