Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5a7d2f-5168-4720-8ce0-704149619c46/1/uDI0D6qr7-usCDL-fgv2aBY_bUU.roa
File: uDI0D6qr7-usCDL-fgv2aBY_bUU.roa (raw, json)
Hash identifier: H5Mm89vS+5YR+a0XeYRvNkRodKD27aIsyfCqNBxXQhg=
Subject key identifier: B8:32:34:0F:AA:AB:EF:EB:AC:08:32:FE:7E:0B:F6:68:16:3F:6D:45
Certificate issuer: /CN=458cc52a0707cc340ac9c7f6e9028b64b70267bc
Certificate serial: 0194266BE0BFD4ED5356867A2F35CB673EEA
Authority key identifier: 45:8C:C5:2A:07:07:CC:34:0A:C9:C7:F6:E9:02:8B:64:B7:02:67:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYzFKgcHzDQKycf26QKLZLcCZ7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/5a7d2f-5168-4720-8ce0-704149619c46/1/uDI0D6qr7-usCDL-fgv2aBY_bUU.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52209
IP address blocks: 2a13:9e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e0:bf:d4:ed:53:56:86:7a:2f:35:cb:67:3e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458cc52a0707cc340ac9c7f6e9028b64b70267bc
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b832340faaabefebac0832fe7e0bf668163f6d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f7:60:55:4f:57:40:7e:fa:1e:ab:7c:93:11:
d4:cc:3b:15:36:9d:0d:cd:db:35:6b:ce:28:ce:ad:
31:e7:18:dd:4b:8c:9d:d8:f3:4a:27:a9:27:7b:e0:
be:38:58:3d:79:39:48:0a:98:ab:b0:6f:02:c4:7d:
32:58:42:13:a0:e1:7e:77:c8:c0:0e:9e:00:ac:8a:
2e:ce:fb:51:10:6d:52:33:68:72:48:21:e2:5d:83:
65:23:bf:ef:ec:01:f5:ac:68:15:e0:13:36:f5:47:
8c:cf:75:b3:00:b5:86:7e:0a:90:b9:11:f2:39:18:
78:5e:01:8f:d1:16:b7:87:bb:b7:27:42:fe:6b:15:
c2:1c:8b:f6:65:14:cd:fa:b4:73:60:1f:68:cf:95:
cc:c4:e7:dd:6f:32:a1:01:11:b4:25:41:be:46:f7:
1a:26:41:6b:b9:38:54:a1:f1:dc:84:b1:f0:47:bc:
73:2a:58:ac:c2:6b:55:06:08:6b:63:69:ea:50:13:
c6:f0:98:00:26:5b:67:bf:49:04:59:ab:09:a9:1c:
bb:26:d1:e9:08:fb:8e:0f:2a:5b:9f:8b:f8:88:ab:
89:2c:7f:48:05:91:de:12:b6:50:71:bc:dd:42:28:
82:b3:61:2b:66:c8:a4:fb:50:88:20:d6:20:10:d5:
c3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:32:34:0F:AA:AB:EF:EB:AC:08:32:FE:7E:0B:F6:68:16:3F:6D:45
X509v3 Authority Key Identifier:
keyid:45:8C:C5:2A:07:07:CC:34:0A:C9:C7:F6:E9:02:8B:64:B7:02:67:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYzFKgcHzDQKycf26QKLZLcCZ7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5a7d2f-5168-4720-8ce0-704149619c46/1/uDI0D6qr7-usCDL-fgv2aBY_bUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5a7d2f-5168-4720-8ce0-704149619c46/1/RYzFKgcHzDQKycf26QKLZLcCZ7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
