Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/p1QDoDhEHrY0uovLrh--4Kdv0sU.roa
File: p1QDoDhEHrY0uovLrh--4Kdv0sU.roa (raw, json)
Hash identifier: 9dX8vxPV3OU6V1zYalswlF+kqqeOI/kdzw2uQoD2uqg=
Subject key identifier: A7:54:03:A0:38:44:1E:B6:34:BA:8B:CB:AE:1F:BE:E0:A7:6F:D2:C5
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521E6996377250E9A8B8FCE7DD08257
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/p1QDoDhEHrY0uovLrh--4Kdv0sU.roa
Signing time: Thu 02 Jan 2025 03:49:26 +0000
ROA not before: Thu 02 Jan 2025 03:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141237
IP address blocks: 2a0e:b107:df1::/48 maxlen: 48
2a0e:b107:df3::/48 maxlen: 48
2a0e:b107:df4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e6:99:63:77:25:0e:9a:8b:8f:ce:7d:d0:82:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a75403a038441eb634ba8bcbae1fbee0a76fd2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:80:b5:8b:66:5c:2a:2f:43:08:c9:8a:8e:28:
10:96:51:51:b8:2b:b7:f3:3e:d3:1d:a3:98:84:c8:
2b:d5:d5:eb:80:87:c9:4f:34:af:39:2d:8b:99:98:
11:5f:0f:62:e8:79:d0:cd:b8:51:15:e5:95:92:27:
a9:5a:d4:9f:37:b2:fa:63:e8:a5:f7:e7:30:2b:19:
1d:f6:cd:7e:a6:12:24:e0:c6:3b:d1:81:aa:df:b2:
d8:0c:6b:b1:60:4d:f0:ca:6a:2c:6e:79:14:04:d3:
b9:e4:c9:9e:c2:72:30:9e:09:f9:d2:06:1a:27:86:
23:94:3a:a1:e7:d6:ae:03:33:a1:8e:e1:db:35:d7:
56:cc:b6:1e:f8:6f:57:ca:e2:81:0c:14:e0:f3:6e:
83:45:82:d9:4a:be:95:f5:eb:cf:69:2e:10:d1:70:
ee:9e:d6:e1:bd:d0:85:11:78:b7:33:95:20:23:c8:
94:ba:11:28:31:00:47:46:80:1d:2a:5f:d2:9f:a1:
e1:da:13:13:c8:8c:82:3f:15:ec:be:ba:35:4f:2c:
5d:f2:0d:e7:15:46:df:f6:34:c9:2a:e0:d9:1f:a1:
1e:44:19:2b:cb:c8:5d:94:32:fa:93:5d:5d:c5:7a:
5f:aa:b3:78:0a:6d:ac:18:9d:a3:70:ab:80:8f:23:
b7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:54:03:A0:38:44:1E:B6:34:BA:8B:CB:AE:1F:BE:E0:A7:6F:D2:C5
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/p1QDoDhEHrY0uovLrh--4Kdv0sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:df1::/48
2a0e:b107:df3::-2a0e:b107:df4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
15:7f:d0:83:95:4f:a7:c4:fc:36:96:15:cd:fc:6c:e2:89:06:
9c:78:87:a1:f7:a4:20:a1:69:89:29:74:49:58:d7:20:de:4a:
f1:d7:86:08:3c:08:ef:7b:1f:42:8c:9e:a4:ff:80:76:f0:cd:
02:e5:40:fe:0d:2a:c9:38:6a:8d:e2:16:38:03:e7:2d:a7:cc:
06:0d:43:25:e3:ff:f1:7c:59:27:54:24:38:72:01:9c:9b:20:
07:63:bc:e8:39:2f:d6:f7:9d:c9:50:be:f7:ba:fa:a4:8c:cd:
ac:a3:f5:e6:65:b4:b1:54:7f:7b:65:54:c6:54:a6:c4:bb:e9:
4c:cc:eb:12:72:59:ce:de:b7:e9:65:53:8c:79:e1:79:b2:0e:
15:97:d3:c1:b8:23:49:6c:da:d7:af:1c:df:e2:3e:88:53:fb:
b0:4c:b3:83:66:2e:44:1c:d5:2b:d3:66:27:a5:04:79:94:82:
67:42:e7:dc:97:f0:43:c8:98:6f:56:05:ea:8a:2d:52:ad:18:
5b:ea:4c:a2:a3:30:92:a0:bc:37:bd:ac:33:e3:18:4e:ca:20:
6b:84:cb:c2:a6:a7:19:c6:aa:a9:42:0c:e2:87:af:bc:81:5f:
08:aa:b3:de:ed:1e:38:0e:6a:98:48:63:a3:a2:dc:65:49:67:
3b:52:82:47
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQlIeaZY3clDpqLj8590IJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzU0MDNhMDM4NDQxZWI2MzRiYThiY2JhZTFmYmVlMGE3NmZkMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IC1i2ZcKi9DCMmKjigQllFRuCu3
8z7THaOYhMgr1dXrgIfJTzSvOS2LmZgRXw9i6HnQzbhRFeWVkiepWtSfN7L6Y+il
9+cwKxkd9s1+phIk4MY70YGq37LYDGuxYE3wymosbnkUBNO55MmewnIwngn50gYa
J4YjlDqh59auAzOhjuHbNddWzLYe+G9XyuKBDBTg826DRYLZSr6V9evPaS4Q0XDu
ntbhvdCFEXi3M5UgI8iUuhEoMQBHRoAdKl/Sn6Hh2hMTyIyCPxXsvro1Tyxd8g3n
FUbf9jTJKuDZH6EeRBkry8hdlDL6k11dxXpfqrN4Cm2sGJ2jcKuAjyO3jwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKdUA6A4RB62NLqLy64fvuCnb9LFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcDFRRG9EaEVIclkwdW92THJoLS00S2R2MHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg6xBw3x
MBIDBwAqDrEHDfMDBwAqDrEHDfQwDQYJKoZIhvcNAQELBQADggEBABV/0IOVT6fE
/DaWFc38bOKJBpx4h6H3pCChaYkpdElY1yDeSvHXhgg8CO97H0KMnqT/gHbwzQLl
QP4NKsk4ao3iFjgD5y2nzAYNQyXj//F8WSdUJDhyAZybIAdjvOg5L9b3nclQvve6
+qSMzayj9eZltLFUf3tlVMZUpsS76UzM6xJyWc7et+llU4x54XmyDhWX08G4I0ls
2tevHN/iPohT+7BMs4NmLkQc1SvTZielBHmUgmdC59yX8EPImG9WBeqKLVKtGFvq
TKKjMJKgvDe9rDPjGE7KIGuEy8KmpxnGqqlCDOKHr7yBXwiqs97tHjgOaphIY6Oi
3GVJZztSgkc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:44:43 2025 by rpki-client