Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/04WYPkgchtlj1hd0Q5o-dY-62sU.roa
File: 04WYPkgchtlj1hd0Q5o-dY-62sU.roa (raw, json)
Hash identifier: fXAlyR1iCAvhPb0DdBSjBVpdxFvfTHr0MvZKu/A+ar0=
Subject key identifier: D3:85:98:3E:48:1C:86:D9:63:D6:17:74:43:9A:3E:75:8F:BA:DA:C5
Certificate issuer: /CN=5b0329066138bb5564571fc3c29ee953e5c1c7a3
Certificate serial: 01953FBE2BFB299807757B015A4614341724
Authority key identifier: 5B:03:29:06:61:38:BB:55:64:57:1F:C3:C2:9E:E9:53:E5:C1:C7:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/04WYPkgchtlj1hd0Q5o-dY-62sU.roa
Signing time: Wed 26 Feb 2025 00:53:02 +0000
ROA not before: Wed 26 Feb 2025 00:53:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64286
IP address blocks: 2a0a:7741::/32 maxlen: 32
2a0a:7742::/32 maxlen: 32
2a0a:7743::/32 maxlen: 32
2a0a:7744::/32 maxlen: 32
2a0a:7745::/32 maxlen: 32
2a0a:7746::/32 maxlen: 32
2a0a:7747::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3f:be:2b:fb:29:98:07:75:7b:01:5a:46:14:34:17:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b0329066138bb5564571fc3c29ee953e5c1c7a3
Validity
Not Before: Feb 26 00:53:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d385983e481c86d963d61774439a3e758fbadac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:79:f2:c8:17:c3:be:0b:72:e5:f8:47:c7:94:
e7:1b:72:e9:f8:d1:bb:f7:ac:59:ad:27:31:3c:f8:
70:ea:4c:46:c4:cc:a0:e1:f0:0a:8d:da:dc:da:ea:
0f:ed:25:cf:d1:a0:ea:c0:a8:81:fd:72:34:3c:f1:
8b:8c:3e:36:ae:23:d2:29:6c:f3:40:66:54:e2:49:
7c:57:05:03:aa:a2:a5:b7:f4:b9:4e:3d:ce:da:d8:
0f:f9:7e:bc:92:22:02:6c:4b:78:e9:88:0b:f7:f8:
e4:b3:a2:4f:26:ed:26:14:90:0f:35:de:c3:46:ea:
d6:4e:2d:e7:25:26:07:7c:32:6f:1e:c5:39:89:71:
e3:00:f8:b2:ec:e0:91:ce:d5:f6:39:ef:68:e4:52:
ca:bc:f5:ff:44:dc:4c:87:f3:c3:84:24:3a:db:9a:
99:cd:44:f5:8f:49:58:e1:ff:34:20:1f:e3:be:43:
6e:4b:3c:f1:e2:58:d3:43:ef:85:98:77:b7:9c:6f:
31:16:85:e4:ea:d4:3d:94:b8:ea:76:98:08:24:0b:
35:a2:3e:4f:9d:2f:a9:bf:02:09:42:75:53:4f:e4:
9a:b5:65:11:47:24:a3:d1:22:62:50:8b:c2:1c:72:
a9:97:a9:42:7f:34:c8:bc:0e:db:d8:45:4e:88:b9:
b0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:85:98:3E:48:1C:86:D9:63:D6:17:74:43:9A:3E:75:8F:BA:DA:C5
X509v3 Authority Key Identifier:
keyid:5B:03:29:06:61:38:BB:55:64:57:1F:C3:C2:9E:E9:53:E5:C1:C7:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/04WYPkgchtlj1hd0Q5o-dY-62sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/77096f-bb89-411e-90e0-30c7f39d8e1c/1/WwMpBmE4u1VkVx_Dwp7pU-XBx6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:7741::-2a0a:7747:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:5b:66:50:b7:fa:7d:c8:ca:36:a9:68:b3:b3:d4:11:31:f1:
