Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/1-sXlT3E8V0jDUCM-Ybkr4a6wLlo.roa
File: 1-sXlT3E8V0jDUCM-Ybkr4a6wLlo.roa (raw, json)
Hash identifier: CvuY/DdFSGhFi/vthGK/0x8yOd1SW50ze7RG7bTscdY=
Subject key identifier: FA:C5:E5:4F:71:3C:57:48:C3:50:23:3E:61:B9:2B:E1:AE:B0:2E:5A
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F810A2FF03C0F47B90ECB8BB2FEDA
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/1-sXlT3E8V0jDUCM-Ybkr4a6wLlo.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213876
IP address blocks: 2a01:e901:100::/48 maxlen: 48
2a01:e901:110::/48 maxlen: 48
2a01:e901:120::/48 maxlen: 48
2a01:e901:130::/48 maxlen: 48
2a01:e901:140::/48 maxlen: 48
2a01:e901:150::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:81:0a:2f:f0:3c:0f:47:b9:0e:cb:8b:b2:fe:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fac5e54f713c5748c350233e61b92be1aeb02e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:b7:7a:5c:f7:e3:4a:ba:e0:57:5f:ea:bf:
73:e9:f0:ea:ab:88:df:db:7d:c6:83:b3:c2:4c:ab:
7f:88:f6:88:7e:c9:ce:e9:18:79:4a:14:fd:c3:05:
ea:9f:06:ee:34:04:5c:64:3d:2f:e5:fa:26:c0:00:
7b:6a:85:1c:cb:b0:88:0e:85:2f:db:f6:4a:97:ff:
f4:1e:1b:f4:77:52:fb:f4:37:83:f4:9d:43:d8:24:
da:cb:dc:d5:cb:7e:da:9b:f6:e6:16:91:79:1b:c1:
22:3c:7d:a1:09:16:e9:7b:f7:bb:a1:bc:71:f9:4d:
de:70:61:1c:66:28:ad:a5:c6:54:e4:1d:ba:16:79:
81:62:a0:de:2d:30:30:97:b0:6e:22:48:58:ce:93:
8d:64:a9:88:c1:f9:6f:ee:45:af:76:16:b0:63:b7:
c8:f4:a0:a8:1b:5a:b3:54:ca:e3:ac:5f:a4:ee:2a:
43:2f:57:2f:b7:14:b7:1d:70:e1:03:98:a6:6d:b3:
2a:90:ca:52:db:d0:41:2c:06:06:84:2e:e5:74:4b:
45:c9:be:f4:55:b7:d7:20:c3:be:53:ba:a5:90:76:
7a:e4:3f:36:03:77:92:e0:71:11:e4:6e:f0:22:7e:
fa:ec:5e:62:74:ba:70:c0:4b:1e:a3:10:30:61:f5:
12:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C5:E5:4F:71:3C:57:48:C3:50:23:3E:61:B9:2B:E1:AE:B0:2E:5A
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/1-sXlT3E8V0jDUCM-Ybkr4a6wLlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:100::/48
2a01:e901:110::/48
2a01:e901:120::/48
2a01:e901:130::/48
2a01:e901:140::/48
2a01:e901:150::/48
Signature Algorithm: sha256WithRSAEncryption
45:9f:ba:d5:bb:59:32:55:04:67:4d:0c:52:f8:3a:70:6d:29:
db:62:c2:5f:2f:ed:45:08:4d:9f:9f:e9:01:6a:82:0b:00:0c:
03:4c:6f:74:d8:46:7c:44:71:9a:06:4b:c9:0e:78:b7:90:3f:
17:f4:50:56:45:cd:92:30:bb:0d:88:07:97:dd:f4:16:db:42:
a9:8e:b4:bf:4d:78:5e:02:09:44:02:ed:47:3b:4d:02:e5:20:
e8:c6:1a:54:87:e7:17:43:ac:ea:f6:ac:de:2f:8b:ca:d6:94:
7f:c1:e8:3d:38:af:92:34:6d:46:f8:ba:d6:7e:c1:b8:2a:6f:
06:ed:d8:92:4f:02:1b:50:89:41:6e:ed:ed:89:73:cd:e4:bc:
0b:18:53:92:47:66:3e:0a:14:dd:61:4b:44:f0:50:34:1f:c5:
77:ce:a2:c6:b7:52:16:d5:1d:d6:b0:2b:00:d2:12:e4:ea:08:
cf:88:92:49:ee:6e:04:bf:57:0d:a2:1f:64:a5:53:b0:06:92:
e6:79:2b:13:46:80:6a:17:f0:a3:c1:45:05:e8:ed:7e:6b:a0:
25:31:85:19:45:5c:b0:34:6f:aa:04:8d:18:74:d7:5c:e2:ab:
33:ee:01:8a:a8:b3:02:1e:28:e1:5e:4e:7a:7e:8a:e9:0b:2f:
74:bb:c0:c1
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZQiH4EKL/A8D0e5DsuLsv7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWM1ZTU0ZjcxM2M1NzQ4YzM1MDIzM2U2MWI5MmJlMWFlYjAyZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVu3elz340q64Fdf6r9z6fDqq4jf
233Gg7PCTKt/iPaIfsnO6Rh5ShT9wwXqnwbuNARcZD0v5fomwAB7aoUcy7CIDoUv
2/ZKl//0Hhv0d1L79DeD9J1D2CTay9zVy37am/bmFpF5G8EiPH2hCRbpe/e7obxx
+U3ecGEcZiitpcZU5B26FnmBYqDeLTAwl7BuIkhYzpONZKmIwflv7kWvdhawY7fI
9KCoG1qzVMrjrF+k7ipDL1cvtxS3HXDhA5imbbMqkMpS29BBLAYGhC7ldEtFyb70
VbfXIMO+U7qlkHZ65D82A3eS4HER5G7wIn767F5idLpwwEseoxAwYfUSQQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPrF5U9xPFdIw1AjPmG5K+GusC5aMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvMS1zWGxUM0U4VjBqRFVDTS1ZYmtyNGE2d0xsby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvNDgxNjM3LTZjMWMtNDVlOC04ZmJkLTQ0ZjhlZDVkNjFk
Ny8xL0tXaTA0Ty1CQnZEaEtyamxBZEtxVGphM2c4SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAIwNgMHACoB6QEB
AAMHACoB6QEBEAMHACoB6QEBIAMHACoB6QEBMAMHACoB6QEBQAMHACoB6QEBUDAN
BgkqhkiG9w0BAQsFAAOCAQEARZ+61btZMlUEZ00MUvg6cG0p22LCXy/tRQhNn5/p
AWqCCwAMA0xvdNhGfERxmgZLyQ54t5A/F/RQVkXNkjC7DYgHl930FttCqY60v014
XgIJRALtRztNAuUg6MYaVIfnF0Os6vas3i+LytaUf8HoPTivkjRtRvi61n7BuCpv
Bu3Ykk8CG1CJQW7t7YlzzeS8CxhTkkdmPgoU3WFLRPBQNB/Fd86ixrdSFtUd1rAr
ANIS5OoIz4iSSe5uBL9XDaIfZKVTsAaS5nkrE0aAahfwo8FFBejtfmugJTGFGUVc
sDRvqgSNGHTXXOKrM+4BiqizAh4o4V5Oen6K6QsvdLvAwQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:48 2025 by rpki-client