Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/0YjAyuFv7r4ffJyU19rkHGCpTW8.roa
File: 0YjAyuFv7r4ffJyU19rkHGCpTW8.roa (raw, json)
Hash identifier: bjyxQtyhEODcoUr59e0dCMYZE1aMpTRiqdjbbUC95g8=
Subject key identifier: D1:88:C0:CA:E1:6F:EE:BE:1F:7C:9C:94:D7:DA:E4:1C:60:A9:4D:6F
Certificate issuer: /CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Certificate serial: 0194D725CDB735FC16350F43EB38F3186A97
Authority key identifier: F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/0YjAyuFv7r4ffJyU19rkHGCpTW8.roa
Signing time: Wed 05 Feb 2025 17:26:06 +0000
ROA not before: Wed 05 Feb 2025 17:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64286
IP address blocks: 2001:3500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d7:25:cd:b7:35:fc:16:35:0f:43:eb:38:f3:18:6a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7
Validity
Not Before: Feb 5 17:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d188c0cae16feebe1f7c9c94d7dae41c60a94d6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:18:98:28:f0:c4:8c:67:8a:5d:40:1a:c6:87:
1f:89:c0:29:fb:51:03:1e:ce:a1:28:31:c8:4b:a3:
4b:a6:cc:44:56:d5:a7:4a:e5:a7:22:25:6a:bc:09:
e0:f9:35:bd:89:66:d9:be:d7:5b:30:fd:a2:20:3a:
92:54:af:a1:62:49:04:6d:8b:d8:05:9a:c5:2c:70:
d3:4a:2a:a7:3b:b5:ab:42:53:32:17:f6:65:8e:7e:
a3:8f:10:05:d3:d3:e6:68:e9:cb:82:e7:19:84:a5:
1e:dc:b4:d0:1e:7d:03:8d:78:48:32:a8:ca:0f:f8:
f1:e0:76:34:f6:f0:9c:28:30:cf:c8:7f:85:ee:82:
52:d6:98:1b:9f:b1:55:e8:80:de:67:d1:ab:3b:e5:
68:4d:6a:a5:cc:16:32:19:80:62:d2:44:37:8f:7e:
f8:96:1c:52:9c:38:7d:c8:5a:e5:d6:df:a6:af:93:
42:67:d0:f3:4f:5c:5e:2a:e5:49:c6:36:61:18:db:
ca:2b:b8:27:99:37:9c:7b:d6:82:71:e0:5a:3b:55:
db:65:fa:86:28:c3:f4:06:78:1d:a5:e1:7f:74:5b:
1a:3c:36:1b:7c:57:cc:99:0a:93:c2:61:09:e0:2a:
95:81:4c:94:08:15:06:e2:54:0f:5b:f3:ab:99:da:
fc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:88:C0:CA:E1:6F:EE:BE:1F:7C:9C:94:D7:DA:E4:1C:60:A9:4D:6F
X509v3 Authority Key Identifier:
keyid:F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/0YjAyuFv7r4ffJyU19rkHGCpTW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3500::/32
Signature Algorithm: sha256WithRSAEncryption
0f:46:6b:1b:5d:32:60:c0:16:84:04:9e:d7:16:f7:c0:7e:81:
00:68:f4:ee:82:61:46:bf:f2:10:2d:20:0a:fa:69:85:d1:d3:
58:88:c4:b8:a8:b2:be:17:ed:2f:fe:35:f0:25:68:ad:9e:b8:
05:f4:0a:94:e5:81:6f:de:a1:8b:93:14:35:e8:ff:6c:03:4f:
24:6b:07:e0:7a:05:1c:0c:f9:8a:f9:cd:1d:9b:80:4d:3b:a2:
6c:2f:40:08:48:4c:91:a2:4f:e3:d6:5b:6f:c8:1d:aa:36:95:
74:3e:a1:b1:32:7f:0d:a1:c7:ed:39:79:f4:e5:a6:e5:68:50:
92:02:7a:7b:93:00:70:cd:38:73:e6:1a:62:15:0d:be:a6:7e:
22:46:d2:67:e7:a0:67:73:a1:4f:dc:a8:67:73:b4:f2:88:57:
dc:16:a0:78:da:0c:8d:27:88:60:91:a9:25:01:ae:42:26:34:
8c:16:a8:d6:03:56:03:8f:0d:92:77:e4:09:72:d5:82:86:08:
30:49:fc:1f:d5:07:f0:c2:14:1b:22:75:90:54:10:de:3e:72:
1b:2c:ae:88:e2:1c:13:99:a5:db:ef:9c:cb:e2:9a:59:4b:79:
80:54:b5:2b:74:1a:a9:d0:26:df:f3:33:fa:1a:75:b1:80:e3:
16:e1:f1:23
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZTXJc23NfwWNQ9D6zjzGGqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYTI1M2NkZjUwN2EwM2UxZjU3OWQyMDJkOGRmMTFkNjhm
NWMzZDcwHhcNMjUwMjA1MTcyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg4YzBjYWUxNmZlZWJlMWY3YzljOTRkN2RhZTQxYzYwYTk0ZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRiYKPDEjGeKXUAaxocficAp+1ED
Hs6hKDHIS6NLpsxEVtWnSuWnIiVqvAng+TW9iWbZvtdbMP2iIDqSVK+hYkkEbYvY
BZrFLHDTSiqnO7WrQlMyF/Zljn6jjxAF09PmaOnLgucZhKUe3LTQHn0DjXhIMqjK
D/jx4HY09vCcKDDPyH+F7oJS1pgbn7FV6IDeZ9GrO+VoTWqlzBYyGYBi0kQ3j374
lhxSnDh9yFrl1t+mr5NCZ9DzT1xeKuVJxjZhGNvKK7gnmTece9aCceBaO1XbZfqG
KMP0BngdpeF/dFsaPDYbfFfMmQqTwmEJ4CqVgUyUCBUG4lQPW/Ormdr8XQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNGIwMrhb+6+H3yclNfa5BxgqU1vMB8GA1UdIwQY
MBaAFPKiU831B6A+H1edIC2N8R1o9cPXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHFKVHpmVUhvRDRmVjUwZ0xZM3hIV2oxdzljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8xMGViZWMtMjc4NC00ZGFhLThkZjct
YmU0ZDVkMDlkNzEwLzEvMFlqQXl1RnY3cjRmZkp5VTE5cmtIR0NwVFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8xMGViZWMtMjc4NC00ZGFhLThkZjctYmU0ZDVkMDlkNzEw
LzEvOHFKVHpmVUhvRDRmVjUwZ0xZM3hIV2oxdzljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAE1ADAN
BgkqhkiG9w0BAQsFAAOCAQEAD0ZrG10yYMAWhASe1xb3wH6BAGj07oJhRr/yEC0g
CvpphdHTWIjEuKiyvhftL/418CVorZ64BfQKlOWBb96hi5MUNej/bANPJGsH4HoF
HAz5ivnNHZuATTuibC9ACEhMkaJP49Zbb8gdqjaVdD6hsTJ/DaHH7Tl59OWm5WhQ
kgJ6e5MAcM04c+YaYhUNvqZ+IkbSZ+egZ3OhT9yoZ3O08ohX3BageNoMjSeIYJGp
JQGuQiY0jBao1gNWA48NknfkCXLVgoYIMEn8H9UH8MIUGyJ1kFQQ3j5yGyyuiOIc
E5ml2++cy+KaWUt5gFS1K3QaqdAm3/Mz+hp1sYDjFuHxIw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:22:48 2025 by rpki-client