Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/5WM_zAMHpqFWYVzE6IZZi6hpdnY.roa
File: 5WM_zAMHpqFWYVzE6IZZi6hpdnY.roa (raw, json)
Hash identifier: /uh58nVe20e1KyQ1vsMKFZb5lxZnKC2kKaUik0+Y3GI=
Subject key identifier: E5:63:3F:CC:03:07:A6:A1:56:61:5C:C4:E8:86:59:8B:A8:69:76:76
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019424B264A433453C94FE14C86C692BB33D
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/5WM_zAMHpqFWYVzE6IZZi6hpdnY.roa
Signing time: Thu 02 Jan 2025 01:47:38 +0000
ROA not before: Thu 02 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52423
IP address blocks: 2a11:840:29::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:64:a4:33:45:3c:94:fe:14:c8:6c:69:2b:b3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5633fcc0307a6a156615cc4e886598ba8697676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0f:a1:7c:d3:61:14:2a:98:fe:09:3d:ef:9c:
e3:0f:12:a3:65:88:80:e7:9d:3f:bd:26:72:82:7d:
b0:86:45:d1:e7:f5:34:4c:6a:e0:b7:de:f0:16:f2:
3f:39:b7:af:79:13:8f:cf:40:ee:79:6a:d6:9f:08:
42:84:af:33:0f:60:97:49:29:97:b1:dd:b2:19:6a:
07:70:d1:3b:b8:b6:cc:40:5c:a2:97:30:73:c5:01:
12:ff:f3:03:43:b7:b5:ff:2b:19:b7:af:c3:4f:05:
3f:13:99:6d:d8:0b:fb:49:ba:04:f9:a1:26:13:a9:
93:6d:88:01:d7:28:45:98:e0:6b:c0:7d:e3:07:6d:
c5:09:75:fc:11:f2:cd:b0:45:2b:29:26:f0:ff:12:
97:93:01:7c:57:7b:7c:a1:ad:9d:04:e5:cc:fd:f0:
81:39:f8:3c:fc:62:df:fa:1e:de:6a:b8:93:2c:d6:
41:a0:df:09:e9:7f:f6:2a:29:eb:65:35:bb:ef:4a:
4c:3f:20:8c:ed:43:e6:d5:4e:58:9b:d9:8b:a1:6c:
8b:8c:45:7a:da:be:a5:80:76:24:d3:47:c1:3e:01:
f7:fa:48:e9:8d:41:13:ca:a3:92:66:ae:50:33:47:
c0:f7:cf:9a:82:4a:3c:3e:4f:5a:7e:bf:7c:30:26:
2f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:63:3F:CC:03:07:A6:A1:56:61:5C:C4:E8:86:59:8B:A8:69:76:76
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/5WM_zAMHpqFWYVzE6IZZi6hpdnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:29::/48
Signature Algorithm: sha256WithRSAEncryption
34:f9:53:1c:58:dd:ed:2a:41:58:7d:fe:1f:1c:31:8f:0d:40:
90:01:0b:a5:de:12:98:6c:35:15:d9:76:bd:87:99:05:2d:6a:
71:54:48:fb:f0:1a:0f:64:2b:d2:b1:35:c0:49:57:d2:4b:43:
51:d5:6d:68:36:b9:39:4a:b3:7b:10:9e:42:a0:45:30:67:1b:
15:0a:16:e5:5d:9f:49:39:50:89:4b:64:f8:d0:77:c6:c7:b5:
09:29:96:ee:3c:f5:14:30:37:ed:b1:f9:9e:4c:29:41:13:84:
76:cf:25:b9:f4:31:b0:ec:75:30:84:5e:11:ab:4e:cc:f1:5d:
fa:95:a6:75:6e:00:73:63:f6:aa:a5:13:84:d6:8d:91:7e:3e:
4b:50:36:5a:d8:3a:26:58:e7:d8:c1:22:97:60:32:8f:c6:81:
3d:08:98:9b:de:db:d8:a0:18:e8:6f:9b:04:98:bd:8c:6f:28:
b2:75:30:c0:b8:03:aa:33:08:27:ca:ea:8c:a4:ff:cd:88:55:
c5:f4:66:16:f7:cb:bb:8c:ff:ca:78:0e:e0:35:e3:28:2f:3f:
0c:21:41:e3:61:df:ef:87:64:7d:e7:85:56:35:98:40:0f:e2:
6c:6e:94:e1:61:f0:e6:68:d9:cd:2d:95:38:7a:a4:19:10:83:
0e:b5:4a:f1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQksmSkM0U8lP4UyGxpK7M9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwMTAyMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTYzM2ZjYzAzMDdhNmExNTY2MTVjYzRlODg2NTk4YmE4Njk3Njc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA+hfNNhFCqY/gk975zjDxKjZYiA
550/vSZygn2whkXR5/U0TGrgt97wFvI/ObeveROPz0DueWrWnwhChK8zD2CXSSmX
sd2yGWoHcNE7uLbMQFyilzBzxQES//MDQ7e1/ysZt6/DTwU/E5lt2Av7SboE+aEm
E6mTbYgB1yhFmOBrwH3jB23FCXX8EfLNsEUrKSbw/xKXkwF8V3t8oa2dBOXM/fCB
Ofg8/GLf+h7eariTLNZBoN8J6X/2KinrZTW770pMPyCM7UPm1U5Ym9mLoWyLjEV6
2r6lgHYk00fBPgH3+kjpjUETyqOSZq5QM0fA98+agko8Pk9afr98MCYvRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOVjP8wDB6ahVmFcxOiGWYuoaXZ2MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvNVdNX3pBTUhwcUZXWVZ6RTZJWlppNmhwZG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAp
MA0GCSqGSIb3DQEBCwUAA4IBAQA0+VMcWN3tKkFYff4fHDGPDUCQAQul3hKYbDUV
2Xa9h5kFLWpxVEj78BoPZCvSsTXASVfSS0NR1W1oNrk5SrN7EJ5CoEUwZxsVChbl
XZ9JOVCJS2T40HfGx7UJKZbuPPUUMDftsfmeTClBE4R2zyW59DGw7HUwhF4Rq07M
8V36laZ1bgBzY/aqpROE1o2Rfj5LUDZa2DomWOfYwSKXYDKPxoE9CJib3tvYoBjo
b5sEmL2MbyiydTDAuAOqMwgnyuqMpP/NiFXF9GYW98u7jP/KeA7gNeMoLz8MIUHj
Yd/vh2R954VWNZhAD+JsbpThYfDmaNnNLZU4eqQZEIMOtUrx
-----END CERTIFICATE-----
Generated at Wed Apr 9 23:26:29 2025 by rpki-client