Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/pRrFUDZNpVkEXgJmG12wphF_C9g.roa
File: pRrFUDZNpVkEXgJmG12wphF_C9g.roa (raw, json)
Hash identifier: a/tMxjv9OgIAKvlTvu10/+/hLJI0xJyCnVYW2Z0Vv7w=
Subject key identifier: A5:1A:C5:50:36:4D:A5:59:04:5E:02:66:1B:5D:B0:A6:11:7F:0B:D8
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0195A928FAE71CD3E3D819340A34619D639C
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/pRrFUDZNpVkEXgJmG12wphF_C9g.roa
Signing time: Tue 18 Mar 2025 12:09:49 +0000
ROA not before: Tue 18 Mar 2025 12:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208695
IP address blocks: 2a0a:e9c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a9:28:fa:e7:1c:d3:e3:d8:19:34:0a:34:61:9d:63:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 18 12:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a51ac550364da559045e02661b5db0a6117f0bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:94:1b:ff:be:8f:6d:8d:65:e4:47:ea:41:c1:
31:fb:35:4d:17:2b:e7:25:f7:56:8e:a5:28:9b:7a:
97:aa:97:84:cc:a9:c4:ac:f4:a9:0f:55:ae:c4:e1:
21:1d:d4:4a:36:c1:78:1c:48:a2:b9:67:e8:09:7e:
ff:54:05:e2:ee:65:0f:af:30:6d:f1:0f:0f:17:88:
6d:58:0c:a8:6c:6b:1b:31:fb:8c:1b:77:56:f1:2c:
bc:b0:ed:d7:06:1c:01:c5:e1:94:2e:09:10:7e:fe:
40:c9:7f:53:f5:c1:71:64:8b:07:87:46:2e:c3:78:
02:3e:fe:0e:95:87:a4:1a:f9:76:2b:0f:ee:8d:5b:
c2:a4:fa:71:be:39:93:5a:06:d6:d2:43:2c:51:1c:
81:18:74:30:c8:58:00:9e:e2:f0:15:90:53:00:94:
d2:f6:6a:15:da:84:bb:fb:1f:08:54:44:04:96:1a:
3d:b3:2e:c9:e3:57:a7:0d:1e:76:49:cd:fb:1c:45:
b1:32:84:46:c0:7f:e1:52:00:d9:af:be:b0:e0:30:
91:99:e6:84:f7:f0:38:f0:37:95:85:5c:76:9a:db:
c0:11:df:69:49:18:16:5e:2d:8b:02:d7:ff:7a:ac:
d3:94:84:64:3d:9b:b3:35:ac:e8:9f:18:28:e4:a7:
11:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1A:C5:50:36:4D:A5:59:04:5E:02:66:1B:5D:B0:A6:11:7F:0B:D8
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/pRrFUDZNpVkEXgJmG12wphF_C9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:e9c1::/32
Signature Algorithm: sha256WithRSAEncryption
40:d6:0c:b7:ad:10:95:19:6e:54:b2:a8:d0:2a:f8:99:f6:d0:
df:c2:18:ec:24:2d:df:55:33:28:cb:95:f5:e7:6b:19:df:5b:
56:eb:a2:34:c6:79:fe:a7:c9:91:ef:dc:d6:01:3c:2d:09:3b:
2c:c5:43:76:2e:69:4f:fd:c1:10:67:aa:03:e3:84:1a:20:99:
9a:a9:bb:ee:a3:93:01:16:83:99:3b:f7:5c:ef:98:a9:12:46:
da:c7:a0:1b:42:fc:37:6f:ac:73:3c:b3:24:8e:3b:9d:90:29:
d4:93:ed:9d:d1:09:28:dd:fe:9b:40:0b:41:2d:5f:e4:d3:37:
65:32:87:04:9c:09:0e:c3:2b:e2:66:da:49:b5:a9:f9:d4:91:
09:4b:c5:12:91:ea:46:86:91:53:fa:da:e6:40:76:d6:15:8b:
78:ab:0f:22:b1:6b:cc:f1:c5:cf:93:98:83:18:f8:42:89:8f:
d9:93:3d:7e:9c:16:ef:85:e3:f0:0f:db:e5:51:99:8b:f5:3a:
0f:c9:06:11:ad:94:cb:f7:f8:43:45:d8:e8:75:16:8c:71:91:
fa:65:95:51:1d:74:f7:6d:5e:cf:11:45:29:cc:a9:bb:c1:bb:
ab:e0:a1:9a:7c:c8:e5:e9:9b:82:88:ef:e3:ae:dc:22:f0:63:
17:00:90:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWpKPrnHNPj2Bk0CjRhnWOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMzE4MTIwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTFhYzU1MDM2NGRhNTU5MDQ1ZTAyNjYxYjVkYjBhNjExN2YwYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJQb/76PbY1l5EfqQcEx+zVNFyvn
JfdWjqUom3qXqpeEzKnErPSpD1WuxOEhHdRKNsF4HEiiuWfoCX7/VAXi7mUPrzBt
8Q8PF4htWAyobGsbMfuMG3dW8Sy8sO3XBhwBxeGULgkQfv5AyX9T9cFxZIsHh0Yu
w3gCPv4OlYekGvl2Kw/ujVvCpPpxvjmTWgbW0kMsURyBGHQwyFgAnuLwFZBTAJTS
9moV2oS7+x8IVEQElho9sy7J41enDR52Sc37HEWxMoRGwH/hUgDZr76w4DCRmeaE
9/A48DeVhVx2mtvAEd9pSRgWXi2LAtf/eqzTlIRkPZuzNazonxgo5KcRsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKUaxVA2TaVZBF4CZhtdsKYRfwvYMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvcFJyRlVEWk5wVmtFWGdKbUcxMndwaEZfQzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgrpwTAN
BgkqhkiG9w0BAQsFAAOCAQEAQNYMt60QlRluVLKo0Cr4mfbQ38IY7CQt31UzKMuV
9edrGd9bVuuiNMZ5/qfJke/c1gE8LQk7LMVDdi5pT/3BEGeqA+OEGiCZmqm77qOT
ARaDmTv3XO+YqRJG2segG0L8N2+sczyzJI47nZAp1JPtndEJKN3+m0ALQS1f5NM3
ZTKHBJwJDsMr4mbaSbWp+dSRCUvFEpHqRoaRU/ra5kB21hWLeKsPIrFrzPHFz5OY
gxj4QomP2ZM9fpwW74Xj8A/b5VGZi/U6D8kGEa2Uy/f4Q0XY6HUWjHGR+mWVUR10
921ezxFFKcypu8G7q+ChmnzI5embgojv467cIvBjFwCQ9g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:37:15 2025 by rpki-client