Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iPz2quWIy4Peq4jG8fLsePazem8.roa
File: iPz2quWIy4Peq4jG8fLsePazem8.roa (raw, json)
Hash identifier: Huwm8KrXcbaoObFBeRBjdytKMDsb77Fzzne0dLgOaJU=
Subject key identifier: 88:FC:F6:AA:E5:88:CB:83:DE:AB:88:C6:F1:F2:EC:78:F6:B3:7A:6F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522809C7C38ABF2B5D4CAEA2D980DE9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iPz2quWIy4Peq4jG8fLsePazem8.roa
Signing time: Thu 02 Jan 2025 03:50:05 +0000
ROA not before: Thu 02 Jan 2025 03:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214730
IP address blocks: 2a0e:97c0:180::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:80:9c:7c:38:ab:f2:b5:d4:ca:ea:2d:98:0d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88fcf6aae588cb83deab88c6f1f2ec78f6b37a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f1:3a:a4:66:9c:3a:8a:a2:08:1b:9f:3b:35:
f2:e6:4b:f6:05:4d:82:8f:25:93:30:c2:f4:3e:c9:
11:6f:12:ab:bc:8c:91:ef:f7:43:52:e1:08:5e:05:
5b:6a:72:a2:2a:8a:d0:ac:86:1e:80:59:2b:ed:10:
95:04:c7:f9:a1:8c:19:8a:03:2b:15:cc:fa:c9:ae:
7c:5f:2c:84:4e:55:a7:b7:2b:04:d7:29:25:20:61:
d7:5e:d2:01:e3:a2:02:c0:69:14:91:49:6f:69:6c:
b2:35:35:07:9e:7d:b0:fc:ab:ec:83:c8:71:44:e3:
f8:ae:b4:f1:8b:de:f2:5e:25:88:cb:5c:a9:b7:45:
03:3c:44:2e:d6:6c:dd:8a:e9:86:3b:1e:f5:4e:b0:
86:02:45:11:92:d2:03:18:cc:64:c1:fe:b6:3a:8a:
e4:72:6c:02:c3:03:57:5d:ed:44:69:11:57:35:b4:
b3:7e:88:b7:0b:dd:b4:5d:bd:43:d3:79:bb:08:11:
ca:b8:a4:4c:80:9a:18:09:59:6c:74:50:49:e7:9e:
5f:93:a8:64:58:40:3b:c0:d4:5f:f6:66:d3:db:fb:
27:bc:f4:50:ea:b7:a9:6f:7b:2d:d2:67:d0:3e:3b:
10:28:60:ca:8c:cf:3d:82:52:00:1f:26:71:ce:c7:
98:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FC:F6:AA:E5:88:CB:83:DE:AB:88:C6:F1:F2:EC:78:F6:B3:7A:6F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/iPz2quWIy4Peq4jG8fLsePazem8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:180::/44
Signature Algorithm: sha256WithRSAEncryption
31:4c:c3:d4:0e:1c:f6:38:80:a8:e6:8e:43:f5:d3:46:54:5f:
f7:60:17:b1:ba:db:b1:55:af:57:bb:60:42:98:23:e8:38:2f:
c0:15:45:8c:a2:41:a2:3c:b4:a9:db:a2:ce:ce:6d:73:2e:e1:
2a:e6:db:ec:4b:25:43:69:29:60:56:14:71:9b:22:70:56:bf:
6d:a2:1c:95:77:1c:a0:e3:3f:4a:f4:40:1b:a4:29:fe:82:4d:
15:fc:34:46:5f:ee:c5:94:71:af:44:fc:52:3d:93:9c:58:c0:
8d:db:0b:45:32:6b:d2:08:57:9c:49:e8:06:11:7a:e5:78:ae:
cc:61:03:26:10:51:0e:42:e1:f2:fb:6f:7d:c7:bb:04:04:e9:
42:de:5a:ea:e6:9e:cb:b5:66:6e:c4:de:ee:92:83:0e:0a:25:
76:b8:af:35:6c:da:fd:2b:1b:6f:62:ba:b5:50:24:6e:91:c5:
17:73:66:ab:82:ec:c4:3e:67:aa:7b:82:9c:37:a4:82:a7:ce:
a4:f3:38:a5:32:5e:7d:db:f9:19:3f:cd:bc:ec:5a:6b:24:c0:
0b:f7:c0:f6:17:26:eb:e3:c9:6e:95:88:d4:7e:65:16:ee:21:
be:91:df:95:76:6e:c0:dc:ef:74:99:50:c6:cf:8e:03:bb:ca:
9f:a6:ac:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIoCcfDir8rXUyuotmA3pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZjZjZhYWU1ODhjYjgzZGVhYjg4YzZmMWYyZWM3OGY2YjM3YTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfE6pGacOoqiCBufOzXy5kv2BU2C
jyWTMML0PskRbxKrvIyR7/dDUuEIXgVbanKiKorQrIYegFkr7RCVBMf5oYwZigMr
Fcz6ya58XyyETlWntysE1yklIGHXXtIB46ICwGkUkUlvaWyyNTUHnn2w/Kvsg8hx
ROP4rrTxi97yXiWIy1ypt0UDPEQu1mzdiumGOx71TrCGAkURktIDGMxkwf62Oork
cmwCwwNXXe1EaRFXNbSzfoi3C920Xb1D03m7CBHKuKRMgJoYCVlsdFBJ555fk6hk
WEA7wNRf9mbT2/snvPRQ6repb3st0mfQPjsQKGDKjM89glIAHyZxzseYOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIj89qrliMuD3quIxvHy7Hj2s3pvMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaVB6MnF1V0l5NFBlcTRqRzhmTHNlUGF6ZW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAxTMPUDhz2OICo5o5D9dNGVF/3YBexutuxVa9X
u2BCmCPoOC/AFUWMokGiPLSp26LOzm1zLuEq5tvsSyVDaSlgVhRxmyJwVr9tohyV
dxyg4z9K9EAbpCn+gk0V/DRGX+7FlHGvRPxSPZOcWMCN2wtFMmvSCFecSegGEXrl
eK7MYQMmEFEOQuHy+299x7sEBOlC3lrq5p7LtWZuxN7ukoMOCiV2uK81bNr9Kxtv
Yrq1UCRukcUXc2arguzEPmeqe4KcN6SCp86k8zilMl592/kZP8287FprJMAL98D2
Fybr48lulYjUfmUW7iG+kd+Vdm7A3O90mVDGz44Du8qfpqyU
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:34:08 2025 by rpki-client