Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/VYwvZ9OHIlRbhHXyXxBLwaXS8K8.roa
File: VYwvZ9OHIlRbhHXyXxBLwaXS8K8.roa (raw, json)
Hash identifier: dnJzWIPR+2RTl2ECqdSA76Gag1tIQoNuzSSgRCHhVCA=
Subject key identifier: 55:8C:2F:67:D3:87:22:54:5B:84:75:F2:5F:10:4B:C1:A5:D2:F0:AF
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 0195808F748C99679126BEFB434793C7C9E9
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/VYwvZ9OHIlRbhHXyXxBLwaXS8K8.roa
Signing time: Mon 10 Mar 2025 14:57:19 +0000
ROA not before: Mon 10 Mar 2025 14:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15404
IP address blocks: 2a02:11f8:70::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:8f:74:8c:99:67:91:26:be:fb:43:47:93:c7:c9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Mar 10 14:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=558c2f67d38722545b8475f25f104bc1a5d2f0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:19:a6:e1:72:83:93:b3:e3:2a:6b:16:59:
50:a4:b0:86:1b:70:3d:3e:a0:9b:32:ad:1d:c7:dc:
92:86:2b:34:79:b7:67:05:72:63:59:0c:3a:6f:54:
56:b3:c9:4f:bd:26:2f:03:a8:cf:c4:00:85:d7:56:
23:ed:4f:29:74:f5:44:9c:41:f3:a5:2e:42:33:a6:
ac:25:63:f2:e8:75:dd:32:a3:aa:52:2e:91:e6:b8:
e8:6d:fd:de:b8:b9:fc:7c:88:d8:74:7e:0d:0c:d9:
44:32:cf:bf:27:e8:00:01:67:6a:b1:cb:26:00:a3:
ee:6a:de:18:7e:12:9e:c1:0b:8e:99:60:ea:82:1c:
55:47:7e:bd:14:55:71:4d:49:fc:ba:38:33:a8:fa:
9a:32:a2:7e:37:8d:e1:8e:92:2b:f0:5f:62:52:21:
98:2d:1f:5a:d0:a2:08:02:14:b1:04:95:98:90:d0:
42:de:7d:c9:f2:f7:b2:4d:ca:7a:cf:30:a2:ba:50:
1e:d0:a2:bf:9e:f5:df:e9:8e:c2:08:3f:64:86:8e:
86:80:17:d6:2a:08:da:01:3f:54:3c:93:8a:69:12:
7e:fd:e8:80:54:01:60:a9:a8:4e:c1:b8:0d:2b:c0:
ec:38:89:da:a6:c6:46:ab:6b:c5:b9:03:4f:d2:b2:
06:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:8C:2F:67:D3:87:22:54:5B:84:75:F2:5F:10:4B:C1:A5:D2:F0:AF
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/VYwvZ9OHIlRbhHXyXxBLwaXS8K8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:11f8:70::/48
Signature Algorithm: sha256WithRSAEncryption
4d:b1:96:6a:92:62:1f:54:e5:6d:63:14:53:78:f7:17:a7:92:
42:b5:29:15:fa:28:da:5e:28:fb:4c:fd:20:9e:f3:b8:b0:1b:
86:a9:df:8b:4b:a2:95:66:14:df:56:5c:4b:92:a2:aa:00:92:
bc:9b:2e:59:4d:c3:21:56:e4:73:19:84:5a:94:6a:f8:a8:7a:
58:22:ef:6a:7d:1e:af:94:30:d0:4d:d9:6b:5a:94:81:e4:dd:
b3:a2:45:17:04:6a:b8:90:31:6a:32:3a:a7:75:d5:f9:af:f8:
ef:37:4c:59:cd:c2:05:b8:d2:e6:61:97:f2:81:a9:dc:fc:d4:
f6:e0:cf:21:8e:54:e2:bc:e6:53:39:d0:ff:b3:3d:87:9b:fb:
cc:05:f0:43:75:80:0f:ee:6a:d7:95:89:a6:a3:08:4e:8c:0a:
f2:9a:80:9c:8a:20:b6:25:84:5a:db:59:d2:c2:fe:e9:40:4b:
78:c1:bb:53:fc:85:5b:81:23:a5:b8:71:55:9e:42:6c:19:b6:
5b:16:b4:24:13:7f:83:39:9c:eb:2b:6c:21:f9:48:fa:ef:11:
86:7e:55:d7:78:43:cc:74:21:73:25:db:42:ac:8e:73:57:fd:
eb:1b:11:fb:01:4f:bb:c3:24:5c:70:ab:a0:9a:23:12:5e:1f:
e8:bc:23:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZWAj3SMmWeRJr77Q0eTx8npMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjUwMzEwMTQ1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NThjMmY2N2QzODcyMjU0NWI4NDc1ZjI1ZjEwNGJjMWE1ZDJmMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+kZpuFyg5Oz4yprFllQpLCGG3A9
PqCbMq0dx9yShis0ebdnBXJjWQw6b1RWs8lPvSYvA6jPxACF11Yj7U8pdPVEnEHz
pS5CM6asJWPy6HXdMqOqUi6R5rjobf3euLn8fIjYdH4NDNlEMs+/J+gAAWdqscsm
AKPuat4YfhKewQuOmWDqghxVR369FFVxTUn8ujgzqPqaMqJ+N43hjpIr8F9iUiGY
LR9a0KIIAhSxBJWYkNBC3n3J8veyTcp6zzCiulAe0KK/nvXf6Y7CCD9kho6GgBfW
KgjaAT9UPJOKaRJ+/eiAVAFgqahOwbgNK8DsOInapsZGq2vFuQNP0rIGswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFWML2fThyJUW4R18l8QS8Gl0vCvMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvVll3dlo5T0hJbFJiaEhYeVh4Qkx3YVhTOEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIR+ABw
MA0GCSqGSIb3DQEBCwUAA4IBAQBNsZZqkmIfVOVtYxRTePcXp5JCtSkV+ijaXij7
TP0gnvO4sBuGqd+LS6KVZhTfVlxLkqKqAJK8my5ZTcMhVuRzGYRalGr4qHpYIu9q
fR6vlDDQTdlrWpSB5N2zokUXBGq4kDFqMjqnddX5r/jvN0xZzcIFuNLmYZfyganc
/NT24M8hjlTivOZTOdD/sz2Hm/vMBfBDdYAP7mrXlYmmowhOjArymoCciiC2JYRa
21nSwv7pQEt4wbtT/IVbgSOluHFVnkJsGbZbFrQkE3+DOZzrK2wh+Uj67xGGflXX
eEPMdCFzJdtCrI5zV/3rGxH7AU+7wyRccKugmiMSXh/ovCO6
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:40:28 2025 by rpki-client