Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/rOCrrjaWzqaeh5UoZU0eiYBArxM.roa
File: rOCrrjaWzqaeh5UoZU0eiYBArxM.roa (raw, json)
Hash identifier: 2vAuU1yxBlR9ZU9D1ADHnb95gjt0C7DSErNWYGjxYCU=
Subject key identifier: AC:E0:AB:AE:36:96:CE:A6:9E:87:95:28:65:4D:1E:89:80:40:AF:13
Certificate issuer: /CN=619b9872dcc492fc9707f9ec7c16112f45b8535f
Certificate serial: 018CC802A62A0544983884764B3B4F9EE74E
Authority key identifier: 61:9B:98:72:DC:C4:92:FC:97:07:F9:EC:7C:16:11:2F:45:B8:53:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YZuYctzEkvyXB_nsfBYRL0W4U18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/rOCrrjaWzqaeh5UoZU0eiYBArxM.roa
Signing time: Tue 02 Jan 2024 02:31:05 +0000
ROA not before: Tue 02 Jan 2024 02:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45010
IP address blocks: 62.220.224.0/22 maxlen: 22
93.90.48.0/20 maxlen: 20
2a01:b5a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:a6:2a:05:44:98:38:84:76:4b:3b:4f:9e:e7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=619b9872dcc492fc9707f9ec7c16112f45b8535f
Validity
Not Before: Jan 2 02:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ace0abae3696cea69e879528654d1e898040af13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:86:53:16:fa:41:67:f3:4d:4a:60:fb:e9:7c:
cf:08:b2:2b:6c:6a:08:22:4b:3a:24:97:80:ab:b7:
b7:6d:b9:cc:35:60:a4:3a:5a:cd:f9:02:da:ec:3d:
6d:59:43:a7:f6:cc:d4:b0:d6:fc:5b:3d:d9:33:46:
ea:9d:7b:45:94:e9:06:1e:c3:17:71:f7:3d:7b:cb:
40:57:de:b7:39:f0:59:92:4f:44:8b:13:d7:15:60:
82:43:06:b6:7a:ac:e0:62:e6:3a:02:86:58:4a:15:
2e:f0:d1:d6:1f:fe:d3:57:5f:ac:2f:94:ad:fc:dc:
8a:aa:fa:3c:fa:f0:45:84:d6:97:dd:6c:af:85:69:
2b:cb:ae:1a:6b:07:cf:42:8b:e3:cc:51:8e:23:40:
73:77:ff:9a:ee:55:67:8a:a6:6a:b2:8a:27:19:c6:
ba:8c:9a:ff:54:a8:c2:6d:dc:b5:7d:34:4f:cc:eb:
88:2d:7a:3c:ed:c3:f3:59:47:cd:69:ff:26:b6:0d:
82:8d:ca:0b:f6:07:01:68:08:5e:90:bf:0f:72:ca:
c6:1e:35:e8:2c:8b:0a:0a:2a:be:62:ff:c8:ab:c5:
9d:fd:a6:09:59:7e:a6:09:91:6a:22:a4:20:89:5a:
cc:bc:9f:f8:e9:4a:e0:ef:d2:5f:37:6c:a0:40:1b:
a6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E0:AB:AE:36:96:CE:A6:9E:87:95:28:65:4D:1E:89:80:40:AF:13
X509v3 Authority Key Identifier:
keyid:61:9B:98:72:DC:C4:92:FC:97:07:F9:EC:7C:16:11:2F:45:B8:53:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YZuYctzEkvyXB_nsfBYRL0W4U18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/rOCrrjaWzqaeh5UoZU0eiYBArxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c0ec5b-fce5-49fa-80b5-5561c5a62d4c/1/YZuYctzEkvyXB_nsfBYRL0W4U18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.224.0/22
93.90.48.0/20
