Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkyJ0pycKdMD-hc7be24TWJ352w.roa
File: dkyJ0pycKdMD-hc7be24TWJ352w.roa (raw, json)
Hash identifier: Tpr+D6Fa1jy1koiDkscMV4ylqYOgQ5/kdHTR0xpqUP8=
Subject key identifier: 76:4C:89:D2:9C:9C:29:D3:03:FA:17:3B:6D:ED:B8:4D:62:77:E7:6C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521F3711CE696D71DA6BFA64D777C2A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkyJ0pycKdMD-hc7be24TWJ352w.roa
Signing time: Thu 02 Jan 2025 03:49:29 +0000
ROA not before: Thu 02 Jan 2025 03:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198055
IP address blocks: 2a0e:b107:1d12::/48 maxlen: 48
2a0e:b107:28a8::/48 maxlen: 48
2a0e:b107:28a9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f3:71:1c:e6:96:d7:1d:a6:bf:a6:4d:77:7c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=764c89d29c9c29d303fa173b6dedb84d6277e76c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0f:55:97:26:db:88:f1:da:e2:0e:ed:00:d8:
4e:57:7f:07:09:23:36:57:d5:a3:63:a3:21:e0:48:
5d:fc:e6:12:16:cb:f2:86:49:bb:92:a6:0f:33:1b:
56:e8:c7:ab:1b:ba:3f:21:c7:ee:b7:e3:ff:41:a3:
f6:4f:88:55:7c:77:37:34:9f:b8:c1:e0:a4:34:13:
68:e2:d9:5b:3d:86:e6:76:ce:82:b3:50:80:10:41:
98:1c:41:8e:db:4e:28:20:d8:a2:cd:32:35:16:d4:
47:2b:64:4f:3b:0c:7c:6f:a0:dc:07:80:2b:ca:5d:
e7:bc:ef:01:5b:99:9c:26:19:07:83:0b:a7:0d:fb:
dd:e8:51:4a:49:c9:fc:08:2b:89:23:1a:01:15:7f:
0b:18:6a:2d:e1:af:1d:e7:a7:52:52:f5:b0:b4:fb:
1c:f6:9c:73:79:09:67:ee:b5:70:a2:31:48:e8:0f:
24:0e:71:77:3b:66:8d:4c:f1:bd:ae:60:ba:51:48:
f2:36:73:d9:eb:a8:07:c3:4a:a6:df:c2:79:5e:e0:
31:be:fb:93:81:65:59:fa:d7:f0:51:17:d9:ab:9a:
90:ce:6f:09:78:2a:38:04:bb:99:34:8e:c0:52:95:
7c:74:5e:69:d3:9a:97:cd:8e:e7:85:f0:f0:25:8e:
80:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4C:89:D2:9C:9C:29:D3:03:FA:17:3B:6D:ED:B8:4D:62:77:E7:6C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dkyJ0pycKdMD-hc7be24TWJ352w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1d12::/48
2a0e:b107:28a8::/47
Signature Algorithm: sha256WithRSAEncryption
51:81:22:48:58:fa:05:24:e2:1c:1d:b8:eb:03:3a:d3:5d:dc:
48:63:d4:66:9b:78:bb:5f:45:03:7b:f3:2a:0d:34:6b:ed:e3:
c4:7a:5f:fb:d9:9e:5c:de:8a:3d:fa:82:68:7d:ba:41:4d:86:
43:86:90:0a:e9:6c:be:88:5c:a5:6c:8b:a3:f1:96:eb:63:60:
1e:d6:01:47:e8:bc:b1:4f:27:b9:75:f5:2f:58:03:10:f5:85:
a4:65:1f:e7:3e:e7:ac:13:41:a8:bd:87:90:ea:8a:8b:02:4e:
40:a6:d2:8b:60:ae:5e:c1:f3:56:bd:12:bc:c7:26:28:0e:11:
30:23:e8:55:d5:d1:88:9d:cf:1b:47:c6:c5:7e:a5:b3:39:e2:
47:da:f2:85:16:d6:08:c1:98:06:01:87:b4:d1:42:e6:8a:9f:
6f:d4:d9:27:35:8d:c4:4a:78:ca:f1:ca:e0:f7:1d:26:25:fd:
a7:cf:89:3c:40:d3:95:28:70:b8:d2:26:c6:d0:64:08:25:a7:
50:d6:dd:0c:21:6c:32:ed:75:2e:dc:da:8f:2a:d5:80:2e:11:
6c:c2:96:7d:af:18:70:e9:62:d6:ac:01:81:2c:62:62:85:03:
6a:9c:c6:a5:33:9d:11:76:25:0d:30:c8:8a:50:ec:87:98:8c:
6c:eb:62:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIfNxHOaW1x2mv6ZNd3wqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjRjODlkMjljOWMyOWQzMDNmYTE3M2I2ZGVkYjg0ZDYyNzdlNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAug9VlybbiPHa4g7tANhOV38HCSM2
V9WjY6Mh4Ehd/OYSFsvyhkm7kqYPMxtW6MerG7o/Icfut+P/QaP2T4hVfHc3NJ+4
weCkNBNo4tlbPYbmds6Cs1CAEEGYHEGO204oINiizTI1FtRHK2RPOwx8b6DcB4Ar
yl3nvO8BW5mcJhkHgwunDfvd6FFKScn8CCuJIxoBFX8LGGot4a8d56dSUvWwtPsc
9pxzeQln7rVwojFI6A8kDnF3O2aNTPG9rmC6UUjyNnPZ66gHw0qm38J5XuAxvvuT
gWVZ+tfwURfZq5qQzm8JeCo4BLuZNI7AUpV8dF5p05qXzY7nhfDwJY6AlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHZMidKcnCnTA/oXO23tuE1id+dsMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZGt5SjBweWNLZE1ELWhjN2JlMjRUV0ozNTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xBx0S
AwcBKg6xByioMA0GCSqGSIb3DQEBCwUAA4IBAQBRgSJIWPoFJOIcHbjrAzrTXdxI
Y9Rmm3i7X0UDe/MqDTRr7ePEel/72Z5c3oo9+oJofbpBTYZDhpAK6Wy+iFylbIuj
8ZbrY2Ae1gFH6LyxTye5dfUvWAMQ9YWkZR/nPuesE0GovYeQ6oqLAk5AptKLYK5e
wfNWvRK8xyYoDhEwI+hV1dGInc8bR8bFfqWzOeJH2vKFFtYIwZgGAYe00ULmip9v
1NknNY3ESnjK8crg9x0mJf2nz4k8QNOVKHC40ibG0GQIJadQ1t0MIWwy7XUu3NqP
KtWALhFswpZ9rxhw6WLWrAGBLGJihQNqnMalM50RdiUNMMiKUOyHmIxs62JD
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:28:25 2025 by rpki-client