Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/RCzpYu2NXv9IhVJof3I0g4oUP6Y.roa
File: RCzpYu2NXv9IhVJof3I0g4oUP6Y.roa (raw, json)
Hash identifier: ZlYAjV5mwmp0CDH9cOOcXTeCf66IbQigcgB22yHMGgo=
Subject key identifier: 44:2C:E9:62:ED:8D:5E:FF:48:85:52:68:7F:72:34:83:8A:14:3F:A6
Certificate issuer: /CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Certificate serial: 019427482992CB558176B641DA4ABAB1458F
Authority key identifier: 56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/RCzpYu2NXv9IhVJof3I0g4oUP6Y.roa
Signing time: Thu 02 Jan 2025 13:50:28 +0000
ROA not before: Thu 02 Jan 2025 13:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48878
IP address blocks: 2a10:fa81:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:29:92:cb:55:81:76:b6:41:da:4a:ba:b1:45:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Validity
Not Before: Jan 2 13:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=442ce962ed8d5eff488552687f7234838a143fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:cf:d1:dc:6f:c8:e1:ff:58:ac:9e:5c:c8:6b:
cd:f7:40:27:f9:d0:f9:49:22:9d:4a:3a:3f:22:55:
29:69:75:ec:98:ce:ba:93:16:6e:c8:76:92:49:b7:
b7:5b:34:5e:22:45:ff:99:76:16:8d:21:af:2e:5a:
02:76:59:7f:6c:51:01:90:4d:e5:e9:6d:42:36:c0:
ce:67:81:ff:85:98:97:d5:da:7d:ca:ca:cd:e6:75:
5c:2d:72:1c:55:91:5d:0c:0b:c4:a4:0f:ff:31:bc:
62:84:b9:60:bd:0f:d1:50:ca:7e:c1:42:06:9e:9d:
2e:fa:60:92:18:d7:88:6b:ed:2e:25:be:09:a9:4a:
90:38:9b:44:c4:72:91:20:39:50:53:aa:18:72:b8:
84:26:3e:a2:64:be:2e:b0:80:2a:8b:37:51:66:b0:
0b:44:c7:1d:90:ea:5c:36:6c:f2:2f:f8:2b:db:d8:
6f:68:ab:aa:17:04:7c:6c:96:54:e8:41:a8:8c:63:
ab:b4:fb:fd:b6:4d:58:d6:f7:60:1a:1c:fc:74:fa:
2b:5d:d7:4d:06:b8:ab:ed:f9:4f:6b:44:94:aa:f2:
66:dc:8f:8c:a6:05:fd:09:32:38:1a:d0:61:36:4c:
ca:7f:8b:9c:76:07:13:52:18:e6:42:fd:99:a8:a0:
f8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:2C:E9:62:ED:8D:5E:FF:48:85:52:68:7F:72:34:83:8A:14:3F:A6
X509v3 Authority Key Identifier:
keyid:56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/RCzpYu2NXv9IhVJof3I0g4oUP6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:fa81:1::/48
Signature Algorithm: sha256WithRSAEncryption
88:0f:e4:23:09:96:79:35:85:5d:80:9d:14:83:81:a0:06:b1:
6a:f0:77:0d:fb:e5:ab:6c:8b:71:08:a7:cb:4b:c2:1b:88:ae:
a9:f2:70:2c:4b:45:e1:77:f0:65:49:e8:8b:dc:be:e0:7c:6e:
62:a2:f2:2a:4e:bc:9c:3a:a0:8e:e5:0a:59:25:54:dc:57:dd:
8e:81:3c:c6:a5:75:7d:7e:9c:c2:62:b9:29:e8:cc:60:0e:9b:
50:5a:7a:79:d6:c2:6a:80:de:a9:66:5c:51:fb:6b:e6:3d:dc:
12:c1:00:a0:96:a9:4c:0e:57:26:15:64:21:7d:d9:83:bc:a5:
7a:01:31:81:1a:18:c9:6c:3d:23:ee:33:05:4d:65:1b:ea:40:
7c:f3:57:5d:c4:7b:48:94:ba:10:8c:d3:05:7e:ba:24:5b:27:
ac:31:58:46:25:ae:75:99:9c:52:b7:59:8b:03:2d:cb:0f:f3:
43:bf:94:ef:9f:ca:72:c2:46:d3:31:f9:45:b0:0d:cf:77:de:
a4:40:3a:50:ed:c3:49:30:d5:00:3e:71:98:32:8c:7c:20:97:
63:8d:cc:0d:79:da:d6:85:e8:45:df:a0:c6:ca:e6:f6:df:7f:
9d:e1:39:86:08:cc:8d:f4:a0:1d:cb:44:53:09:53:08:70:f4:
33:a0:5b:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnSCmSy1WBdrZB2kq6sUWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTliMGJhODQwN2JlMTFjZmM5MTFiZDMxZWQxNDBjZDFj
NjA0NmMwHhcNMjUwMTAyMTM1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDJjZTk2MmVkOGQ1ZWZmNDg4NTUyNjg3ZjcyMzQ4MzhhMTQzZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9s/R3G/I4f9YrJ5cyGvN90An+dD5
SSKdSjo/IlUpaXXsmM66kxZuyHaSSbe3WzReIkX/mXYWjSGvLloCdll/bFEBkE3l
6W1CNsDOZ4H/hZiX1dp9ysrN5nVcLXIcVZFdDAvEpA//MbxihLlgvQ/RUMp+wUIG
np0u+mCSGNeIa+0uJb4JqUqQOJtExHKRIDlQU6oYcriEJj6iZL4usIAqizdRZrAL
RMcdkOpcNmzyL/gr29hvaKuqFwR8bJZU6EGojGOrtPv9tk1Y1vdgGhz8dPorXddN
Brir7flPa0SUqvJm3I+MpgX9CTI4GtBhNkzKf4ucdgcTUhjmQv2ZqKD4FwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEQs6WLtjV7/SIVSaH9yNIOKFD+mMB8GA1UdIwQY
MBaAFFZZsLqEB74Rz8kRvTHtFAzRxgRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEt
MjM5NGM2NjAwMDIyLzEvUkN6cFl1Mk5YdjlJaFZKb2YzSTBnNG9VUDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEtMjM5NGM2NjAwMDIy
LzEvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhD6gQAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCID+QjCZZ5NYVdgJ0Ug4GgBrFq8HcN++WrbItx
CKfLS8IbiK6p8nAsS0Xhd/BlSeiL3L7gfG5iovIqTrycOqCO5QpZJVTcV92OgTzG
pXV9fpzCYrkp6MxgDptQWnp51sJqgN6pZlxR+2vmPdwSwQCglqlMDlcmFWQhfdmD
vKV6ATGBGhjJbD0j7jMFTWUb6kB881ddxHtIlLoQjNMFfrokWyesMVhGJa51mZxS
t1mLAy3LD/NDv5Tvn8pywkbTMflFsA3Pd96kQDpQ7cNJMNUAPnGYMox8IJdjjcwN
edrWhehF36DGyub233+d4TmGCMyN9KAdy0RTCVMIcPQzoFsX
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:15:06 2025 by rpki-client