Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dLFh3hgJUm_zWByfGg_qstvP5k4.roa
File: dLFh3hgJUm_zWByfGg_qstvP5k4.roa (raw, json)
Hash identifier: RYdrz9HAb6IbC5LmEbfrKtFPX0xy95XO6AmO5kyTeEI=
Subject key identifier: 74:B1:61:DE:18:09:52:6F:F3:58:1C:9F:1A:0F:EA:B2:DB:CF:E6:4E
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0195755773C215A849B4EF7AA0E9A05C205C
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dLFh3hgJUm_zWByfGg_qstvP5k4.roa
Signing time: Sat 08 Mar 2025 10:40:20 +0000
ROA not before: Sat 08 Mar 2025 10:40:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198025
IP address blocks: 2a06:de00:de00::/44 maxlen: 48
2a10:ccc0:ccc0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:75:57:73:c2:15:a8:49:b4:ef:7a:a0:e9:a0:5c:20:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 8 10:40:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74b161de1809526ff3581c9f1a0feab2dbcfe64e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d7:0a:29:e3:6d:ec:8f:62:2a:dd:da:b7:15:
84:61:7d:55:40:05:de:fa:8f:95:dd:2d:95:41:91:
01:a2:7c:6f:61:e3:7c:af:be:9b:15:f9:de:1d:eb:
f8:ec:1f:d4:93:a8:c6:82:24:3d:87:2d:75:a7:a8:
b8:3a:dc:2a:b8:a2:03:e9:c1:55:cf:71:f4:d3:9b:
90:90:f0:e0:3b:c1:b5:01:3a:23:90:ee:f7:60:5c:
cd:49:71:2d:88:1d:4e:22:2c:c5:6a:ed:fb:0a:4a:
9d:04:c3:d0:9f:c2:fe:d4:ee:66:64:85:32:14:f8:
5e:03:47:0e:79:d2:a4:3b:44:a2:41:5a:43:e8:f9:
bb:51:89:5a:e9:c4:b2:8a:26:90:fa:02:c2:d7:12:
91:7f:e3:3e:96:7c:ce:10:d4:1f:97:5a:f7:53:05:
3d:48:ec:91:36:5f:ad:d3:56:7a:7c:d7:39:07:ec:
e4:2d:d9:c7:9c:d7:35:ab:89:88:62:93:7f:7c:d3:
fa:bf:d5:17:40:8a:16:81:c0:a1:f4:a5:25:d1:70:
bb:5c:12:01:d5:9e:8d:b1:ef:39:3a:2f:43:3a:19:
a7:05:b2:8c:fc:e8:e3:02:e5:4a:7e:dd:9e:7f:69:
43:91:17:8c:8c:47:43:b1:a5:a2:a6:80:d5:24:46:
f8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B1:61:DE:18:09:52:6F:F3:58:1C:9F:1A:0F:EA:B2:DB:CF:E6:4E
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dLFh3hgJUm_zWByfGg_qstvP5k4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de00:de00::/44
2a10:ccc0:ccc0::/44
Signature Algorithm: sha256WithRSAEncryption
8a:ec:14:d7:89:5a:19:3e:29:53:03:0b:d5:7f:03:f8:51:d6:
7b:f6:a3:a1:4e:19:0f:ee:aa:7f:7d:a2:fa:02:04:a7:cc:43:
cb:c9:91:3d:f1:f4:3e:0f:07:af:2f:37:8b:b8:5a:96:1d:03:
7a:07:04:d2:4a:c1:e9:71:6c:79:a7:eb:ac:64:ad:ba:05:47:
5f:e5:d2:d8:07:1c:a3:c8:fc:6a:68:c3:4f:89:35:c1:0a:44:
2d:21:3b:8d:be:f7:e5:31:41:11:75:99:57:35:80:44:97:12:
97:d2:05:52:67:aa:d0:74:f5:c4:3e:db:4f:24:30:53:77:f4:
62:9c:6c:9c:07:ad:8a:35:bb:e8:49:c5:86:09:7e:7d:f2:1e:
29:91:93:99:25:75:40:f9:37:31:10:a8:83:5b:3b:0b:04:f4:
12:9e:1d:78:87:01:b0:12:a8:cc:ed:a1:e0:7e:6b:79:49:01:
29:99:14:c6:16:e9:f8:75:b7:ab:f4:d1:86:72:a5:6a:c0:67:
a3:32:a2:ca:c5:fe:e8:c0:4f:f5:8b:2f:e4:42:1d:ad:01:f2:
5f:cd:b4:c7:53:ec:4c:44:cf:21:98:25:9b:2d:3a:df:f8:1b:
31:ca:d8:55:60:22:c4:9d:2d:f8:a3:f6:97:2a:ad:ea:06:53:
23:56:f6:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZV1V3PCFahJtO96oOmgXCBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzA4MTA0MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGIxNjFkZTE4MDk1MjZmZjM1ODFjOWYxYTBmZWFiMmRiY2ZlNjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNcKKeNt7I9iKt3atxWEYX1VQAXe
+o+V3S2VQZEBonxvYeN8r76bFfneHev47B/Uk6jGgiQ9hy11p6i4OtwquKID6cFV
z3H005uQkPDgO8G1ATojkO73YFzNSXEtiB1OIizFau37CkqdBMPQn8L+1O5mZIUy
FPheA0cOedKkO0SiQVpD6Pm7UYla6cSyiiaQ+gLC1xKRf+M+lnzOENQfl1r3UwU9
SOyRNl+t01Z6fNc5B+zkLdnHnNc1q4mIYpN/fNP6v9UXQIoWgcCh9KUl0XC7XBIB
1Z6Nse85Oi9DOhmnBbKM/OjjAuVKft2ef2lDkReMjEdDsaWipoDVJEb4JQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHSxYd4YCVJv81gcnxoP6rLbz+ZOMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZExGaDNoZ0pVbV96V0J5ZkdnX3FzdHZQNWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgbeAN4A
AwcEKhDMwMzAMA0GCSqGSIb3DQEBCwUAA4IBAQCK7BTXiVoZPilTAwvVfwP4UdZ7
9qOhThkP7qp/faL6AgSnzEPLyZE98fQ+DwevLzeLuFqWHQN6BwTSSsHpcWx5p+us
ZK26BUdf5dLYBxyjyPxqaMNPiTXBCkQtITuNvvflMUERdZlXNYBElxKX0gVSZ6rQ
dPXEPttPJDBTd/RinGycB62KNbvoScWGCX598h4pkZOZJXVA+TcxEKiDWzsLBPQS
nh14hwGwEqjM7aHgfmt5SQEpmRTGFun4dber9NGGcqVqwGejMqLKxf7owE/1iy/k
Qh2tAfJfzbTHU+xMRM8hmCWbLTrf+BsxythVYCLEnS34o/aXKq3qBlMjVvbX
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:00:11 2025 by rpki-client