Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I2UR7c8V7BX8O-oAlelT7mwsgQQ.roa
File: I2UR7c8V7BX8O-oAlelT7mwsgQQ.roa (raw, json)
Hash identifier: j9FuB0FCP/r6oE89cGJGOEbtNyWfWvOxUUmVMtze8zU=
Subject key identifier: 23:65:11:ED:CF:15:EC:15:FC:3B:EA:00:95:E9:53:EE:6C:2C:81:04
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019528659F15E806F4C356F89D65ABF0FB2A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I2UR7c8V7BX8O-oAlelT7mwsgQQ.roa
Signing time: Fri 21 Feb 2025 12:05:03 +0000
ROA not before: Fri 21 Feb 2025 12:05:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215426
IP address blocks: 2a06:de02:180::/42 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:28:65:9f:15:e8:06:f4:c3:56:f8:9d:65:ab:f0:fb:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 21 12:05:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=236511edcf15ec15fc3bea0095e953ee6c2c8104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:23:10:c4:76:e8:88:1e:95:9a:5e:17:67:62:
9d:20:d5:e0:8a:e6:54:77:37:57:5b:19:0b:e7:f9:
fb:9d:26:cc:8a:c3:d1:a3:cd:55:85:ce:8d:c2:41:
81:75:4b:98:ac:28:92:dd:15:f8:87:a1:29:c3:61:
fa:d3:66:5a:24:ec:db:cd:bd:85:c0:e2:63:a9:c2:
ae:2d:98:5f:1f:6f:e3:3d:45:e3:ae:12:4e:30:e4:
f4:b7:00:6c:d5:3d:31:12:58:63:18:8f:8c:3a:1d:
a2:50:34:ba:06:77:ec:97:2a:e3:10:55:76:a3:16:
b4:6e:3b:11:98:4b:38:97:08:cb:b9:b6:4a:44:08:
90:a2:cd:09:a4:2d:b9:ee:c2:07:d8:2a:92:6e:18:
82:f8:76:ba:3e:01:5d:30:1f:8d:66:6a:ff:81:62:
0c:c6:22:c6:26:a5:8d:5e:3f:cc:76:b1:34:13:26:
31:1e:be:25:01:27:a5:3f:e4:f1:e5:1b:dd:8b:69:
90:ab:49:b7:05:85:df:a1:d0:cd:d6:41:e0:a7:1b:
64:0d:1a:8d:bd:be:7e:39:32:5b:1f:f9:e1:13:f8:
ac:af:10:67:65:1e:f1:69:12:ea:60:95:dd:1a:21:
f8:12:e4:f6:6d:94:4c:91:53:39:98:fe:9a:5b:27:
52:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:65:11:ED:CF:15:EC:15:FC:3B:EA:00:95:E9:53:EE:6C:2C:81:04
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/I2UR7c8V7BX8O-oAlelT7mwsgQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de02:180::/42
Signature Algorithm: sha256WithRSAEncryption
a5:39:f1:f8:2c:c4:c1:8e:da:a7:a1:e1:ee:11:61:d4:f0:8b:
b9:5b:32:20:ed:dc:55:f1:0d:b4:ca:66:bf:02:e0:e5:61:b1:
5b:32:24:03:3c:14:77:83:10:40:fb:1c:30:38:b4:bb:0d:62:
0b:cc:50:d3:c9:5e:b2:a9:05:1c:84:4e:de:c8:6d:d7:84:59:
84:c3:71:a7:ae:6d:80:6a:09:bc:71:d8:ef:3f:4d:cd:ee:39:
cb:02:f5:f1:97:a4:17:08:39:c4:25:59:2b:14:e6:c8:18:4b:
77:6b:0a:05:83:ef:07:9d:2f:55:9d:da:44:22:c7:64:55:e0:
72:a7:48:1a:4d:97:21:5b:2e:5b:55:00:f3:3d:38:3d:d6:52:
07:29:7e:36:ea:c1:2f:e1:a4:d2:ed:a5:b7:eb:57:62:e8:81:
4b:42:86:f8:0d:a7:36:a9:66:88:9e:c7:ab:23:56:a6:40:14:
ef:83:5a:df:2a:8b:d1:97:ba:8d:23:2b:51:2b:f5:ad:2c:f3:
f6:19:ee:e6:2e:af:cf:d7:8c:d9:4a:86:73:69:e7:10:ff:49:
e7:8c:14:91:d1:11:f7:8b:d9:0e:c3:62:37:44:6a:ab:11:35:
2a:f3:e3:4c:9f:17:b6:b4:e6:a5:33:c1:36:14:d1:13:be:3d:
77:7f:bb:af
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZUoZZ8V6Ab0w1b4nWWr8PsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjIxMTIwNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzY1MTFlZGNmMTVlYzE1ZmMzYmVhMDA5NWU5NTNlZTZjMmM4MTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziMQxHboiB6Vml4XZ2KdINXgiuZU
dzdXWxkL5/n7nSbMisPRo81Vhc6NwkGBdUuYrCiS3RX4h6Epw2H602ZaJOzbzb2F
wOJjqcKuLZhfH2/jPUXjrhJOMOT0twBs1T0xElhjGI+MOh2iUDS6BnfslyrjEFV2
oxa0bjsRmEs4lwjLubZKRAiQos0JpC257sIH2CqSbhiC+Ha6PgFdMB+NZmr/gWIM
xiLGJqWNXj/MdrE0EyYxHr4lASelP+Tx5Rvdi2mQq0m3BYXfodDN1kHgpxtkDRqN
vb5+OTJbH/nhE/isrxBnZR7xaRLqYJXdGiH4EuT2bZRMkVM5mP6aWydSUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCNlEe3PFewV/DvqAJXpU+5sLIEEMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvSTJVUjdjOFY3Qlg4Ty1vQWxlbFQ3bXdzZ1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgbeAgGA
MA0GCSqGSIb3DQEBCwUAA4IBAQClOfH4LMTBjtqnoeHuEWHU8Iu5WzIg7dxV8Q20
yma/AuDlYbFbMiQDPBR3gxBA+xwwOLS7DWILzFDTyV6yqQUchE7eyG3XhFmEw3Gn
rm2Aagm8cdjvP03N7jnLAvXxl6QXCDnEJVkrFObIGEt3awoFg+8HnS9VndpEIsdk
VeByp0gaTZchWy5bVQDzPTg91lIHKX426sEv4aTS7aW361di6IFLQob4Dac2qWaI
nserI1amQBTvg1rfKovRl7qNIytRK/WtLPP2Ge7mLq/P14zZSoZzaecQ/0nnjBSR
0RH3i9kOw2I3RGqrETUq8+NMnxe2tOalM8E2FNETvj13f7uv
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:26:01 2025 by rpki-client