35:86:f1:16:df:52:00:65:b1:26:8c:50:36:9a:ed:5b:7b:4f:
cb:83:22:9d:8c:8d:4a:83:c2:c8:b8:1f:cb:48:2b:bf:5f:64:
17:1a:fc:f6:d5:26:1a:ce:03:28:1c:cf:c8:c9:6d:85:64:5f:
0a:61:3c:74:c4:cd:24:e6:81:26:13:ff:98:61:96:06:3b:1d:
f6:61:6d:c6:fd:e0:56:bc:71:2b:dc:af:ca:cc:ca:5b:3a:44:
00:bd:e2:3a:0f:58:ad:71:8c:4d:68:66:c5:59:17:39:42:fd:
7e:cd:c9:de:f0:19:8c:8d:7e:3c:18:27:53:73:fd:19:08:c2:
9e:67:3f:7a:45:2e:49:6c:23:2e:c1:9c:e3:0f:48:20:7a:a6:
92:a9:6e:32:99:2a:17:db:db:c6:e4:c0:63:50:8e:bf:3f:9a:
a5:87:10:3f:8d:8d:76:06:b4:20:cb:e9:dd:ae:c8:9d:ce:8f:
93:16:56:05:b9:08:0f:fe:34:15:f6:9f:9b:27:ef:80:87:cc:
98:37:40:ec:08:38:fc:15:f6:f5:00:f2:46:60:4b:83:b4:50:
f8:bc:b7:e5:95:a1:e0:b9:b7:50:37:f8:6a:9b:f3:ca:05:9b:
0e:93:ef:84
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZU/viv7KZgHdXsBWkYUNBckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDMyOTA2NjEzOGJiNTU2NDU3MWZjM2MyOWVlOTUzZTVj
MWM3YTMwHhcNMjUwMjI2MDA1MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzg1OTgzZTQ4MWM4NmQ5NjNkNjE3NzQ0MzlhM2U3NThmYmFkYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXnyyBfDvgty5fhHx5TnG3Lp+NG7
96xZrScxPPhw6kxGxMyg4fAKjdrc2uoP7SXP0aDqwKiB/XI0PPGLjD42riPSKWzz
QGZU4kl8VwUDqqKlt/S5Tj3O2tgP+X68kiICbEt46YgL9/jks6JPJu0mFJAPNd7D
RurWTi3nJSYHfDJvHsU5iXHjAPiy7OCRztX2Oe9o5FLKvPX/RNxMh/PDhCQ625qZ
zUT1j0lY4f80IB/jvkNuSzzx4ljTQ++FmHe3nG8xFoXk6tQ9lLjqdpgIJAs1oj5P
nS+pvwIJQnVTT+SatWURRySj0SJiUIvCHHKpl6lCfzTIvA7b2EVOiLmwdQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNOFmD5IHIbZY9YXdEOaPnWPutrFMB8GA1UdIwQY
MBaAFFsDKQZhOLtVZFcfw8Ke6VPlwcejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3dNcEJtRTR1MVZrVnhfRHdwN3BVLVhCeDZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC83NzA5NmYtYmI4OS00MTFlLTkwZTAt
MzBjN2YzOWQ4ZTFjLzEvMDRXWVBrZ2NodGxqMWhkMFE1by1kWS02MnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC83NzA5NmYtYmI4OS00MTFlLTkwZTAtMzBjN2YzOWQ4ZTFj
LzEvV3dNcEJtRTR1MVZrVnhfRHdwN3BVLVhCeDZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqCndB
AwUDKgp3QDANBgkqhkiG9w0BAQsFAAOCAQEAYVtmULf6fcjKNqlos7PUETHxNYbx
Ft9SAGWxJoxQNprtW3tPy4MinYyNSoPCyLgfy0grv19kFxr89tUmGs4DKBzPyMlt
hWRfCmE8dMTNJOaBJhP/mGGWBjsd9mFtxv3gVrxxK9yvyszKWzpEAL3iOg9YrXGM
TWhmxVkXOUL9fs3J3vAZjI1+PBgnU3P9GQjCnmc/ekUuSWwjLsGc4w9IIHqmkqlu
MpkqF9vbxuTAY1COvz+apYcQP42Ndga0IMvp3a7Inc6PkxZWBbkID/40Ffafmyfv
gIfMmDdA7Ag4/BX29QDyRmBLg7RQ+Ly35ZWh4Lm3UDf4apvzygWbDpPvhA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:10:53 2025 by rpki-client