Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y8LnsvaMXC9Lsjqfw-Oq2fH1axg.roa
File: y8LnsvaMXC9Lsjqfw-Oq2fH1axg.roa (raw, json)
Hash identifier: 7GHLJkxfwj0GQKTFCo1kb6wvZCElT+IuBM5V862Ap+0=
Subject key identifier: CB:C2:E7:B2:F6:8C:5C:2F:4B:B2:3A:9F:C3:E3:AA:D9:F1:F5:6B:18
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01957136EF8934ECEFE83852178282163F8B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y8LnsvaMXC9Lsjqfw-Oq2fH1axg.roa
Signing time: Fri 07 Mar 2025 15:26:20 +0000
ROA not before: Fri 07 Mar 2025 15:26:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211952
IP address blocks: 2a0e:97c0:5f0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:71:36:ef:89:34:ec:ef:e8:38:52:17:82:82:16:3f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Mar 7 15:26:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbc2e7b2f68c5c2f4bb23a9fc3e3aad9f1f56b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4a:72:a5:df:da:bc:51:75:4b:8a:df:53:1f:
c4:65:5f:b4:3b:ba:77:31:02:c8:f0:83:c2:ab:53:
95:29:d9:a0:33:76:17:45:93:fd:51:84:2e:c7:c6:
b3:a6:fb:1e:4c:b2:5f:d4:e1:c6:cb:5d:aa:66:37:
6b:89:87:7b:3a:a4:fe:0c:6f:c2:6d:74:2c:8d:08:
46:da:7f:e6:20:d9:1f:45:a1:03:c2:89:dc:83:87:
e9:3b:8a:2e:36:c6:87:a1:b3:b8:41:bf:ec:16:1f:
28:a1:7a:3a:16:8e:55:eb:91:49:0c:42:16:05:c9:
ed:3a:97:59:00:f6:14:26:17:15:17:54:60:4a:41:
9a:63:76:01:0a:05:4f:7d:f6:c0:df:c2:9f:9b:6f:
88:b0:c1:6b:27:b9:3e:7c:ca:de:7c:43:19:11:92:
17:fb:ab:e4:0b:27:f4:7a:ba:dd:33:cf:b2:a8:3e:
49:c6:b7:f0:17:6e:60:bb:51:49:57:84:00:a5:54:
7e:f0:50:30:ee:f9:35:2e:7e:e2:86:91:31:72:9c:
4a:89:6e:cd:fe:75:25:10:92:72:bd:ca:3a:a8:7c:
52:a4:88:3b:76:d7:37:f5:c9:f2:36:bf:8e:13:af:
28:57:fb:bc:5a:66:8f:8a:b8:68:7e:15:69:82:60:
15:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C2:E7:B2:F6:8C:5C:2F:4B:B2:3A:9F:C3:E3:AA:D9:F1:F5:6B:18
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/y8LnsvaMXC9Lsjqfw-Oq2fH1axg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:5f0::/44
Signature Algorithm: sha256WithRSAEncryption
89:46:9c:9f:89:ec:4d:68:68:11:b5:e3:35:f5:aa:cc:2a:5d:
14:e2:fd:cc:70:53:75:1e:90:cb:f4:2c:6f:3b:40:73:f4:75:
2c:eb:20:f3:c7:41:ea:09:26:92:4c:89:fd:d6:d8:2f:da:52:
e9:57:61:51:13:7b:cb:ec:0c:a3:a6:f0:e7:09:86:75:9b:ff:
fe:96:2b:5c:6e:c2:93:ee:1a:78:26:c1:af:0f:50:b8:a8:49:
a9:f7:a3:08:83:b6:e4:67:06:95:53:90:be:e0:5c:26:f3:0a:
36:e3:fc:6e:47:6a:86:30:2d:14:2f:a1:63:77:f2:84:59:b6:
2a:d3:33:5a:39:d6:71:34:d9:9a:bc:6e:4d:b0:7c:c7:b9:59:
61:6e:f9:a6:76:4d:4c:e9:a5:7f:d0:e0:da:71:89:3a:32:f5:
1c:43:00:19:eb:d8:e1:5e:2b:1c:12:0e:0f:48:35:e8:5b:4e:
47:99:ce:2a:a9:8b:02:80:29:51:81:44:0d:be:3f:9a:03:39:
00:20:18:4e:72:41:25:e5:f6:bf:4a:7d:cc:b4:d3:7b:18:89:
42:1f:2b:0e:47:fc:df:24:21:7b:ef:86:18:7b:65:34:b2:8b:
00:ad:3d:0c:b8:12:f5:fd:90:41:7c:2a:26:8c:a9:e9:06:a0:
3d:16:70:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZVxNu+JNOzv6DhSF4KCFj+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMzA3MTUyNjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmMyZTdiMmY2OGM1YzJmNGJiMjNhOWZjM2UzYWFkOWYxZjU2YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0pypd/avFF1S4rfUx/EZV+0O7p3
MQLI8IPCq1OVKdmgM3YXRZP9UYQux8azpvseTLJf1OHGy12qZjdriYd7OqT+DG/C
bXQsjQhG2n/mINkfRaEDwoncg4fpO4ouNsaHobO4Qb/sFh8ooXo6Fo5V65FJDEIW
BcntOpdZAPYUJhcVF1RgSkGaY3YBCgVPffbA38Kfm2+IsMFrJ7k+fMrefEMZEZIX
+6vkCyf0errdM8+yqD5JxrfwF25gu1FJV4QApVR+8FAw7vk1Ln7ihpExcpxKiW7N
/nUlEJJyvco6qHxSpIg7dtc39cnyNr+OE68oV/u8WmaPirhofhVpgmAV6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMvC57L2jFwvS7I6n8Pjqtnx9WsYMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEveThMbnN2YU1YQzlMc2pxZnctT3EyZkgxYXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAXw
MA0GCSqGSIb3DQEBCwUAA4IBAQCJRpyfiexNaGgRteM19arMKl0U4v3McFN1HpDL
9CxvO0Bz9HUs6yDzx0HqCSaSTIn91tgv2lLpV2FRE3vL7AyjpvDnCYZ1m//+litc
bsKT7hp4JsGvD1C4qEmp96MIg7bkZwaVU5C+4Fwm8wo24/xuR2qGMC0UL6Fjd/KE
WbYq0zNaOdZxNNmavG5NsHzHuVlhbvmmdk1M6aV/0ODacYk6MvUcQwAZ69jhXisc
Eg4PSDXoW05Hmc4qqYsCgClRgUQNvj+aAzkAIBhOckEl5fa/Sn3MtNN7GIlCHysO
R/zfJCF774YYe2U0sosArT0MuBL1/ZBBfComjKnpBqA9FnCo
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:51:23 2025 by rpki-client