Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oFd5tCdiK1d7bSFsp_2pbuBPbiA.roa
File: oFd5tCdiK1d7bSFsp_2pbuBPbiA.roa (raw, json)
Hash identifier: k7we2gIcVeVwxlS4YpvuZ9G7z2F6hNiN3Rsr8v0lgss=
Subject key identifier: A0:57:79:B4:27:62:2B:57:7B:6D:21:6C:A7:FD:A9:6E:E0:4F:6E:20
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252202F6A53CAD05400D702394F430EC
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oFd5tCdiK1d7bSFsp_2pbuBPbiA.roa
Signing time: Thu 02 Jan 2025 03:49:33 +0000
ROA not before: Thu 02 Jan 2025 03:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200950
IP address blocks: 2a10:cc45:120::/44 maxlen: 48
2a10:cc45:120::/48 maxlen: 48
2a10:cc45:121::/48 maxlen: 48
2a10:cc45:122::/48 maxlen: 48
2a10:cc45:123::/48 maxlen: 48
2a10:cc45:124::/48 maxlen: 48
2a10:cc45:125::/48 maxlen: 48
2a10:cc45:126::/48 maxlen: 48
2a10:cc45:127::/48 maxlen: 48
2a10:cc45:128::/48 maxlen: 48
2a10:cc45:129::/48 maxlen: 48
2a10:cc45:12a::/48 maxlen: 48
2a10:cc45:12b::/48 maxlen: 48
2a10:cc45:12f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:02:f6:a5:3c:ad:05:40:0d:70:23:94:f4:30:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a05779b427622b577b6d216ca7fda96ee04f6e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:4e:db:4a:61:d3:fc:39:aa:33:21:00:9f:
b5:9d:c8:1e:ec:11:b2:3c:6f:4a:e2:f1:9b:87:09:
e1:f0:b3:80:ed:5f:13:a5:cd:7b:93:38:e0:05:e8:
f6:53:9e:e8:4a:d7:37:bd:2d:1c:80:3b:7d:ce:84:
8f:9d:e1:9d:7c:f3:48:22:38:3b:82:91:4f:61:1a:
1a:71:b7:5c:ab:1f:c5:d1:c4:b2:3c:43:5a:ee:e0:
77:07:bd:0b:e6:14:cb:20:7d:12:cd:23:6b:ae:c3:
b3:64:c5:12:a0:be:f2:3d:20:2d:9d:cc:79:b5:50:
21:f4:9f:20:5b:98:02:bf:aa:0d:ad:96:6a:17:7f:
db:6b:59:19:8b:35:ff:34:90:be:30:63:5c:ed:06:
d1:6a:95:bc:ec:89:ec:dc:02:a8:5e:c1:a5:09:79:
f9:bf:4b:c1:9e:12:f3:d1:50:ea:b4:87:e5:1e:3a:
8d:a1:42:1a:68:d7:93:3c:cc:86:41:0c:ac:2e:e4:
1f:57:55:59:b5:78:ea:85:26:aa:bc:1b:f1:e7:fd:
58:90:c6:73:c6:13:55:c6:bf:cf:65:dc:18:b2:00:
2a:6a:a2:1c:9b:9e:94:5f:71:a4:a4:4e:84:db:7d:
c6:85:98:cb:c1:e5:37:ed:ae:fe:9e:af:5f:f5:7b:
1e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:57:79:B4:27:62:2B:57:7B:6D:21:6C:A7:FD:A9:6E:E0:4F:6E:20
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/oFd5tCdiK1d7bSFsp_2pbuBPbiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:cc45:120::/44
Signature Algorithm: sha256WithRSAEncryption
0e:e8:0a:36:7e:eb:17:2b:be:df:42:b2:d2:a7:36:c7:1b:ff:
bd:80:29:11:66:b9:3b:a8:5f:af:3e:f4:cc:3f:85:19:46:2d:
90:63:30:ec:3c:9d:ad:b4:2c:07:c5:69:e4:ef:92:a6:24:00:
56:69:fb:4c:59:b9:c8:58:a0:ce:8e:e9:39:5b:90:cc:0d:45:
88:1a:9e:4c:b8:b8:97:a2:5b:a7:ee:4b:ec:e0:a3:f4:3f:ca:
2f:b0:15:83:e2:15:1a:0f:d3:1c:f4:9b:d0:71:77:fb:ca:7f:
e7:aa:68:e7:c2:23:95:a8:0b:a1:83:01:28:21:03:33:33:81:
3b:f7:a9:de:0f:ca:86:ea:81:45:d4:94:e7:d4:e9:eb:a2:88:
ee:9c:b2:41:51:26:28:89:f8:51:e1:5b:d6:8e:95:a3:fa:fd:
58:9d:3c:ad:13:21:22:e7:d4:ef:14:8b:75:47:57:62:b6:10:
d1:6b:0c:eb:bb:04:d2:e0:39:c2:e6:03:d0:36:81:43:fc:37:
e0:bf:89:3c:07:11:b6:34:7a:b2:e2:dd:1c:36:8a:c6:06:b5:
eb:a2:9f:d1:75:c4:0a:8b:60:06:86:77:52:a7:38:ff:34:17:
d3:bb:f4:a6:64:9a:d9:d9:58:5a:01:2d:c0:12:0d:63:02:e7:
37:7c:d9:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIgL2pTytBUANcCOU9DDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU3NzliNDI3NjIyYjU3N2I2ZDIxNmNhN2ZkYTk2ZWUwNGY2ZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzhO20ph0/w5qjMhAJ+1ncge7BGy
PG9K4vGbhwnh8LOA7V8Tpc17kzjgBej2U57oStc3vS0cgDt9zoSPneGdfPNIIjg7
gpFPYRoacbdcqx/F0cSyPENa7uB3B70L5hTLIH0SzSNrrsOzZMUSoL7yPSAtncx5
tVAh9J8gW5gCv6oNrZZqF3/ba1kZizX/NJC+MGNc7QbRapW87Ins3AKoXsGlCXn5
v0vBnhLz0VDqtIflHjqNoUIaaNeTPMyGQQysLuQfV1VZtXjqhSaqvBvx5/1YkMZz
xhNVxr/PZdwYsgAqaqIcm56UX3GkpE6E233GhZjLweU37a7+nq9f9XsejwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKBXebQnYitXe20hbKf9qW7gT24gMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb0ZkNXRDZGlLMWQ3YlNGc3BfMnBidUJQYmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMRQEg
MA0GCSqGSIb3DQEBCwUAA4IBAQAO6Ao2fusXK77fQrLSpzbHG/+9gCkRZrk7qF+v
PvTMP4UZRi2QYzDsPJ2ttCwHxWnk75KmJABWaftMWbnIWKDOjuk5W5DMDUWIGp5M
uLiXolun7kvs4KP0P8ovsBWD4hUaD9Mc9JvQcXf7yn/nqmjnwiOVqAuhgwEoIQMz
M4E796neD8qG6oFF1JTn1OnroojunLJBUSYoifhR4VvWjpWj+v1YnTytEyEi59Tv
FIt1R1dithDRawzruwTS4DnC5gPQNoFD/Dfgv4k8BxG2NHqy4t0cNorGBrXrop/R
dcQKi2AGhndSpzj/NBfTu/SmZJrZ2VhaAS3AEg1jAuc3fNm+
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:37:12 2025 by rpki-client