Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/e6jfJicjDFp0yfTxFr1f9KzEtMU.roa
File: e6jfJicjDFp0yfTxFr1f9KzEtMU.roa (raw, json)
Hash identifier: +1KnF2Z/428T+u1kHjx8i3eif7xkFU3rlguizTO11t4=
Subject key identifier: 7B:A8:DF:26:27:23:0C:5A:74:C9:F4:F1:16:BD:5F:F4:AC:C4:B4:C5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521D3936E5EAA052AA4CBCD2D5C8C81
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/e6jfJicjDFp0yfTxFr1f9KzEtMU.roa
Signing time: Thu 02 Jan 2025 03:49:21 +0000
ROA not before: Thu 02 Jan 2025 03:49:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48987
IP address blocks: 2a0e:97c0:700::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:d3:93:6e:5e:aa:05:2a:a4:cb:cd:2d:5c:8c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ba8df2627230c5a74c9f4f116bd5ff4acc4b4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6d:59:fa:3f:cd:e4:0b:6d:ff:de:83:6e:42:
17:8c:06:4e:aa:be:d3:d4:8c:0a:23:b7:2e:d8:18:
97:23:7a:e7:15:66:d1:f6:eb:6a:82:3c:d3:52:13:
75:85:7d:63:d7:37:3c:f8:56:62:03:00:98:aa:da:
45:51:77:8e:25:41:e2:14:ed:8f:01:47:d4:ed:ab:
25:14:d8:e0:42:4b:69:e6:5d:74:bf:03:3f:43:31:
1a:64:bf:07:33:b3:4a:a4:fc:69:0d:d9:61:85:dc:
17:91:b5:27:34:bb:d8:b3:fc:dc:a2:65:b9:55:87:
a0:1c:63:1d:f5:89:2f:66:99:51:fa:e1:78:d3:99:
c7:11:42:d8:97:a9:f3:d6:f9:c0:1e:dc:4f:25:1c:
51:ff:cb:4f:d9:7f:b1:10:1d:23:23:5f:39:a4:9f:
0c:cb:43:fa:3d:02:89:ce:4b:59:b8:17:35:ad:d5:
93:b4:ac:e6:9f:0c:7f:fb:65:65:e0:9c:73:d7:31:
1a:58:99:55:78:c5:ed:7b:12:0d:d0:e3:63:3d:73:
2d:e2:d0:0e:4c:5e:60:d6:81:cd:de:cd:bc:00:d9:
d7:91:8b:bf:5e:ce:55:4c:62:41:2a:f6:51:4a:95:
3f:ae:ef:a1:0a:d4:14:b7:e1:60:ab:9b:e2:80:6d:
ca:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A8:DF:26:27:23:0C:5A:74:C9:F4:F1:16:BD:5F:F4:AC:C4:B4:C5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/e6jfJicjDFp0yfTxFr1f9KzEtMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:700::/44
Signature Algorithm: sha256WithRSAEncryption
82:b5:a0:e5:a4:4c:65:f9:0e:0d:5b:be:d4:d8:69:b0:fa:df:
9f:05:60:b8:9d:32:0d:f1:94:d8:44:ba:00:b7:95:7f:a7:af:
f0:96:a3:ca:fc:f2:34:33:c4:8a:5a:4a:9b:1c:70:2e:50:29:
e8:2e:04:3b:62:52:13:65:22:12:4d:8e:ef:25:aa:34:3f:5f:
be:43:a0:0c:ba:fa:9f:71:ac:03:ab:2c:a0:56:2c:4a:85:b5:
d8:5c:ad:7e:35:6a:0b:5e:a3:08:49:03:e4:18:79:a4:23:28:
ca:19:73:11:5b:a6:de:2c:7c:6b:52:c5:41:ef:0b:2c:6a:c6:
a0:dd:19:5e:72:48:73:2a:91:e0:de:06:3d:92:8b:f2:28:82:
5c:4a:3a:e1:a2:5d:26:04:0c:62:f4:c1:4f:e7:1b:1e:87:10:
bc:01:dd:13:03:ae:8d:08:de:4d:5c:4c:7d:2c:c0:b5:e9:a2:
f7:22:6c:c7:40:58:65:d7:07:0d:2c:29:68:d3:a4:ee:a8:58:
05:a0:8e:38:5f:6f:20:94:b7:bd:4e:7d:c0:47:aa:f0:46:8e:
0e:b1:ff:b4:5e:30:26:42:61:2b:8a:35:70:cb:85:06:33:cb:
ed:b8:79:77:16:56:72:02:61:af:3d:89:25:1c:cf:13:cf:d0:
55:47:71:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIdOTbl6qBSqky80tXIyBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmE4ZGYyNjI3MjMwYzVhNzRjOWY0ZjExNmJkNWZmNGFjYzRiNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum1Z+j/N5Att/96DbkIXjAZOqr7T
1IwKI7cu2BiXI3rnFWbR9utqgjzTUhN1hX1j1zc8+FZiAwCYqtpFUXeOJUHiFO2P
AUfU7aslFNjgQktp5l10vwM/QzEaZL8HM7NKpPxpDdlhhdwXkbUnNLvYs/zcomW5
VYegHGMd9YkvZplR+uF405nHEULYl6nz1vnAHtxPJRxR/8tP2X+xEB0jI185pJ8M
y0P6PQKJzktZuBc1rdWTtKzmnwx/+2Vl4Jxz1zEaWJlVeMXtexIN0ONjPXMt4tAO
TF5g1oHN3s28ANnXkYu/Xs5VTGJBKvZRSpU/ru+hCtQUt+Fgq5vigG3KUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHuo3yYnIwxadMn08Ra9X/SsxLTFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZTZqZkppY2pERnAweWZUeEZyMWY5S3pFdE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAcA
MA0GCSqGSIb3DQEBCwUAA4IBAQCCtaDlpExl+Q4NW77U2Gmw+t+fBWC4nTIN8ZTY
RLoAt5V/p6/wlqPK/PI0M8SKWkqbHHAuUCnoLgQ7YlITZSISTY7vJao0P1++Q6AM
uvqfcawDqyygVixKhbXYXK1+NWoLXqMISQPkGHmkIyjKGXMRW6beLHxrUsVB7wss
asag3RleckhzKpHg3gY9kovyKIJcSjrhol0mBAxi9MFP5xsehxC8Ad0TA66NCN5N
XEx9LMC16aL3ImzHQFhl1wcNLClo06TuqFgFoI44X28glLe9Tn3AR6rwRo4Osf+0
XjAmQmErijVwy4UGM8vtuHl3FlZyAmGvPYklHM8Tz9BVR3GR
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:26:02 2025 by rpki-client