Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/5ZcLxiewB6SlgnkXrkL_qV-6c70.roa
File: 5ZcLxiewB6SlgnkXrkL_qV-6c70.roa (raw, json)
Hash identifier: GbaGUbv69G2XGzJlZWZreb/2hT1CRKa032XRQqRiLc0=
Subject key identifier: E5:97:0B:C6:27:B0:07:A4:A5:82:79:17:AE:42:FF:A9:5F:BA:73:BD
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 019427B65CED2E639393A54D1A5D0DCD3265
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/5ZcLxiewB6SlgnkXrkL_qV-6c70.roa
Signing time: Thu 02 Jan 2025 15:50:50 +0000
ROA not before: Thu 02 Jan 2025 15:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47152
IP address blocks: 2a10:ba87:fed0::/44 maxlen: 44
2a10:ba87:fef0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:5c:ed:2e:63:93:93:a5:4d:1a:5d:0d:cd:32:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 2 15:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5970bc627b007a4a5827917ae42ffa95fba73bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b4:13:7c:29:de:ca:a2:6b:06:12:36:e3:cd:
2f:2a:21:2c:45:1a:37:fd:0c:6f:e3:a7:03:7a:2b:
49:58:f3:88:20:f3:ce:93:7f:dc:17:02:62:5e:d0:
e5:ff:ee:0e:5d:b6:00:a5:9d:f7:0a:81:b1:63:02:
eb:3d:bc:d7:62:9e:33:1d:19:68:7c:dd:3e:a5:6f:
df:18:52:38:68:f7:e1:1b:b2:6f:4b:9a:c0:5d:bc:
71:3b:61:5f:bd:39:b7:46:21:a2:64:c9:49:33:6b:
cc:09:28:b4:9d:d2:5d:b0:0a:f1:4b:be:13:bd:84:
3a:14:62:30:fd:0a:db:cb:a0:e1:4d:cd:b8:ab:0c:
ed:b6:57:4a:aa:ad:97:d4:91:c3:04:d7:66:a6:66:
4c:cc:33:d3:1a:18:0e:58:3e:48:28:40:e7:a7:97:
ba:ce:85:78:ba:f8:39:0e:4e:96:e6:2b:50:1b:c9:
d7:60:b1:6b:56:30:b6:c6:bf:49:9f:5a:c1:b7:dd:
d3:06:65:22:9c:07:9c:68:f1:8d:36:8f:c9:08:03:
1f:01:e9:32:17:78:15:13:71:ec:c6:de:0b:d1:96:
0e:63:f7:33:fa:e4:e4:5a:da:43:4d:7e:48:27:89:
a8:33:cb:80:2f:2f:8c:06:88:b3:ba:86:3c:3b:4f:
5b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:97:0B:C6:27:B0:07:A4:A5:82:79:17:AE:42:FF:A9:5F:BA:73:BD
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/5ZcLxiewB6SlgnkXrkL_qV-6c70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ba87:fed0::/44
2a10:ba87:fef0::/44
Signature Algorithm: sha256WithRSAEncryption
b5:c6:dd:0e:a8:97:fc:5a:b3:b3:ed:3d:b9:55:2b:69:d7:e6:
fd:46:dc:23:c0:ad:84:d2:ef:f7:7c:f6:4a:fb:db:f5:61:72:
cf:ff:de:b9:85:47:ab:4c:ef:a6:e1:6e:f3:dc:cb:dc:8c:e5:
b6:89:cf:81:17:c7:c1:56:a7:ce:ff:27:67:a7:b1:69:1b:a0:
c8:10:b6:24:48:26:19:18:ac:38:2a:09:17:90:64:a5:30:82:
63:39:a2:e1:35:e5:42:df:ac:61:02:3e:ad:38:b4:af:77:94:
08:eb:10:56:fd:5a:4f:2b:a6:6d:a0:ff:d3:34:62:b9:78:6b:
7b:22:be:59:9a:a7:71:a3:d9:0a:e6:9b:1b:b4:98:94:ce:39:
10:cc:86:1f:36:05:ab:e4:68:6a:73:22:c8:dd:62:e6:4b:8f:
8a:cf:4a:91:27:b3:01:6c:b6:7f:a2:f3:e1:63:e5:ba:ef:58:
90:33:8d:51:af:92:ed:d5:f0:65:2d:d8:1a:f8:ea:1c:5e:01:
c0:8f:dd:13:cc:2d:f8:68:64:8f:97:1e:85:9a:eb:e1:5a:ec:
85:7d:e5:fb:0a:5f:e1:40:93:b7:95:4e:87:96:04:ec:6b:06:
1f:fa:28:36:33:47:7a:65:18:9e:65:2c:8c:c5:8a:2a:99:d4:
48:c7:12:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntlztLmOTk6VNGl0NzTJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjUwMTAyMTU1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk3MGJjNjI3YjAwN2E0YTU4Mjc5MTdhZTQyZmZhOTVmYmE3M2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrQTfCneyqJrBhI2480vKiEsRRo3
/Qxv46cDeitJWPOIIPPOk3/cFwJiXtDl/+4OXbYApZ33CoGxYwLrPbzXYp4zHRlo
fN0+pW/fGFI4aPfhG7JvS5rAXbxxO2FfvTm3RiGiZMlJM2vMCSi0ndJdsArxS74T
vYQ6FGIw/Qrby6DhTc24qwzttldKqq2X1JHDBNdmpmZMzDPTGhgOWD5IKEDnp5e6
zoV4uvg5Dk6W5itQG8nXYLFrVjC2xr9Jn1rBt93TBmUinAecaPGNNo/JCAMfAeky
F3gVE3Hsxt4L0ZYOY/cz+uTkWtpDTX5IJ4moM8uALy+MBoizuoY8O09bawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOWXC8YnsAekpYJ5F65C/6lfunO9MB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvNVpjTHhpZXdCNlNsZ25rWHJrTF9xVi02YzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhC6h/7Q
AwcEKhC6h/7wMA0GCSqGSIb3DQEBCwUAA4IBAQC1xt0OqJf8WrOz7T25VStp1+b9
RtwjwK2E0u/3fPZK+9v1YXLP/965hUerTO+m4W7z3MvcjOW2ic+BF8fBVqfO/ydn
p7FpG6DIELYkSCYZGKw4KgkXkGSlMIJjOaLhNeVC36xhAj6tOLSvd5QI6xBW/VpP
K6ZtoP/TNGK5eGt7Ir5Zmqdxo9kK5psbtJiUzjkQzIYfNgWr5GhqcyLI3WLmS4+K
z0qRJ7MBbLZ/ovPhY+W671iQM41Rr5Lt1fBlLdga+OocXgHAj90TzC34aGSPlx6F
muvhWuyFfeX7Cl/hQJO3lU6HlgTsawYf+ig2M0d6ZRieZSyMxYoqmdRIxxID
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:38:44 2025 by rpki-client