Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/FA2h5OHRpegZzdAFMMwkYVBg-BM.roa
File: FA2h5OHRpegZzdAFMMwkYVBg-BM.roa (raw, json)
Hash identifier: 9GzazJbnHKp6+I1Ph8x2q38kHV8Nlnih0rihfAr5aBo=
Subject key identifier: 14:0D:A1:E4:E1:D1:A5:E8:19:CD:D0:05:30:CC:24:61:50:60:F8:13
Certificate issuer: /CN=62927b36b138f086358938e3acfda4638e56a792
Certificate serial: 019425FDD4D4661A22F6ED19AF55DC13F408
Authority key identifier: 62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/FA2h5OHRpegZzdAFMMwkYVBg-BM.roa
Signing time: Thu 02 Jan 2025 07:49:39 +0000
ROA not before: Thu 02 Jan 2025 07:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a10:20c7:ff00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d4:d4:66:1a:22:f6:ed:19:af:55:dc:13:f4:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62927b36b138f086358938e3acfda4638e56a792
Validity
Not Before: Jan 2 07:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=140da1e4e1d1a5e819cdd00530cc24615060f813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c3:e7:c4:14:52:7c:02:28:93:f5:bf:5f:00:
51:a8:85:b3:f7:5f:0a:fd:c5:fd:2f:a5:72:27:61:
24:88:9f:65:99:08:ea:34:c6:96:2b:ae:09:bc:8a:
60:fa:df:d5:08:e4:29:eb:88:89:45:7f:b5:7c:69:
6d:a2:78:51:33:c9:1d:b9:32:8b:ff:8e:5c:a2:67:
0b:0b:41:1a:bf:4b:c5:a1:81:58:27:92:0e:95:df:
aa:54:cd:70:c4:d6:19:7c:cf:d2:54:6a:d0:4f:80:
46:c8:b2:22:a7:22:53:25:ca:21:5b:d2:8e:b7:97:
4f:fd:d4:1e:10:89:23:58:28:6d:99:77:b7:3b:76:
68:60:88:0f:0d:ca:d9:5b:09:50:18:7d:44:20:85:
a4:d0:6f:87:ee:88:2a:d1:cd:eb:79:70:25:be:b2:
f4:f9:74:92:ef:be:9e:35:ae:a9:5e:68:80:1b:e5:
10:b5:b4:c4:9f:b7:03:da:9b:39:c1:ef:cd:a6:5b:
3e:cc:c8:d8:18:2d:6e:dd:f9:ca:af:d3:18:8c:10:
8a:f6:59:a6:0d:49:3c:8a:d5:9c:23:65:79:37:f7:
88:8e:b7:d0:71:59:09:cf:6e:7b:24:a9:53:df:45:
1f:02:34:fe:b9:00:47:3b:58:89:0f:7b:a3:74:b2:
1b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:0D:A1:E4:E1:D1:A5:E8:19:CD:D0:05:30:CC:24:61:50:60:F8:13
X509v3 Authority Key Identifier:
keyid:62:92:7B:36:B1:38:F0:86:35:89:38:E3:AC:FD:A4:63:8E:56:A7:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YpJ7NrE48IY1iTjjrP2kY45Wp5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/FA2h5OHRpegZzdAFMMwkYVBg-BM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8d241f-71ea-4a1b-96ea-a99c7ee5c284/1/YpJ7NrE48IY1iTjjrP2kY45Wp5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:20c7:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
42:02:05:f5:22:59:b6:bb:9c:38:c4:19:58:b5:96:3a:47:6f:
18:fc:d8:ce:28:14:9f:1c:a9:7a:b9:b8:6f:56:4a:08:1f:d1:
b8:d2:6b:57:cc:ff:7c:de:b6:93:63:76:64:7e:3d:9b:f4:03:
fc:19:67:40:32:b9:c0:8e:bf:18:61:71:43:99:94:54:8a:b4:
72:22:08:54:a1:44:15:5b:71:cf:e0:4c:be:20:9b:44:c4:5f:
84:16:97:58:da:22:ea:f2:8b:98:46:6a:d5:dc:ae:3c:02:ba:
fe:06:3e:2c:03:96:39:08:97:6c:cc:27:cb:12:7b:cb:60:85:
5b:5b:26:f0:81:cb:50:78:af:69:df:f0:b0:b4:b8:ca:1d:df:
64:16:5c:b7:12:7b:8f:47:08:22:02:7b:16:68:bf:fb:82:60:
ab:df:87:36:6e:76:36:ae:26:4f:dc:48:2e:fc:fe:d5:d9:04:
33:85:c5:72:3c:2d:ab:63:06:db:e4:b8:84:e9:21:c4:46:22:
1d:f1:15:12:a6:44:92:ab:9e:61:c9:e1:74:8f:eb:fc:eb:d8:
7f:df:2e:5c:84:af:be:11:bf:8a:63:78:35:b4:46:fc:10:63:
bd:ca:74:5d:78:f3:e9:12:c6:a4:5a:de:3b:c8:78:0f:89:be:
38:10:dd:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQl/dTUZhoi9u0Zr1XcE/QIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOTI3YjM2YjEzOGYwODYzNTg5MzhlM2FjZmRhNDYzOGU1
NmE3OTIwHhcNMjUwMTAyMDc0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDBkYTFlNGUxZDFhNWU4MTljZGQwMDUzMGNjMjQ2MTUwNjBmODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sPnxBRSfAIok/W/XwBRqIWz918K
/cX9L6VyJ2EkiJ9lmQjqNMaWK64JvIpg+t/VCOQp64iJRX+1fGltonhRM8kduTKL
/45comcLC0Eav0vFoYFYJ5IOld+qVM1wxNYZfM/SVGrQT4BGyLIipyJTJcohW9KO
t5dP/dQeEIkjWChtmXe3O3ZoYIgPDcrZWwlQGH1EIIWk0G+H7ogq0c3reXAlvrL0
+XSS776eNa6pXmiAG+UQtbTEn7cD2ps5we/Npls+zMjYGC1u3fnKr9MYjBCK9lmm
DUk8itWcI2V5N/eIjrfQcVkJz257JKlT30UfAjT+uQBHO1iJD3ujdLIbEwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBQNoeTh0aXoGc3QBTDMJGFQYPgTMB8GA1UdIwQY
MBaAFGKSezaxOPCGNYk446z9pGOOVqeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEt
YTk5YzdlZTVjMjg0LzEvRkEyaDVPSFJwZWdaemRBRk1Nd2tZVkJnLUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZDI0MWYtNzFlYS00YTFiLTk2ZWEtYTk5YzdlZTVjMjg0
LzEvWXBKN05yRTQ4SVkxaVRqanJQMmtZNDVXcDVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhAgx/8w
DQYJKoZIhvcNAQELBQADggEBAEICBfUiWba7nDjEGVi1ljpHbxj82M4oFJ8cqXq5
uG9WSggf0bjSa1fM/3zetpNjdmR+PZv0A/wZZ0AyucCOvxhhcUOZlFSKtHIiCFSh
RBVbcc/gTL4gm0TEX4QWl1jaIuryi5hGatXcrjwCuv4GPiwDljkIl2zMJ8sSe8tg
hVtbJvCBy1B4r2nf8LC0uMod32QWXLcSe49HCCICexZov/uCYKvfhzZudjauJk/c
SC78/tXZBDOFxXI8LatjBtvkuITpIcRGIh3xFRKmRJKrnmHJ4XSP6/zr2H/fLlyE
r74Rv4pjeDW0RvwQY73KdF148+kSxqRa3jvIeA+JvjgQ3TU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:41:06 2025 by rpki-client