Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gwn68XEcR09yBwS_uXdS8QKjTu8.roa
File: gwn68XEcR09yBwS_uXdS8QKjTu8.roa (raw, json)
Hash identifier: gnLztRN9EXDqxXkYR07UJMV1VlFxhD+QqwzBh8SpUoI=
Subject key identifier: 83:09:FA:F1:71:1C:47:4F:72:07:04:BF:B9:77:52:F1:02:A3:4E:EF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521F8765F369B44112A794A36C9422E
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gwn68XEcR09yBwS_uXdS8QKjTu8.roa
Signing time: Thu 02 Jan 2025 03:49:30 +0000
ROA not before: Thu 02 Jan 2025 03:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198879
IP address blocks: 2a06:de01:150::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f8:76:5f:36:9b:44:11:2a:79:4a:36:c9:42:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8309faf1711c474f720704bfb97752f102a34eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:78:bc:11:82:55:0e:96:6b:b9:75:76:44:b0:
26:7a:2b:61:09:f6:cc:00:b2:d7:60:85:cd:56:0b:
a2:7f:9b:54:76:e4:d4:0f:98:e7:bb:37:4e:b3:37:
13:4b:4d:cc:6c:05:3a:fa:80:b8:7b:a3:a1:fe:98:
c9:48:95:6e:da:dd:79:89:46:7f:76:37:07:a2:78:
6b:6b:04:0e:97:a3:f2:ff:e0:15:20:34:af:73:a3:
41:78:7f:9b:48:7e:5b:5d:e1:b9:65:43:77:bc:c7:
2d:76:34:3b:81:45:05:24:83:47:d9:d4:14:a6:8c:
62:d3:ab:c4:2e:43:49:e6:bb:b4:f1:0a:55:e1:ce:
f4:61:cc:fc:16:a5:c1:09:db:d1:94:7b:68:f2:f1:
03:03:f7:ca:31:79:a0:d0:df:98:bf:8d:4c:2f:8a:
47:cc:6b:86:1d:cb:aa:39:12:51:fe:a8:8e:c6:e9:
4c:4f:b2:fb:60:a8:70:27:fe:1a:c6:5c:47:f9:80:
4b:25:df:0a:e1:18:21:b9:18:a3:9c:34:c5:ef:f2:
92:d4:12:97:2f:6f:8a:f0:2b:b8:6e:23:16:98:44:
97:f7:f8:60:ba:c9:bb:1d:58:be:58:dc:e3:65:d1:
76:16:75:a0:c1:3b:e1:5e:5a:6a:10:6d:0a:db:1a:
86:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:09:FA:F1:71:1C:47:4F:72:07:04:BF:B9:77:52:F1:02:A3:4E:EF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gwn68XEcR09yBwS_uXdS8QKjTu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:150::/44
Signature Algorithm: sha256WithRSAEncryption
7a:d6:50:5d:d3:b1:59:a4:ae:df:e4:88:a0:2c:d0:57:9a:a6:
5b:8b:9e:e5:5e:3f:63:bf:47:ee:dc:cc:37:d6:e5:c1:64:f7:
26:bc:ef:18:ec:ac:40:33:6a:ae:08:a3:99:e5:fb:b1:d3:be:
39:b3:b8:1d:07:1e:8f:34:83:c4:98:36:81:a1:95:50:71:89:
6a:02:16:3b:7e:71:6f:cd:21:e1:36:fb:cc:ea:f6:f0:90:29:
b5:f9:0a:82:fc:e5:ef:bf:9d:f9:07:44:35:4d:27:53:3a:02:
af:6d:d7:7f:88:52:93:0a:d8:66:44:4e:df:da:e7:9a:39:8b:
27:99:a3:ee:bf:4a:4a:bc:7b:cb:5d:f7:a3:9d:60:64:d2:a4:
3d:02:f8:db:12:97:20:6d:52:a1:ed:92:94:89:31:9f:d7:75:
1f:85:44:5e:69:db:a0:d9:20:de:5c:af:be:38:e9:a3:1e:47:
c9:5d:bb:54:20:5b:02:96:34:c0:aa:87:b6:ad:10:8c:1b:8f:
c1:3b:62:1d:1f:1d:e1:83:b1:8c:20:96:96:88:09:10:71:4c:
05:27:a3:09:0f:64:06:23:d5:24:7b:f4:b3:a5:1f:fb:4e:ab:
d4:5d:0f:29:9c:46:98:35:cb:20:5a:26:a6:4e:bc:ac:d8:f9:
fa:2c:32:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIfh2XzabRBEqeUo2yUIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzA5ZmFmMTcxMWM0NzRmNzIwNzA0YmZiOTc3NTJmMTAyYTM0ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3i8EYJVDpZruXV2RLAmeithCfbM
ALLXYIXNVguif5tUduTUD5jnuzdOszcTS03MbAU6+oC4e6Oh/pjJSJVu2t15iUZ/
djcHonhrawQOl6Py/+AVIDSvc6NBeH+bSH5bXeG5ZUN3vMctdjQ7gUUFJINH2dQU
poxi06vELkNJ5ru08QpV4c70Ycz8FqXBCdvRlHto8vEDA/fKMXmg0N+Yv41ML4pH
zGuGHcuqORJR/qiOxulMT7L7YKhwJ/4axlxH+YBLJd8K4RghuRijnDTF7/KS1BKX
L2+K8Cu4biMWmESX9/hgusm7HVi+WNzjZdF2FnWgwTvhXlpqEG0K2xqGtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIMJ+vFxHEdPcgcEv7l3UvECo07vMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZ3duNjhYRWNSMDl5QndTX3VYZFM4UUtqVHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAQFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQB61lBd07FZpK7f5IigLNBXmqZbi57lXj9jv0fu
3Mw31uXBZPcmvO8Y7KxAM2quCKOZ5fux0745s7gdBx6PNIPEmDaBoZVQcYlqAhY7
fnFvzSHhNvvM6vbwkCm1+QqC/OXvv535B0Q1TSdTOgKvbdd/iFKTCthmRE7f2uea
OYsnmaPuv0pKvHvLXfejnWBk0qQ9AvjbEpcgbVKh7ZKUiTGf13UfhUReadug2SDe
XK++OOmjHkfJXbtUIFsCljTAqoe2rRCMG4/BO2IdHx3hg7GMIJaWiAkQcUwFJ6MJ
D2QGI9Uke/SzpR/7TqvUXQ8pnEaYNcsgWiamTrys2Pn6LDLv
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:26:04 2025 by rpki-client