Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/a_YSXRy0GEriEr_Yop65IVdtSPw.roa
File: a_YSXRy0GEriEr_Yop65IVdtSPw.roa (raw, json)
Hash identifier: wLE2AzL6ZkOvLLE19J24Zeu03IrBHRQfEcPvlWi0nkI=
Subject key identifier: 6B:F6:12:5D:1C:B4:18:4A:E2:12:BF:D8:A2:9E:B9:21:57:6D:48:FC
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 01942521A1D8EA02EC82BB12D57FDB64A5AA
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/a_YSXRy0GEriEr_Yop65IVdtSPw.roa
Signing time: Thu 02 Jan 2025 03:49:08 +0000
ROA not before: Thu 02 Jan 2025 03:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213700
IP address blocks: 2a13:a5c7:2800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a1:d8:ea:02:ec:82:bb:12:d5:7f:db:64:a5:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 2 03:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bf6125d1cb4184ae212bfd8a29eb921576d48fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:b5:2e:d2:59:34:bb:ec:f5:1f:60:59:7d:
d0:77:0e:07:78:a1:46:48:f4:76:5b:26:5b:29:5b:
6a:37:89:63:79:78:25:dc:b0:2b:94:4d:a1:8f:36:
6c:a7:cd:69:21:2e:e8:8e:2a:fc:bb:13:96:8d:8c:
f1:80:ab:d8:5b:68:3c:4b:27:85:15:1b:99:73:08:
8d:fe:a1:03:9e:5f:81:7e:2d:9b:09:8d:b6:6c:53:
4d:6d:7d:72:ad:a5:2a:b4:6a:17:75:0c:9f:fd:17:
f1:47:8d:2a:1a:b9:7b:11:98:a5:2b:eb:c6:56:18:
13:72:3b:74:d1:37:7a:94:ff:56:ef:03:49:2b:ae:
dc:53:2a:29:f4:f7:a3:04:59:0e:b8:40:f4:89:9c:
ec:0a:ef:ab:d5:ca:71:88:d1:ae:29:05:ab:b3:8a:
44:bf:40:94:24:a0:4c:c9:85:72:1e:a1:9c:29:4d:
5e:7f:f2:d0:a7:ef:a6:d4:91:fd:74:e5:67:ca:d1:
e1:d7:51:1e:70:ff:09:dd:c3:72:2d:4b:20:65:9c:
e0:64:c3:13:5e:12:bd:ea:96:b7:f1:e2:fd:3d:e6:
5c:03:4f:13:66:13:70:6e:09:54:2d:2a:25:c3:97:
e5:52:f9:f1:58:cb:f5:61:a6:4b:f6:38:36:a1:d6:
cc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F6:12:5D:1C:B4:18:4A:E2:12:BF:D8:A2:9E:B9:21:57:6D:48:FC
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/a_YSXRy0GEriEr_Yop65IVdtSPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c7:2800::/40
Signature Algorithm: sha256WithRSAEncryption
5d:00:2c:9e:87:b6:c7:61:df:59:9e:43:12:80:a6:3c:05:f8:
0a:40:75:78:53:68:0c:f6:dc:e3:24:7c:fe:7c:96:b5:c9:c2:
8c:b9:5f:6a:d0:5e:30:7c:54:a5:1a:bd:26:c8:aa:be:94:6b:
9f:91:ae:54:ab:99:2d:6d:91:ca:96:01:b5:59:0e:36:4e:3a:
54:a5:62:1e:55:f8:53:12:ab:4b:d1:0f:16:cc:d8:e6:b6:a9:
57:15:ba:84:7e:e5:c1:1f:a2:31:2c:6b:b7:62:d0:80:87:0f:
f5:15:96:b0:a6:f8:86:71:2e:53:f6:82:90:71:92:b4:65:c9:
5a:6c:07:92:d5:0a:0d:31:c2:25:51:f1:2c:34:9c:73:02:a2:
10:b5:8b:d6:df:4f:01:9a:39:2f:80:5d:42:8e:1c:f8:8f:bb:
90:cc:5d:2e:b3:fd:04:85:1e:41:44:08:cb:f1:80:67:a6:71:
66:2e:69:a4:7f:dc:72:43:4f:b3:d0:79:04:84:f4:59:21:d0:
96:98:00:49:72:21:4b:06:3d:47:ba:ed:3d:41:cd:c1:13:e3:
e9:3a:f8:d6:0e:5a:18:ed:9e:6c:5e:6a:55:d1:26:36:58:03:
41:5a:ab:c8:9c:f9:61:06:35:32:16:ca:5f:41:1f:d6:2e:c7:
ba:50:23:7f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIaHY6gLsgrsS1X/bZKWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjUwMTAyMDM0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmY2MTI1ZDFjYjQxODRhZTIxMmJmZDhhMjllYjkyMTU3NmQ0OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHu1LtJZNLvs9R9gWX3Qdw4HeKFG
SPR2WyZbKVtqN4ljeXgl3LArlE2hjzZsp81pIS7ojir8uxOWjYzxgKvYW2g8SyeF
FRuZcwiN/qEDnl+Bfi2bCY22bFNNbX1yraUqtGoXdQyf/RfxR40qGrl7EZilK+vG
VhgTcjt00Td6lP9W7wNJK67cUyop9PejBFkOuED0iZzsCu+r1cpxiNGuKQWrs4pE
v0CUJKBMyYVyHqGcKU1ef/LQp++m1JH9dOVnytHh11EecP8J3cNyLUsgZZzgZMMT
XhK96pa38eL9PeZcA08TZhNwbglULSolw5flUvnxWMv1YaZL9jg2odbMcwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGv2El0ctBhK4hK/2KKeuSFXbUj8MB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvYV9ZU1hSeTBHRXJpRXJfWW9wNjVJVmR0U1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxygw
DQYJKoZIhvcNAQELBQADggEBAF0ALJ6Htsdh31meQxKApjwF+ApAdXhTaAz23OMk
fP58lrXJwoy5X2rQXjB8VKUavSbIqr6Ua5+RrlSrmS1tkcqWAbVZDjZOOlSlYh5V
+FMSq0vRDxbM2Oa2qVcVuoR+5cEfojEsa7di0ICHD/UVlrCm+IZxLlP2gpBxkrRl
yVpsB5LVCg0xwiVR8Sw0nHMCohC1i9bfTwGaOS+AXUKOHPiPu5DMXS6z/QSFHkFE
CMvxgGemcWYuaaR/3HJDT7PQeQSE9Fkh0JaYAElyIUsGPUe67T1BzcET4+k6+NYO
WhjtnmxealXRJjZYA0Faq8ic+WEGNTIWyl9BH9Yux7pQI38=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:36:49 2025 by rpki-client