Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-9IDiNz2otNC6-PlxjLgRBniMTE.roa
File: 1-9IDiNz2otNC6-PlxjLgRBniMTE.roa (raw, json)
Hash identifier: zzKILcEX9/7SOdE+D6DkZWrV8qANCQGLrgqAmc3mzQI=
Subject key identifier: FB:D2:03:88:DC:F6:A2:D3:42:EB:E3:E5:C6:32:E0:44:19:E2:31:31
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01958A877DF122DE36F6D6C3348B466FA467
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-9IDiNz2otNC6-PlxjLgRBniMTE.roa
Signing time: Wed 12 Mar 2025 13:24:50 +0000
ROA not before: Wed 12 Mar 2025 13:24:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214801
IP address blocks: 2a10:2f00:1a1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:87:7d:f1:22:de:36:f6:d6:c3:34:8b:46:6f:a4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 12 13:24:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbd20388dcf6a2d342ebe3e5c632e04419e23131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:62:7d:e5:4a:69:bd:d5:f3:d8:eb:3c:e4:
d2:58:06:45:02:14:86:d8:36:8f:8b:cf:e6:fe:c1:
92:f3:e7:ce:3f:44:d5:81:25:83:61:e9:d4:0d:01:
6e:3c:e8:13:28:02:da:c0:10:24:e0:c6:70:c2:0f:
1f:37:b5:5f:47:6c:3f:64:bb:a3:13:f9:96:fb:c6:
82:9b:b5:10:19:1b:93:ac:fa:10:d8:e6:44:5a:b4:
85:22:37:e3:98:1e:73:ee:8e:fb:47:aa:e3:c6:e2:
3d:c7:48:ec:b6:83:3d:53:8f:05:0c:cd:17:6a:8e:
15:2c:ce:c0:1c:35:2e:41:9b:40:79:42:ee:2f:25:
fe:1a:4a:4e:e2:b1:56:3d:27:31:ab:6b:ea:8c:5d:
d6:ed:55:bf:01:36:49:6e:97:94:36:b1:8e:3f:a2:
8d:5f:88:ce:1b:44:16:8b:e6:e1:f5:41:e1:28:a9:
c3:be:9e:e8:53:a3:83:0c:9f:3c:a0:eb:2e:69:26:
44:02:74:d8:ab:16:33:61:b6:c8:3d:dd:c6:d9:a6:
cd:ac:01:3c:86:49:4e:e9:83:f6:2f:83:18:47:0b:
02:38:f9:e2:7a:01:ad:e2:67:39:4c:bf:7a:44:09:
f7:d5:66:26:40:8f:f2:10:2e:fa:2a:93:47:1d:29:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D2:03:88:DC:F6:A2:D3:42:EB:E3:E5:C6:32:E0:44:19:E2:31:31
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/1-9IDiNz2otNC6-PlxjLgRBniMTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2f00:1a1::/48
Signature Algorithm: sha256WithRSAEncryption
a2:10:c3:0b:32:cc:bc:b9:13:ab:69:95:b7:c8:b2:ff:23:4c:
e6:7f:c8:15:ef:67:af:a3:91:91:8f:0c:c5:31:d2:e3:ab:b1:
4a:10:2b:39:17:bd:18:9f:d6:d2:9d:49:d8:23:27:7b:04:b1:
3d:71:5b:0b:98:96:00:cd:4f:8c:2c:df:de:b7:b0:26:8e:48:
a7:3d:f7:b5:e7:e1:37:96:e1:06:d5:fe:6f:76:7f:8d:32:0d:
1c:98:c0:20:f6:b9:c7:75:be:fb:0d:11:64:68:9f:cd:c3:13:
dc:a4:02:1d:d9:c2:78:ae:a6:9e:4c:13:40:9a:5f:c3:a9:d5:
b5:5c:49:a4:55:5c:88:b1:67:bd:b1:88:91:36:22:28:e9:3a:
ea:d3:f4:bc:98:15:cc:fc:e8:28:d7:6e:38:9b:df:3f:cb:eb:
6c:4d:ed:03:4f:fe:c1:de:8a:b6:cb:e1:57:bf:9b:38:da:69:
c3:bb:3a:b0:43:e1:16:86:fa:41:2e:3d:98:f5:df:ca:4a:e1:
8f:00:ef:5b:49:80:c6:69:76:2e:0a:31:65:97:0b:88:d4:93:
07:c3:3c:8e:e2:88:bd:76:e5:83:d6:53:de:5d:1f:86:8b:a8:
de:6e:0e:e3:15:43:f0:04:0e:92:c2:49:07:50:31:82:8c:29:
ba:0c:fd:69
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZWKh33xIt429tbDNItGb6RnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzEyMTMyNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQyMDM4OGRjZjZhMmQzNDJlYmUzZTVjNjMyZTA0NDE5ZTIzMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQRifeVKab3V89jrPOTSWAZFAhSG
2DaPi8/m/sGS8+fOP0TVgSWDYenUDQFuPOgTKALawBAk4MZwwg8fN7VfR2w/ZLuj
E/mW+8aCm7UQGRuTrPoQ2OZEWrSFIjfjmB5z7o77R6rjxuI9x0jstoM9U48FDM0X
ao4VLM7AHDUuQZtAeULuLyX+GkpO4rFWPScxq2vqjF3W7VW/ATZJbpeUNrGOP6KN
X4jOG0QWi+bh9UHhKKnDvp7oU6ODDJ88oOsuaSZEAnTYqxYzYbbIPd3G2abNrAE8
hklO6YP2L4MYRwsCOPniegGt4mc5TL96RAn31WYmQI/yEC76KpNHHSkrTwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPvSA4jc9qLTQuvj5cYy4EQZ4jExMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMS05SURpTnoyb3ROQzYtUGx4akxnUkJuaU1URS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvNDk1N2E0LWNlNTktNDMxNS05OTc2LWRjNWVjNzQ4ZjZh
NS8xL1kta1djWHF4SE16eEh2SDdYQkx1UVpVUHJacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoQLwAB
oTANBgkqhkiG9w0BAQsFAAOCAQEAohDDCzLMvLkTq2mVt8iy/yNM5n/IFe9nr6OR
kY8MxTHS46uxShArORe9GJ/W0p1J2CMnewSxPXFbC5iWAM1PjCzf3rewJo5Ipz33
tefhN5bhBtX+b3Z/jTINHJjAIPa5x3W++w0RZGifzcMT3KQCHdnCeK6mnkwTQJpf
w6nVtVxJpFVciLFnvbGIkTYiKOk66tP0vJgVzPzoKNduOJvfP8vrbE3tA0/+wd6K
tsvhV7+bONppw7s6sEPhFob6QS49mPXfykrhjwDvW0mAxml2LgoxZZcLiNSTB8M8
juKIvXblg9ZT3l0fhouo3m4O4xVD8AQOksJJB1Axgowpugz9aQ==
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:45:31 2025 by rpki-client