Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/s6hj31TUX8s-wcJUAy7yqXkixiY.roa
File: s6hj31TUX8s-wcJUAy7yqXkixiY.roa (raw, json)
Hash identifier: Mp4dNxXIlsBREcr9I+ebDJif7lStdzMecgBPONGzVs8=
Subject key identifier: B3:A8:63:DF:54:D4:5F:CB:3E:C1:C2:54:03:2E:F2:A9:79:22:C6:26
Certificate issuer: /CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Certificate serial: 019427B5489F04714FA8317EF102E6A1BAB5
Authority key identifier: 57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/s6hj31TUX8s-wcJUAy7yqXkixiY.roa
Signing time: Thu 02 Jan 2025 15:49:39 +0000
ROA not before: Thu 02 Jan 2025 15:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209861
IP address blocks: 2a10:a642:aa00::/40 maxlen: 48
2a10:a642:aa00::/48 maxlen: 48
2a10:a642:ad00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:48:9f:04:71:4f:a8:31:7e:f1:02:e6:a1:ba:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5776d9a0b55bd495a1be3c5c03fa251d3de8b8c5
Validity
Not Before: Jan 2 15:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3a863df54d45fcb3ec1c254032ef2a97922c626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:63:43:26:b9:ba:df:a7:bb:7b:c6:58:1b:24:
34:6d:85:5c:e4:88:c0:2e:3a:bc:e9:fa:23:fe:20:
ef:01:6a:71:33:13:3a:a1:db:c8:87:49:d3:90:ee:
fd:2c:fe:ad:d3:4d:03:77:b1:a2:8a:ee:be:13:9f:
5b:d2:9b:44:3c:40:9c:1d:f3:13:4f:e4:6c:50:28:
e4:13:cf:a0:1e:b1:75:67:13:4c:f5:9d:aa:de:b5:
2e:65:0b:f8:c0:71:ca:cd:0a:1f:7d:4b:8d:af:2f:
6b:f4:f2:a3:20:1b:42:95:e7:10:3b:2f:3f:9d:5d:
e7:7c:06:ef:b6:27:ce:fb:cb:59:be:e2:33:0a:b2:
a7:5e:ce:7c:c7:9c:49:92:47:46:55:71:af:46:d5:
5a:ae:78:4e:05:2f:05:ae:56:0e:db:b0:a3:73:57:
59:04:5d:68:60:8a:02:1c:98:c1:c8:69:e1:df:56:
19:e9:36:3c:32:4a:f6:93:8f:76:3a:e5:91:46:e8:
3c:00:0f:37:5c:9d:bc:86:53:38:1a:20:7b:d9:4f:
1c:92:7e:85:a7:f3:db:bf:72:f4:e9:b3:63:65:0c:
38:93:6b:e0:b4:31:c2:33:c7:57:be:56:34:a9:98:
2a:b6:84:06:23:65:ec:49:75:01:6e:04:0d:96:62:
1c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A8:63:DF:54:D4:5F:CB:3E:C1:C2:54:03:2E:F2:A9:79:22:C6:26
X509v3 Authority Key Identifier:
keyid:57:76:D9:A0:B5:5B:D4:95:A1:BE:3C:5C:03:FA:25:1D:3D:E8:B8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3bZoLVb1JWhvjxcA_olHT3ouMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/s6hj31TUX8s-wcJUAy7yqXkixiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5b21e3-3944-4ce6-aaf5-c0ba2f3fc72a/1/V3bZoLVb1JWhvjxcA_olHT3ouMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:a642:aa00::/40