IPv6:
2a01:b5a0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:49:3f:f2:d7:d9:b2:df:b1:1d:da:67:2e:9c:b5:db:23:77:
f6:f4:b6:6c:02:84:d5:3d:9d:fe:7f:a0:1d:a4:80:d4:61:11:
4e:e9:6f:65:ae:90:85:c5:ed:fc:c3:79:20:97:e1:64:0d:d9:
1c:36:6c:16:f9:d1:ca:a3:c1:f7:5c:d3:d0:20:8c:3e:23:14:
26:5a:d6:8f:00:19:d2:cb:bb:46:61:47:90:81:0f:3d:12:20:
58:8f:50:1d:74:d5:30:3d:6d:17:62:47:35:61:9a:c3:b8:bb:
17:1c:98:d1:67:10:d4:c8:d1:68:1d:f6:29:c9:cd:b9:6d:0b:
c7:6c:49:90:3e:80:b8:f7:f8:17:77:31:8a:1a:ca:bb:41:6e:
23:f7:84:84:6a:f9:b3:ec:7e:0c:a1:5e:40:43:0b:c6:09:d8:
9c:69:4c:c0:bc:00:0e:fd:09:b3:6b:13:0a:3d:e4:fb:e6:43:
dc:98:32:38:30:6d:ed:71:9e:66:37:ee:c3:85:39:ae:b4:d5:
a7:3a:bf:54:17:69:b3:77:c1:72:b8:e3:8b:af:7a:86:c9:94:
57:5f:94:fd:fe:cc:3b:b1:c9:1f:bc:2c:6e:17:4b:62:8d:cd:
1b:91:e3:5b:da:21:e9:4b:91:ca:bb:3b:c8:9a:63:9b:27:98:
99:1e:78:f0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAqYqBUSYOIR2SztPnudOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOWI5ODcyZGNjNDkyZmM5NzA3ZjllYzdjMTYxMTJmNDVi
ODUzNWYwHhcNMjQwMTAyMDIzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2UwYWJhZTM2OTZjZWE2OWU4Nzk1Mjg2NTRkMWU4OTgwNDBhZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYZTFvpBZ/NNSmD76XzPCLIrbGoI
Iks6JJeAq7e3bbnMNWCkOlrN+QLa7D1tWUOn9szUsNb8Wz3ZM0bqnXtFlOkGHsMX
cfc9e8tAV963OfBZkk9EixPXFWCCQwa2eqzgYuY6AoZYShUu8NHWH/7TV1+sL5St
/NyKqvo8+vBFhNaX3WyvhWkry64aawfPQovjzFGOI0Bzd/+a7lVniqZqsoonGca6
jJr/VKjCbdy1fTRPzOuILXo87cPzWUfNaf8mtg2CjcoL9gcBaAhekL8PcsrGHjXo
LIsKCiq+Yv/Iq8Wd/aYJWX6mCZFqIqQgiVrMvJ/46Urg79JfN2ygQBumsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKzgq642ls6mnoeVKGVNHomAQK8TMB8GA1UdIwQY
MBaAFGGbmHLcxJL8lwf57HwWES9FuFNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVp1WWN0ekVrdnlYQl9uc2ZCWVJMMFc0VTE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jMGVjNWItZmNlNS00OWZhLTgwYjUt
NTU2MWM1YTYyZDRjLzEvck9DcnJqYVd6cWFlaDVVb1pVMGVpWUJBcnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jMGVjNWItZmNlNS00OWZhLTgwYjUtNTU2MWM1YTYyZDRj
LzEvWVp1WWN0ekVrdnlYQl9uc2ZCWVJMMFc0VTE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCPtzgAwQE
XVowMA0EAgACMAcDBQAqAbWgMA0GCSqGSIb3DQEBCwUAA4IBAQCqST/y19my37Ed
2mcunLXbI3f29LZsAoTVPZ3+f6AdpIDUYRFO6W9lrpCFxe38w3kgl+FkDdkcNmwW
+dHKo8H3XNPQIIw+IxQmWtaPABnSy7tGYUeQgQ89EiBYj1AddNUwPW0XYkc1YZrD
uLsXHJjRZxDUyNFoHfYpyc25bQvHbEmQPoC49/gXdzGKGsq7QW4j94SEavmz7H4M
oV5AQwvGCdicaUzAvAAO/QmzaxMKPeT75kPcmDI4MG3tcZ5mN+7DhTmutNWnOr9U
F2mzd8FyuOOLr3qGyZRXX5T9/sw7sckfvCxuF0tijc0bkeNb2iHpS5HKuzvImmOb
J5iZHnjw
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:13 2025 by rpki-client