Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vVa5Qdz7TEcVt0I2toAfSNd1mE0.roa
File: vVa5Qdz7TEcVt0I2toAfSNd1mE0.roa (raw, json)
Hash identifier: LPvD+sVXoLRjNs8E8eHoUHAqr3bWaP2t/S/S5MaGJVs=
Subject key identifier: BD:56:B9:41:DC:FB:4C:47:15:B7:42:36:B6:80:1F:48:D7:75:98:4D
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425224F48729AC1A3B0EAC2852A1D27E1
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vVa5Qdz7TEcVt0I2toAfSNd1mE0.roa
Signing time: Thu 02 Jan 2025 03:49:52 +0000
ROA not before: Thu 02 Jan 2025 03:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211275
IP address blocks: 2a0e:97c0:410::/48 maxlen: 48
2a0e:97c0:411::/48 maxlen: 48
2a0e:97c0:412::/48 maxlen: 48
2a0e:97c0:41c::/48 maxlen: 48
2a0e:97c0:41d::/48 maxlen: 48
2a0e:97c0:41f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:4f:48:72:9a:c1:a3:b0:ea:c2:85:2a:1d:27:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd56b941dcfb4c4715b74236b6801f48d775984d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:f4:da:c7:35:0b:14:9e:ce:d0:70:99:89:55:
10:74:7b:b6:cd:d8:fe:9d:91:98:c4:e3:6a:d4:49:
e2:55:fa:f4:c0:dc:2a:77:2a:66:36:be:87:67:c6:
1b:13:54:2f:bb:ce:81:0c:f3:15:86:5b:88:15:d4:
90:96:3e:92:21:bb:f5:2d:94:61:92:0e:86:ca:94:
b6:b0:98:24:80:4b:67:74:9d:7f:98:30:29:4e:61:
37:67:0b:a3:50:44:be:2a:2c:ac:8c:40:9d:54:d2:
2b:bc:87:d3:e6:f0:b8:35:cc:01:ba:f5:ce:51:c8:
78:c4:f7:88:cd:d5:d1:d6:97:19:a6:fc:20:ed:57:
c3:70:05:4f:1a:ad:9d:2e:78:62:cc:c6:91:b7:a9:
a4:e2:90:44:d1:0c:39:b0:30:45:af:29:1e:45:4a:
7d:65:01:49:81:48:47:79:59:74:75:8f:98:90:8a:
5e:ec:b9:3a:c4:0d:30:e0:eb:f0:40:a6:37:fd:96:
05:be:36:d8:3e:f8:f0:c4:45:4e:ff:47:df:b8:0e:
19:f5:0e:4a:c9:fa:d6:14:cc:1f:c1:7a:8e:0b:5e:
5b:2a:19:b7:6f:76:39:4f:40:c7:c0:46:01:ae:ca:
35:38:58:79:9a:d2:b3:1a:57:3b:a8:dd:7a:ca:4e:
4c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:56:B9:41:DC:FB:4C:47:15:B7:42:36:B6:80:1F:48:D7:75:98:4D
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/vVa5Qdz7TEcVt0I2toAfSNd1mE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:410::-2a0e:97c0:412:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:41c::/47
2a0e:97c0:41f::/48
Signature Algorithm: sha256WithRSAEncryption
b9:c3:dd:f6:e6:80:a3:cf:82:d3:e6:15:55:63:4e:03:e5:dd:
f0:15:dd:76:ff:a1:eb:a9:63:eb:d0:dd:d8:e0:05:ab:ff:bc:
6f:67:e9:a6:15:3c:02:64:aa:47:4f:42:86:5d:cc:97:53:4e:
8a:e2:07:90:71:97:31:e1:dd:18:ad:f9:0d:bd:b5:90:64:08:
8c:fc:f2:f1:0d:ad:9e:24:25:6f:1a:69:d3:7f:85:b3:04:df:
20:54:ab:a4:0f:22:6b:cb:8f:3c:2b:9b:09:c2:3a:e9:a1:5a:
6c:b3:bf:aa:68:39:de:92:20:65:5c:92:de:e7:5e:2e:3c:be:
6e:e2:39:b1:21:15:ce:9d:a4:76:38:32:4d:63:a9:03:67:53:
7d:ad:5b:5c:41:79:68:30:14:da:9b:81:4d:c3:a6:4a:55:4c:
09:31:64:5e:e7:b4:c5:87:9d:9f:44:ef:22:a1:22:d4:bf:0f:
7a:e5:61:db:42:4b:04:1b:c1:0c:4b:3e:3e:64:a7:d5:c4:34:
db:d1:46:ba:04:51:a6:2a:23:e9:2d:52:a8:06:f1:ed:5e:dd:
86:03:09:2c:4a:dd:80:d0:77:89:76:3e:f8:09:9d:1b:da:01:
f8:a8:29:3f:93:5a:13:85:71:a3:80:88:0e:d3:47:9d:34:4f:
99:56:32:a7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQlIk9IcprBo7DqwoUqHSfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDU2Yjk0MWRjZmI0YzQ3MTViNzQyMzZiNjgwMWY0OGQ3NzU5ODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PTaxzULFJ7O0HCZiVUQdHu2zdj+
nZGYxONq1EniVfr0wNwqdypmNr6HZ8YbE1Qvu86BDPMVhluIFdSQlj6SIbv1LZRh
kg6GypS2sJgkgEtndJ1/mDApTmE3ZwujUES+KiysjECdVNIrvIfT5vC4NcwBuvXO
Uch4xPeIzdXR1pcZpvwg7VfDcAVPGq2dLnhizMaRt6mk4pBE0Qw5sDBFrykeRUp9
ZQFJgUhHeVl0dY+YkIpe7Lk6xA0w4OvwQKY3/ZYFvjbYPvjwxEVO/0ffuA4Z9Q5K
yfrWFMwfwXqOC15bKhm3b3Y5T0DHwEYBrso1OFh5mtKzGlc7qN16yk5MIwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL1WuUHc+0xHFbdCNraAH0jXdZhNMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdlZhNVFkejdURWNWdDBJMnRvQWZTTmQxbUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwQqDpfA
BBADBwAqDpfABBIDBwEqDpfABBwDBwAqDpfABB8wDQYJKoZIhvcNAQELBQADggEB
ALnD3fbmgKPPgtPmFVVjTgPl3fAV3Xb/oeupY+vQ3djgBav/vG9n6aYVPAJkqkdP
QoZdzJdTToriB5BxlzHh3Rit+Q29tZBkCIz88vENrZ4kJW8aadN/hbME3yBUq6QP
ImvLjzwrmwnCOumhWmyzv6poOd6SIGVckt7nXi48vm7iObEhFc6dpHY4Mk1jqQNn
U32tW1xBeWgwFNqbgU3DpkpVTAkxZF7ntMWHnZ9E7yKhItS/D3rlYdtCSwQbwQxL
Pj5kp9XENNvRRroEUaYqI+ktUqgG8e1e3YYDCSxK3YDQd4l2PvgJnRvaAfioKT+T
WhOFcaOAiA7TR500T5lWMqc=
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:45:31 2025 by rpki-client