2a10:a642:ad00::/40
Signature Algorithm: sha256WithRSAEncryption
97:28:f2:3f:a2:12:84:82:1c:df:85:31:a0:30:52:d1:2b:07:
5f:0d:8a:2b:ee:f5:dd:9d:b2:36:5d:7d:d8:7a:33:da:a9:ca:
36:cc:46:d9:9e:a3:52:c0:b4:46:ed:05:63:bf:70:b1:b5:bc:
a3:39:ab:39:91:11:62:3f:83:90:0e:74:ef:75:b6:e3:32:ab:
13:03:57:ca:a5:bc:8f:fd:f1:6e:e6:07:9c:83:cd:28:c3:ca:
52:e4:44:c9:f7:33:e6:a4:e3:4c:47:5c:84:3e:2a:ff:a0:bf:
f8:a9:ce:e9:70:77:d5:9c:cf:11:d7:48:8a:ba:62:d7:b5:5e:
f9:d4:e9:f1:00:ff:35:20:63:bc:ef:de:1b:cb:0d:95:89:7d:
bf:27:c0:9b:f2:38:0f:40:b7:da:88:27:a5:2d:cb:2e:de:9f:
6d:54:0b:db:0d:eb:32:59:2d:fe:33:bf:28:23:03:d2:72:16:
a9:9e:27:32:34:c3:3d:c3:91:07:da:48:b8:6d:1d:2d:89:ba:
b5:9c:ad:1c:4a:eb:20:4d:0c:d1:42:c9:76:95:30:bf:31:04:
1c:0a:c7:1a:3c:67:17:6a:55:64:c2:c4:52:a6:37:0c:d7:fb:
82:fe:cb:96:40:7d:1a:3c:0c:5c:fb:91:2b:68:6a:7b:e0:dd:
3c:78:ed:9e
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQntUifBHFPqDF+8QLmobq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzZkOWEwYjU1YmQ0OTVhMWJlM2M1YzAzZmEyNTFkM2Rl
OGI4YzUwHhcNMjUwMTAyMTU0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2E4NjNkZjU0ZDQ1ZmNiM2VjMWMyNTQwMzJlZjJhOTc5MjJjNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2NDJrm636e7e8ZYGyQ0bYVc5IjA
Ljq86foj/iDvAWpxMxM6odvIh0nTkO79LP6t000Dd7Giiu6+E59b0ptEPECcHfMT
T+RsUCjkE8+gHrF1ZxNM9Z2q3rUuZQv4wHHKzQoffUuNry9r9PKjIBtClecQOy8/
nV3nfAbvtifO+8tZvuIzCrKnXs58x5xJkkdGVXGvRtVarnhOBS8FrlYO27Cjc1dZ
BF1oYIoCHJjByGnh31YZ6TY8Mkr2k492OuWRRug8AA83XJ28hlM4GiB72U8ckn6F
p/Pbv3L06bNjZQw4k2vgtDHCM8dXvlY0qZgqtoQGI2XsSXUBbgQNlmIcCwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFLOoY99U1F/LPsHCVAMu8ql5IsYmMB8GA1UdIwQY
MBaAFFd22aC1W9SVob48XAP6JR096LjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUt
YzBiYTJmM2ZjNzJhLzEvczZoajMxVFVYOHMtd2NKVUF5N3lxWGtpeGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YjIxZTMtMzk0NC00Y2U2LWFhZjUtYzBiYTJmM2ZjNzJh
LzEvVjNiWm9MVmIxSldodmp4Y0Ffb2xIVDNvdU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKhCmQqoD
BgAqEKZCrTANBgkqhkiG9w0BAQsFAAOCAQEAlyjyP6IShIIc34UxoDBS0SsHXw2K
K+713Z2yNl192Hoz2qnKNsxG2Z6jUsC0Ru0FY79wsbW8ozmrOZERYj+DkA5073W2
4zKrEwNXyqW8j/3xbuYHnIPNKMPKUuREyfcz5qTjTEdchD4q/6C/+KnO6XB31ZzP
EddIirpi17Ve+dTp8QD/NSBjvO/eG8sNlYl9vyfAm/I4D0C32ognpS3LLt6fbVQL
2w3rMlkt/jO/KCMD0nIWqZ4nMjTDPcORB9pIuG0dLYm6tZytHErrIE0M0ULJdpUw
vzEEHArHGjxnF2pVZMLEUqY3DNf7gv7LlkB9GjwMXPuRK2hqe+DdPHjtng==
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:00:26 2025 by rpki-client