Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mWdw800rBtp6XOfKphB8PQtksgw.roa
File: mWdw800rBtp6XOfKphB8PQtksgw.roa (raw, json)
Hash identifier: Bliy6tsz07J7CXQswRTerSWmuUlXZ8bLyeNoUL3vXa0=
Subject key identifier: 99:67:70:F3:4D:2B:06:DA:7A:5C:E7:CA:A6:10:7C:3D:0B:64:B2:0C
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522596346B090B25D369EE08344A15A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mWdw800rBtp6XOfKphB8PQtksgw.roa
Signing time: Thu 02 Jan 2025 03:49:55 +0000
ROA not before: Thu 02 Jan 2025 03:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212121
IP address blocks: 2a0e:b107:1130::/44 maxlen: 48
2a0e:b107:1130::/48 maxlen: 48
2a0e:b107:1131::/48 maxlen: 48
2a0e:b107:1132::/48 maxlen: 48
2a0e:b107:113e::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:59:63:46:b0:90:b2:5d:36:9e:e0:83:44:a1:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=996770f34d2b06da7a5ce7caa6107c3d0b64b20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:16:4a:0b:dd:89:87:84:f2:b0:72:d1:64:92:
ec:dc:d8:d5:ab:3c:83:be:14:93:8b:5f:5b:13:70:
9a:24:ac:6d:35:2e:0d:25:62:a1:fa:63:e3:23:9c:
10:09:1c:22:09:a4:96:e9:5a:c6:9a:11:b4:d5:10:
18:64:49:e8:1f:fc:66:a1:00:bd:71:96:c0:77:02:
fb:fc:99:82:19:e6:17:d7:6c:fe:d5:1d:c8:6e:a8:
47:71:06:65:fe:d3:2d:3d:fb:06:0f:2b:db:8a:8d:
00:77:40:df:61:f9:77:16:f5:35:83:5d:62:d6:40:
4e:3f:b6:55:a6:4f:32:25:40:63:a5:99:3a:9a:da:
d1:c5:ac:06:3e:fc:76:31:3d:c9:c5:7f:89:b3:4c:
d8:bd:6c:f3:a0:75:24:7a:d6:78:9e:09:95:bf:62:
aa:3b:9e:c8:d0:bf:8a:20:b3:a6:fb:43:0f:2f:40:
96:f1:2b:0e:59:18:4c:39:83:d7:e7:13:c1:6e:92:
eb:51:d4:94:28:cb:b2:cf:cc:f8:58:0b:3a:b3:74:
c9:7a:e7:b6:18:5e:58:a8:74:99:fa:85:33:9b:60:
bf:5a:76:05:e8:4f:22:f4:45:74:a9:7e:b0:f8:af:
80:0e:e1:99:c1:11:0f:08:fc:8a:8d:28:ed:f7:b7:
79:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:67:70:F3:4D:2B:06:DA:7A:5C:E7:CA:A6:10:7C:3D:0B:64:B2:0C
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mWdw800rBtp6XOfKphB8PQtksgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1130::/44
Signature Algorithm: sha256WithRSAEncryption
2a:72:e2:0b:b1:b8:28:7d:45:47:5e:db:bd:28:00:3a:58:00:
69:9c:54:c4:2e:5b:1b:ae:bb:2a:db:5e:b6:bd:52:56:27:6c:
e0:44:fc:45:5c:41:22:05:c7:5e:8a:05:e1:98:fb:56:cf:54:
4a:f6:10:23:79:db:2c:67:1b:df:14:fb:a0:98:32:4e:04:a1:
38:ba:16:e1:d0:63:50:79:7c:3c:a1:98:7a:fc:fb:6d:dc:6e:
9e:8b:49:53:3d:1a:d9:4c:fe:27:b0:70:14:1c:83:05:a1:17:
8c:ec:a2:12:21:a5:a3:d1:51:39:45:fb:a5:dc:98:65:fb:db:
35:e4:ce:0d:d6:30:1c:3d:46:79:0c:10:67:b7:e2:fc:cb:39:
86:41:7c:4d:6f:9c:64:0d:cf:ac:00:55:94:56:18:98:ae:20:
1e:18:0f:fc:87:af:25:c7:28:58:4e:f2:f0:a9:5b:d4:f8:63:
c8:c1:5d:9d:ec:06:5e:75:61:a0:76:02:14:21:a2:c0:ed:f4:
5b:98:2c:62:79:2a:96:21:7b:2c:e2:aa:27:0c:66:bd:2e:71:
d6:26:4d:68:80:0b:30:d8:ac:49:ed:d4:90:f1:82:4b:13:6b:
d6:15:e0:6d:27:d1:28:4c:87:7b:f0:73:af:e3:0a:a8:2d:f1:
82:a5:a0:27
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIlljRrCQsl02nuCDRKFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY3NzBmMzRkMmIwNmRhN2E1Y2U3Y2FhNjEwN2MzZDBiNjRiMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxZKC92Jh4TysHLRZJLs3NjVqzyD
vhSTi19bE3CaJKxtNS4NJWKh+mPjI5wQCRwiCaSW6VrGmhG01RAYZEnoH/xmoQC9
cZbAdwL7/JmCGeYX12z+1R3IbqhHcQZl/tMtPfsGDyvbio0Ad0DfYfl3FvU1g11i
1kBOP7ZVpk8yJUBjpZk6mtrRxawGPvx2MT3JxX+Js0zYvWzzoHUketZ4ngmVv2Kq
O57I0L+KILOm+0MPL0CW8SsOWRhMOYPX5xPBbpLrUdSUKMuyz8z4WAs6s3TJeue2
GF5YqHSZ+oUzm2C/WnYF6E8i9EV0qX6w+K+ADuGZwREPCPyKjSjt97d5AwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJlncPNNKwbaelznyqYQfD0LZLIMMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbVdkdzgwMHJCdHA2WE9mS3BoQjhQUXRrc2d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxEw
MA0GCSqGSIb3DQEBCwUAA4IBAQAqcuILsbgofUVHXtu9KAA6WABpnFTELlsbrrsq
2162vVJWJ2zgRPxFXEEiBcdeigXhmPtWz1RK9hAjedssZxvfFPugmDJOBKE4uhbh
0GNQeXw8oZh6/Ptt3G6ei0lTPRrZTP4nsHAUHIMFoReM7KISIaWj0VE5Rful3Jhl
+9s15M4N1jAcPUZ5DBBnt+L8yzmGQXxNb5xkDc+sAFWUVhiYriAeGA/8h68lxyhY
TvLwqVvU+GPIwV2d7AZedWGgdgIUIaLA7fRbmCxieSqWIXss4qonDGa9LnHWJk1o
gAsw2KxJ7dSQ8YJLE2vWFeBtJ9EoTId78HOv4wqoLfGCpaAn
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:28:26 2025 by rpki-client