Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aopHKzrUSMBgnbu_05OZ0MygAr8.roa
File: aopHKzrUSMBgnbu_05OZ0MygAr8.roa (raw, json)
Hash identifier: ptPveq1CnZWvZjMklU+z098S9Ycfx36a4waI/ZvA5qg=
Subject key identifier: 6A:8A:47:2B:3A:D4:48:C0:60:9D:BB:BF:D3:93:99:D0:CC:A0:02:BF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521D0DDA05366F9D832413BC27B6136
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aopHKzrUSMBgnbu_05OZ0MygAr8.roa
Signing time: Thu 02 Jan 2025 03:49:20 +0000
ROA not before: Thu 02 Jan 2025 03:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44592
IP address blocks: 2a0e:97c0:3e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d0:dd:a0:53:66:f9:d8:32:41:3b:c2:7b:61:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a8a472b3ad448c0609dbbbfd39399d0cca002bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e8:1e:c1:fd:15:fe:be:99:79:b6:10:88:7d:
36:c0:b3:7a:9e:d6:27:bb:e0:5b:89:d7:95:96:d4:
99:99:1d:00:e7:77:d4:a6:7f:b7:c9:f3:c9:76:db:
5f:a1:91:2f:c3:d2:06:29:45:06:a6:15:39:c2:10:
f5:ef:b2:9f:36:21:35:06:10:95:d7:b9:ec:00:82:
40:31:fb:16:34:95:be:62:22:67:a7:ba:ac:68:aa:
8f:eb:18:0c:1c:6b:b3:c4:c7:c9:b4:3e:b0:6a:5e:
09:66:5b:35:d2:39:9f:fb:5a:c1:f9:b9:6e:39:1e:
ff:43:9d:1d:cf:57:50:40:a3:17:b1:62:d3:4e:3a:
8f:22:cd:70:96:4f:ac:ea:37:c6:19:14:a1:16:2b:
86:d5:1c:15:a0:d3:ef:24:0a:b7:b8:c0:4c:b8:c2:
75:bc:c4:eb:77:36:6e:3b:51:c7:a9:74:c1:fb:b1:
84:e0:4a:15:30:f5:8a:38:06:ee:14:6e:2f:45:20:
14:8c:31:de:1d:d9:75:16:c7:ef:6e:67:cd:ae:27:
1c:12:ee:40:78:dc:fb:75:fa:18:4c:03:f6:f9:90:
87:a7:5d:a9:a0:b4:9a:1e:6a:8e:99:f3:18:53:74:
75:e6:85:f7:e0:f2:be:da:1a:a1:be:e2:9c:78:14:
db:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8A:47:2B:3A:D4:48:C0:60:9D:BB:BF:D3:93:99:D0:CC:A0:02:BF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/aopHKzrUSMBgnbu_05OZ0MygAr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:3e0::/48
Signature Algorithm: sha256WithRSAEncryption
86:0d:6c:5e:a4:22:31:ad:ec:11:da:9b:82:3d:59:50:10:a0:
b0:1d:2d:d1:5d:dc:1e:1a:73:81:17:a7:80:17:b1:0b:3f:d1:
35:98:5d:7c:40:bf:d6:d8:df:ce:ac:c7:07:77:da:27:28:fa:
f2:fc:e0:c9:08:8e:24:d7:d2:10:ff:66:7c:11:d3:bf:af:28:
9d:53:f2:7b:ea:4c:81:3c:aa:51:04:a1:88:9d:f2:1a:3f:28:
41:31:72:ba:ad:dd:82:b5:e8:da:f6:fb:f6:60:29:99:93:35:
11:bc:1c:cc:ea:46:89:a4:5d:74:38:d9:19:83:6e:9d:81:aa:
2e:4f:cc:da:37:1e:18:4b:ac:63:75:0c:84:42:9f:16:9c:aa:
d5:c6:00:bb:ad:1e:c0:65:30:d1:9e:a8:51:37:d8:16:f0:ff:
c7:ae:ed:ad:35:74:ad:ca:d2:c0:e7:18:4e:f6:66:81:fd:3b:
81:dd:09:74:15:9c:a8:6a:a6:7b:8e:cc:f7:02:ed:d8:4b:94:
4b:8d:5d:f3:93:88:64:d0:8e:74:d1:97:da:b9:14:09:eb:a0:
0d:a1:3d:e8:37:c2:cc:6d:c7:6b:f5:d7:7c:85:ad:63:4d:38:
fc:d8:8d:21:02:9f:7b:86:fe:8a:df:87:c6:37:e3:e6:50:8c:
a4:80:de:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIdDdoFNm+dgyQTvCe2E2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YThhNDcyYjNhZDQ0OGMwNjA5ZGJiYmZkMzkzOTlkMGNjYTAwMmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqegewf0V/r6ZebYQiH02wLN6ntYn
u+BbideVltSZmR0A53fUpn+3yfPJdttfoZEvw9IGKUUGphU5whD177KfNiE1BhCV
17nsAIJAMfsWNJW+YiJnp7qsaKqP6xgMHGuzxMfJtD6wal4JZls10jmf+1rB+blu
OR7/Q50dz1dQQKMXsWLTTjqPIs1wlk+s6jfGGRShFiuG1RwVoNPvJAq3uMBMuMJ1
vMTrdzZuO1HHqXTB+7GE4EoVMPWKOAbuFG4vRSAUjDHeHdl1FsfvbmfNriccEu5A
eNz7dfoYTAP2+ZCHp12poLSaHmqOmfMYU3R15oX34PK+2hqhvuKceBTbgwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGqKRys61EjAYJ27v9OTmdDMoAK/MB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYW9wSEt6clVTTUJnbmJ1XzA1T1owTXlnQXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6XwAPg
MA0GCSqGSIb3DQEBCwUAA4IBAQCGDWxepCIxrewR2puCPVlQEKCwHS3RXdweGnOB
F6eAF7ELP9E1mF18QL/W2N/OrMcHd9onKPry/ODJCI4k19IQ/2Z8EdO/ryidU/J7
6kyBPKpRBKGInfIaPyhBMXK6rd2Cteja9vv2YCmZkzURvBzM6kaJpF10ONkZg26d
gaouT8zaNx4YS6xjdQyEQp8WnKrVxgC7rR7AZTDRnqhRN9gW8P/Hru2tNXStytLA
5xhO9maB/TuB3Ql0FZyoaqZ7jsz3Au3YS5RLjV3zk4hk0I500ZfauRQJ66ANoT3o
N8LMbcdr9dd8ha1jTTj82I0hAp97hv6K34fGN+PmUIykgN4+
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:00:37 2025 by rpki-client