Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hjiup52Q51Or1SVAZVCh620C_4E.roa
File: hjiup52Q51Or1SVAZVCh620C_4E.roa (raw, json)
Hash identifier: Nlqmr5UaYGxhBbGQ/7jiPqZYXeOeNYxGvg5q9ulQg5E=
Subject key identifier: 86:38:AE:A7:9D:90:E7:53:AB:D5:25:40:65:50:A1:EB:6D:02:FF:81
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522676D19B8368FEC76337FA992AE46
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hjiup52Q51Or1SVAZVCh620C_4E.roa
Signing time: Thu 02 Jan 2025 03:49:59 +0000
ROA not before: Thu 02 Jan 2025 03:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212793
IP address blocks: 2a0e:b107:1fd1::/48 maxlen: 48
2a10:2f00:147::/48 maxlen: 48
2a10:2f01:2d0::/44 maxlen: 48
2a10:2f01:2d1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:67:6d:19:b8:36:8f:ec:76:33:7f:a9:92:ae:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8638aea79d90e753abd525406550a1eb6d02ff81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:18:81:85:48:68:a4:19:00:bb:65:41:0d:1f:
81:5e:ec:9c:4f:df:c5:1f:6c:d6:6b:7a:55:71:bd:
a0:ee:78:57:3e:92:34:44:a1:bd:7b:b0:1a:a6:b7:
3d:64:04:0a:65:8b:e3:e6:0d:c5:95:7a:10:2b:f0:
f7:6a:bd:0e:3f:42:ea:a1:4d:77:03:f6:4c:bf:5b:
88:5b:bf:ff:b0:37:45:fd:6c:cd:f8:9b:7e:08:38:
bb:ed:89:eb:fc:6d:39:b7:ba:66:14:4f:38:27:c2:
58:46:ef:bd:37:c4:11:30:1c:7b:db:cb:dc:56:0f:
42:d0:82:01:69:76:63:1e:28:78:c0:a6:b1:16:13:
7e:ab:79:84:f9:c9:fa:3b:75:15:4d:61:fb:05:ec:
85:80:b5:37:d4:6f:79:a5:65:f2:c5:a4:06:92:1a:
0a:22:3b:a2:6e:aa:cf:51:fe:a2:10:70:c6:20:26:
fc:92:08:86:11:f6:d1:39:f2:9e:9b:01:aa:08:e3:
ae:41:32:34:ea:28:7d:b0:35:0c:ef:02:08:ad:04:
6c:6a:a9:bb:5d:b2:5f:e8:a3:77:16:82:55:cb:88:
35:99:2c:9e:f3:85:6f:01:49:06:92:d4:75:46:14:
6f:70:44:fe:72:48:2a:e1:71:97:68:8e:e2:fd:ee:
a2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:38:AE:A7:9D:90:E7:53:AB:D5:25:40:65:50:A1:EB:6D:02:FF:81
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/hjiup52Q51Or1SVAZVCh620C_4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1fd1::/48
2a10:2f00:147::/48
2a10:2f01:2d0::/44
Signature Algorithm: sha256WithRSAEncryption
9d:f5:95:fc:6c:21:c8:24:b3:82:75:2a:bd:db:cb:6f:ff:53:
a8:0c:be:41:ce:de:df:64:26:43:01:17:72:c1:39:90:90:a1:
b8:3f:52:97:11:d8:05:ec:cd:fd:71:79:11:08:eb:ce:9a:fd:
f7:03:e0:33:51:01:cd:69:31:26:12:bd:12:87:da:5d:f4:e2:
3b:93:8d:11:b1:af:f0:16:4f:f3:6d:7b:38:1e:ab:54:ab:1c:
12:93:39:c0:a9:50:78:7a:78:a5:5a:d4:36:87:c2:86:b7:8a:
bb:0b:49:52:eb:aa:65:97:16:b1:a6:9a:af:38:0c:85:f7:c7:
1d:e3:aa:4f:5f:12:33:e3:21:f2:91:1d:4a:77:d8:bc:85:35:
a9:46:74:1f:56:e2:dc:f5:46:58:93:e7:38:b2:ad:f5:52:53:
ad:f6:56:8e:c2:15:43:b7:6b:a3:b7:f4:9c:87:4d:df:02:24:
11:21:2d:77:c8:de:02:36:2d:d9:17:4a:fa:9c:da:da:3a:c8:
ff:fd:ac:ae:f5:70:af:96:2a:93:d6:e5:dd:b3:42:78:98:37:
fa:62:72:dc:18:f2:f7:b1:d6:6d:b5:d6:48:4a:41:51:e4:26:
67:d3:74:2b:80:25:81:3f:4c:1f:34:31:0e:5a:d9:40:ae:40:
4c:41:db:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlImdtGbg2j+x2M3+pkq5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjM4YWVhNzlkOTBlNzUzYWJkNTI1NDA2NTUwYTFlYjZkMDJmZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBiBhUhopBkAu2VBDR+BXuycT9/F
H2zWa3pVcb2g7nhXPpI0RKG9e7Aaprc9ZAQKZYvj5g3FlXoQK/D3ar0OP0LqoU13
A/ZMv1uIW7//sDdF/WzN+Jt+CDi77Ynr/G05t7pmFE84J8JYRu+9N8QRMBx728vc
Vg9C0IIBaXZjHih4wKaxFhN+q3mE+cn6O3UVTWH7BeyFgLU31G95pWXyxaQGkhoK
IjuibqrPUf6iEHDGICb8kgiGEfbROfKemwGqCOOuQTI06ih9sDUM7wIIrQRsaqm7
XbJf6KN3FoJVy4g1mSye84VvAUkGktR1RhRvcET+ckgq4XGXaI7i/e6i7wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIY4rqedkOdTq9UlQGVQoettAv+BMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaGppdXA1MlE1MU9yMVNWQVpWQ2g2MjBDXzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg6xBx/R
AwcAKhAvAAFHAwcEKhAvAQLQMA0GCSqGSIb3DQEBCwUAA4IBAQCd9ZX8bCHIJLOC
dSq928tv/1OoDL5Bzt7fZCZDARdywTmQkKG4P1KXEdgF7M39cXkRCOvOmv33A+Az
UQHNaTEmEr0Sh9pd9OI7k40Rsa/wFk/zbXs4HqtUqxwSkznAqVB4enilWtQ2h8KG
t4q7C0lS66pllxaxppqvOAyF98cd46pPXxIz4yHykR1Kd9i8hTWpRnQfVuLc9UZY
k+c4sq31UlOt9laOwhVDt2ujt/Sch03fAiQRIS13yN4CNi3ZF0r6nNraOsj//ayu
9XCvliqT1uXds0J4mDf6YnLcGPL3sdZttdZISkFR5CZn03QrgCWBP0wfNDEOWtlA
rkBMQdt7
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:00:39 2025 by rpki-client