Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_KDIdwTFrzJPS1JiDjJujlzj2mM.roa
File: _KDIdwTFrzJPS1JiDjJujlzj2mM.roa (raw, json)
Hash identifier: a3jrdyk+Bp907BUR8K2olXEf2X+oLEyOVE/k4ZGxzvQ=
Subject key identifier: FC:A0:C8:77:04:C5:AF:32:4F:4B:52:62:0E:32:6E:8E:5C:E3:DA:63
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522991C617AE646ADDF0F8C931DC1CD
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_KDIdwTFrzJPS1JiDjJujlzj2mM.roa
Signing time: Thu 02 Jan 2025 03:50:11 +0000
ROA not before: Thu 02 Jan 2025 03:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 256257
IP address blocks: 2a0e:b107:219f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:99:1c:61:7a:e6:46:ad:df:0f:8c:93:1d:c1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fca0c87704c5af324f4b52620e326e8e5ce3da63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4a:90:a0:c1:77:a2:60:b8:fa:20:1c:2a:fa:
31:d9:8f:72:b3:f4:11:3a:60:cf:54:ff:d6:bf:dd:
c8:e5:12:13:fe:55:ef:34:f7:8d:85:51:02:b2:ae:
e7:a6:82:6f:5b:a5:42:20:39:28:b3:1b:5a:68:61:
ec:ab:04:5e:44:77:e6:b9:3a:c3:b9:d0:9c:ca:3f:
da:f2:78:5a:69:0a:26:2f:65:94:b8:e6:40:d6:37:
bf:d1:6a:7c:4d:74:f4:ff:b6:de:35:ef:52:f4:45:
44:69:61:65:a0:5a:ce:65:c5:68:fa:15:1d:66:15:
44:f3:d2:66:54:53:b5:75:39:f6:5e:ea:c8:b8:34:
6e:f0:1d:36:2d:71:4f:50:d9:76:fe:12:40:32:af:
d7:be:33:71:08:3b:a0:7f:0b:38:bb:92:1e:83:3c:
1d:cd:b7:f1:ac:f3:d2:0b:5b:98:f5:1a:6e:96:2d:
1d:b7:69:a2:4a:56:94:f5:9c:10:48:ff:96:73:db:
06:7a:ab:90:14:ee:75:19:c0:34:26:34:52:4c:43:
34:b4:14:c0:54:4a:91:20:8d:3f:2e:14:5d:e2:98:
c6:80:d7:df:81:59:f1:26:e5:d5:b1:aa:fd:a0:39:
59:61:1f:7e:1d:2a:43:99:95:f3:27:48:b3:cc:ab:
aa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A0:C8:77:04:C5:AF:32:4F:4B:52:62:0E:32:6E:8E:5C:E3:DA:63
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/_KDIdwTFrzJPS1JiDjJujlzj2mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:219f::/48
Signature Algorithm: sha256WithRSAEncryption
9f:18:c0:03:a2:0f:05:72:de:56:e7:69:5b:ba:bb:7d:30:13:
cc:91:79:53:35:e1:4e:7e:57:d7:9d:d6:ca:3c:a2:fc:e1:58:
7e:a2:09:71:44:aa:cd:bd:f7:88:ad:fe:11:a7:b1:b1:65:d4:
ab:5a:8d:31:fa:81:59:48:7a:5a:83:ec:56:61:05:db:48:be:
9c:4c:4b:3c:00:e3:a9:fd:fe:03:d5:56:08:f7:cb:79:40:05:
9f:25:fa:62:dd:9a:ae:2e:1f:ed:4c:a2:1d:4f:99:36:43:8e:
a9:e8:73:e2:65:ab:46:85:91:73:e7:94:72:50:8c:91:c8:0e:
b3:38:80:d8:fb:d2:b4:85:89:87:ae:c5:78:8f:ea:6f:3b:06:
6c:71:c2:40:34:e4:3b:70:e0:d4:f4:3e:f9:17:41:0d:49:88:
f0:e8:d5:0d:ae:3e:18:7c:f1:4b:52:e0:1f:df:f7:f9:96:78:
7e:2e:ef:c0:fd:e4:3b:aa:5d:ff:7d:8e:0d:15:71:ca:fc:78:
91:fc:c6:c5:60:cd:bb:d6:49:b0:bb:c1:e0:9a:c8:b8:89:f6:
38:07:b5:e9:40:c4:22:42:bf:da:a2:d5:35:15:4e:e7:2e:92:
84:7a:49:c0:d2:28:3c:24:13:80:bb:c1:38:95:64:92:64:55:
ae:0e:86:2d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIpkcYXrmRq3fD4yTHcHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2EwYzg3NzA0YzVhZjMyNGY0YjUyNjIwZTMyNmU4ZTVjZTNkYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20qQoMF3omC4+iAcKvox2Y9ys/QR
OmDPVP/Wv93I5RIT/lXvNPeNhVECsq7npoJvW6VCIDkosxtaaGHsqwReRHfmuTrD
udCcyj/a8nhaaQomL2WUuOZA1je/0Wp8TXT0/7beNe9S9EVEaWFloFrOZcVo+hUd
ZhVE89JmVFO1dTn2XurIuDRu8B02LXFPUNl2/hJAMq/XvjNxCDugfws4u5Iegzwd
zbfxrPPSC1uY9Rpuli0dt2miSlaU9ZwQSP+Wc9sGequQFO51GcA0JjRSTEM0tBTA
VEqRII0/LhRd4pjGgNffgVnxJuXVsar9oDlZYR9+HSpDmZXzJ0izzKuqnQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPygyHcExa8yT0tSYg4ybo5c49pjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvX0tESWR3VEZyekpQUzFKaURqSnVqbHpqMm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xByGf
MA0GCSqGSIb3DQEBCwUAA4IBAQCfGMADog8Fct5W52lburt9MBPMkXlTNeFOflfX
ndbKPKL84Vh+oglxRKrNvfeIrf4Rp7GxZdSrWo0x+oFZSHpag+xWYQXbSL6cTEs8
AOOp/f4D1VYI98t5QAWfJfpi3ZquLh/tTKIdT5k2Q46p6HPiZatGhZFz55RyUIyR
yA6zOIDY+9K0hYmHrsV4j+pvOwZsccJANOQ7cODU9D75F0ENSYjw6NUNrj4YfPFL
UuAf3/f5lnh+Lu/A/eQ7ql3/fY4NFXHK/HiR/MbFYM271kmwu8Hgmsi4ifY4B7Xp
QMQiQr/aotU1FU7nLpKEeknA0ig8JBOAu8E4lWSSZFWuDoYt
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:34:12 2025 by rpki-client