1f:2d:f7:e8:74:3c:c9:97:3c:eb:9e:f7:26:7a:17:e6:57:5b:
ac:e8:d1:e2:f4:2f:b3:0d:b0:35:26:9f:ac:4e:30:c1:39:62:
c7:66:79:27:0c:13:78:67:1b:4b:95:18:66:76:21:97:c7:37:
cd:11:83:ff:5c:22:f9:1f:19:05:f0:47:69:9c:26:41:b5:fd:
3a:7f:5a:3e:2f:c2:eb:a8:57:be:e6:a7:91:a3:fd:dc:0d:de:
73:07:cd:70:81:dc:cf:0d:27:3b:60:d7:4e:8f:1e:8f:07:c5:
a6:04:03:15:4e:bf:02:db:5d:be:d9:57:ae:da:fb:18:28:60:
67:20:0a:e6:56:7e:02:cc:67:07:43:41:2c:e0:6b:c1:72:3c:
5c:d8:29:cd:00:fe:bc:15:d5:af:5c:c4:26:97:1e:b1:df:f2:
fa:20:b7:bc:a9:aa:06:33:8d:8b:16:6c:56:5f:07:65:77:9f:
a6:59:70:ae:53:70:fe:d5:fa:21:31:e4:03:82:c7:80:4f:b9:
c4:26:39:30:0d:92:81:87:4b:e2:25:9f:3d:0f:e5:f2:12:24:
b3:d9:9a:ad:87:03:ce:b9:56:a9:81:35:53:13:86:28:72:16:
d0:4a:9c:ac:44:7e:6a:1d:a7:93:3f:98:87:68:96:d5:15:3a:
b3:f6:58:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQma+C/1O1TVoZ6LzXLZz7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGNjNTJhMDcwN2NjMzQwYWM5YzdmNmU5MDI4YjY0Yjcw
MjY3YmMwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODMyMzQwZmFhYWJlZmViYWMwODMyZmU3ZTBiZjY2ODE2M2Y2ZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/dgVU9XQH76Hqt8kxHUzDsVNp0N
zds1a84ozq0x5xjdS4yd2PNKJ6kne+C+OFg9eTlICpirsG8CxH0yWEIToOF+d8jA
Dp4ArIouzvtREG1SM2hySCHiXYNlI7/v7AH1rGgV4BM29UeMz3WzALWGfgqQuRHy
ORh4XgGP0Ra3h7u3J0L+axXCHIv2ZRTN+rRzYB9oz5XMxOfdbzKhARG0JUG+Rvca
JkFruThUofHchLHwR7xzKliswmtVBghrY2nqUBPG8JgAJltnv0kEWasJqRy7JtHp
CPuODypbn4v4iKuJLH9IBZHeErZQcbzdQiiCs2ErZsik+1CIINYgENXD1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLgyNA+qq+/rrAgy/n4L9mgWP21FMB8GA1UdIwQY
MBaAFEWMxSoHB8w0CsnH9ukCi2S3Ame8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUll6RktnY0h6RFFLeWNmMjZRS0xaTGNDWjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81YTdkMmYtNTE2OC00NzIwLThjZTAt
NzA0MTQ5NjE5YzQ2LzEvdURJMEQ2cXI3LXVzQ0RMLWZndjJhQllfYlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS81YTdkMmYtNTE2OC00NzIwLThjZTAtNzA0MTQ5NjE5YzQ2
LzEvUll6RktnY0h6RFFLeWNmMjZRS0xaTGNDWjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOeQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHy336HQ8yZc86573JnoX5ldbrOjR4vQvsw2wNSaf
rE4wwTlix2Z5JwwTeGcbS5UYZnYhl8c3zRGD/1wi+R8ZBfBHaZwmQbX9On9aPi/C
66hXvuankaP93A3ecwfNcIHczw0nO2DXTo8ejwfFpgQDFU6/AttdvtlXrtr7GChg
ZyAK5lZ+AsxnB0NBLOBrwXI8XNgpzQD+vBXVr1zEJpcesd/y+iC3vKmqBjONixZs
Vl8HZXefpllwrlNw/tX6ITHkA4LHgE+5xCY5MA2SgYdL4iWfPQ/l8hIks9marYcD
zrlWqYE1UxOGKHIW0EqcrER+ah2nkz+Yh2iW1RU6s/ZYNA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:24 2025 by rpki-client