Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y32TUeYaom7ZlXTNVVLtVL5NUsA.roa
File: y32TUeYaom7ZlXTNVVLtVL5NUsA.roa (raw, json)
Hash identifier: ENG787VDjfAsw6H+AqB/AHS8c08mjdNv1uOVBxd+fqE=
Subject key identifier: CB:7D:93:51:E6:1A:A2:6E:D9:95:74:CD:55:52:ED:54:BE:4D:52:C0
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0194252238EAD41FE9F39BBBAA32E7DCDCCF
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y32TUeYaom7ZlXTNVVLtVL5NUsA.roa
Signing time: Thu 02 Jan 2025 03:49:47 +0000
ROA not before: Thu 02 Jan 2025 03:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209606
IP address blocks: 2a0e:b107:a50::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:38:ea:d4:1f:e9:f3:9b:bb:aa:32:e7:dc:dc:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb7d9351e61aa26ed99574cd5552ed54be4d52c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cf:78:a5:2b:51:eb:68:25:0a:4b:40:c1:e7:
dc:cb:56:1c:8e:57:ef:47:8c:1c:69:63:85:d4:aa:
bc:37:3a:69:bc:0f:d8:e4:e9:50:ad:f9:80:7d:e1:
a4:e9:b3:36:d7:bf:61:bd:75:c7:ce:be:27:89:78:
c1:1e:6b:de:df:42:b5:63:50:81:0b:fb:f4:86:f9:
ba:58:a3:cb:53:c6:64:ea:d2:a1:b0:bf:21:9b:21:
84:4b:14:a8:84:c4:cf:e8:9b:f1:e5:b0:48:cf:34:
14:5c:5b:63:41:d1:4e:08:43:36:cd:24:23:65:c3:
0f:ee:83:72:e6:1f:5e:60:df:f1:8b:57:2d:ed:83:
8a:53:df:48:19:20:cc:8e:c2:30:ec:3a:ef:75:d2:
8d:19:b3:39:36:65:f0:ab:62:88:4a:23:aa:67:f0:
ac:b0:59:63:12:ed:35:93:8f:9b:b3:b7:66:e0:94:
72:73:b9:da:9d:bb:e4:f1:7a:54:8e:72:7b:e6:e8:
66:a9:24:3a:3e:e7:87:cf:af:ed:8b:b7:72:f5:7a:
a5:03:13:5b:f0:0f:29:ba:7f:bd:66:24:d7:3d:08:
e5:cb:b7:de:aa:67:3a:8b:50:bd:8a:b0:23:a0:43:
40:b9:9b:12:2c:6d:42:2d:63:ab:74:b8:30:3e:67:
d6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:7D:93:51:E6:1A:A2:6E:D9:95:74:CD:55:52:ED:54:BE:4D:52:C0
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y32TUeYaom7ZlXTNVVLtVL5NUsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:a50::/44
Signature Algorithm: sha256WithRSAEncryption
5f:63:d6:e0:22:88:ae:0a:5a:a2:d2:5a:14:64:9c:7b:c5:bc:
d2:82:79:be:fb:db:f0:a0:c2:0e:f3:39:a6:28:2d:1f:6e:c5:
8a:35:24:b9:1c:8e:81:41:b5:d2:1a:5e:2b:06:4e:25:2b:63:
74:84:76:fc:9e:95:75:a1:f8:ef:1a:f1:cb:fa:13:8c:3e:52:
dd:eb:79:63:0a:07:1b:56:43:36:f7:5a:1a:28:d1:e1:c2:f1:
33:95:d3:da:0c:c8:d3:6a:78:42:00:33:90:6b:79:92:3a:1d:
85:00:21:89:51:5d:30:05:58:83:2a:7b:7f:fb:35:44:c4:fb:
83:6d:43:97:40:c5:c8:93:ec:25:12:a6:9b:71:5a:5a:f8:27:
d2:01:2d:ce:86:04:89:9a:fe:ea:f2:31:96:65:9e:ef:7a:6e:
cf:98:d1:7b:60:38:b5:3d:fd:af:e7:38:d0:c5:75:1a:76:99:
84:5e:cd:d5:ab:33:02:b8:47:d6:df:1e:43:be:a4:c3:46:2d:
57:58:74:45:7d:f0:b4:4a:be:44:e1:e3:5d:9c:7e:f9:b1:ce:
6a:07:1c:67:16:a8:a6:97:57:af:97:68:ec:47:28:c7:65:27:
a2:ed:56:87:15:69:be:d5:2c:45:79:c0:f9:4b:6b:71:8b:33:
4f:78:dc:b1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIjjq1B/p85u7qjLn3NzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjdkOTM1MWU2MWFhMjZlZDk5NTc0Y2Q1NTUyZWQ1NGJlNGQ1MmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM94pStR62glCktAwefcy1Ycjlfv
R4wcaWOF1Kq8NzppvA/Y5OlQrfmAfeGk6bM2179hvXXHzr4niXjBHmve30K1Y1CB
C/v0hvm6WKPLU8Zk6tKhsL8hmyGESxSohMTP6Jvx5bBIzzQUXFtjQdFOCEM2zSQj
ZcMP7oNy5h9eYN/xi1ct7YOKU99IGSDMjsIw7DrvddKNGbM5NmXwq2KISiOqZ/Cs
sFljEu01k4+bs7dm4JRyc7nanbvk8XpUjnJ75uhmqSQ6PueHz6/ti7dy9XqlAxNb
8A8pun+9ZiTXPQjly7feqmc6i1C9irAjoENAuZsSLG1CLWOrdLgwPmfWLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMt9k1HmGqJu2ZV0zVVS7VS+TVLAMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveTMyVFVlWWFvbTdabFhUTlZWTHRWTDVOVXNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBwpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBfY9bgIoiuClqi0loUZJx7xbzSgnm++9vwoMIO
8zmmKC0fbsWKNSS5HI6BQbXSGl4rBk4lK2N0hHb8npV1ofjvGvHL+hOMPlLd63lj
CgcbVkM291oaKNHhwvEzldPaDMjTanhCADOQa3mSOh2FACGJUV0wBViDKnt/+zVE
xPuDbUOXQMXIk+wlEqabcVpa+CfSAS3OhgSJmv7q8jGWZZ7vem7PmNF7YDi1Pf2v
5zjQxXUadpmEXs3VqzMCuEfW3x5DvqTDRi1XWHRFffC0Sr5E4eNdnH75sc5qBxxn
Fqiml1evl2jsRyjHZSei7VaHFWm+1SxFecD5S2txizNPeNyx
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:45:32 2025 by rpki-client