Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/vvQy0Yj8i6h1g42ZTAwhRIXBuw8.roa
File: vvQy0Yj8i6h1g42ZTAwhRIXBuw8.roa (raw, json)
Hash identifier: T8KzIT3w14qu1ZHhgwVuDOIW10SZ/SXhFvfY0nRS5nc=
Subject key identifier: BE:F4:32:D1:88:FC:8B:A8:75:83:8D:99:4C:0C:21:44:85:C1:BB:0F
Certificate issuer: /CN=e81393bdff601462a55591d26acb3d8c923ff26d
Certificate serial: 019425218610738CA438DBCDAED54CFDA959
Authority key identifier: E8:13:93:BD:FF:60:14:62:A5:55:91:D2:6A:CB:3D:8C:92:3F:F2:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6BOTvf9gFGKlVZHSass9jJI_8m0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/vvQy0Yj8i6h1g42ZTAwhRIXBuw8.roa
Signing time: Thu 02 Jan 2025 03:49:01 +0000
ROA not before: Thu 02 Jan 2025 03:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213373
IP address blocks: 2.56.10.0/24 maxlen: 24
149.3.170.0/24 maxlen: 24
2a10:5fc0::/32 maxlen: 32
2a10:5fc1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:86:10:73:8c:a4:38:db:cd:ae:d5:4c:fd:a9:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e81393bdff601462a55591d26acb3d8c923ff26d
Validity
Not Before: Jan 2 03:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bef432d188fc8ba875838d994c0c214485c1bb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:de:7c:f0:c1:20:e5:61:89:32:75:93:e4:3c:
dd:da:8e:cb:1a:c4:c7:25:8c:ef:89:5f:8e:79:fe:
9c:fe:a7:14:4f:59:04:79:d5:c8:04:dc:2c:93:e1:
bc:18:a8:7e:b3:a8:ac:dc:7c:5f:f8:38:72:92:9d:
13:36:ba:34:d8:4a:8c:09:ba:78:0e:32:3c:f6:6f:
15:81:8f:bc:a2:6a:27:e5:26:fd:50:00:dc:ae:fe:
b4:e7:42:cc:f6:76:d0:88:17:b6:37:38:63:0e:32:
92:be:61:c2:a8:77:f3:b0:fa:bb:ba:7f:f9:d3:f1:
89:c2:b8:23:23:79:21:64:8d:ba:a6:e7:c8:1f:b9:
12:ef:77:2b:a0:aa:5d:0a:39:94:05:6c:98:44:59:
a6:ba:de:62:dd:79:78:1f:e6:dd:84:8b:03:4e:63:
4a:43:2a:23:e5:85:d7:08:fa:73:f4:7a:e6:d5:fc:
bf:1b:84:d0:25:5d:c0:21:96:28:37:e7:84:17:dd:
51:b9:e8:4e:50:3b:7a:42:3d:55:50:15:e9:5f:c0:
2d:5f:3c:c2:e4:79:45:3c:a7:2f:62:b0:15:94:2a:
16:89:53:30:a7:b4:d9:41:f3:9f:d2:3b:7a:a7:1d:
1d:a7:f5:61:1c:b2:c7:d7:0c:3a:f7:d4:7a:8b:6b:
8c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F4:32:D1:88:FC:8B:A8:75:83:8D:99:4C:0C:21:44:85:C1:BB:0F
X509v3 Authority Key Identifier:
keyid:E8:13:93:BD:FF:60:14:62:A5:55:91:D2:6A:CB:3D:8C:92:3F:F2:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6BOTvf9gFGKlVZHSass9jJI_8m0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/vvQy0Yj8i6h1g42ZTAwhRIXBuw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/bd0384-805d-48a1-bf09-3c14621ecfc5/1/6BOTvf9gFGKlVZHSass9jJI_8m0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.10.0/24
149.3.170.0/24
IPv6:
2a10:5fc0::/31
Signature Algorithm: sha256WithRSAEncryption
aa:d2:c5:8c:c9:86:73:af:9f:d5:31:34:1e:3e:5b:55:d7:88:
90:a6:67:4d:a9:f3:c2:6f:ec:34:c5:70:52:cd:30:86:bd:b0:
49:0a:ca:f7:d1:cb:71:47:6b:3d:a6:71:11:b4:3b:e7:fb:14:
96:6e:bc:94:5d:e0:1a:b7:12:99:cc:0c:f3:04:af:c6:8c:59:
e5:06:cb:b7:59:02:d2:8c:80:26:1d:8e:54:a0:00:5f:2b:f6:
c1:38:e4:1c:de:b4:dc:81:26:d1:16:06:0a:ed:af:6b:2f:20:
bc:e4:1e:61:5c:44:0a:a7:50:2b:05:38:92:fa:4d:99:fa:e4:
8f:d4:be:4e:5b:9f:eb:b3:ae:7c:0d:cc:79:a1:b0:6d:73:ca:
d0:53:c6:ed:7c:37:33:dd:93:37:34:d7:c1:08:75:ce:3e:0e:
4c:26:df:70:1c:04:f5:36:0b:a8:6c:09:97:86:04:fb:4e:0b:
47:dd:e3:d8:05:b3:18:76:41:c6:65:f4:66:c7:95:b0:cc:84:
0e:dc:c0:64:53:00:07:c1:1a:ab:ed:2e:ee:4a:78:ca:23:c4:
9c:a9:29:e4:15:e9:43:85:87:7b:da:c5:4e:b0:e6:31:c4:54:
d1:dd:a7:8f:07:89:5f:e8:b4:87:30:1a:92:eb:90:3a:03:ea:
55:f9:73:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlIYYQc4ykONvNrtVM/alZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MTM5M2JkZmY2MDE0NjJhNTU1OTFkMjZhY2IzZDhjOTIz
ZmYyNmQwHhcNMjUwMTAyMDM0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWY0MzJkMTg4ZmM4YmE4NzU4MzhkOTk0YzBjMjE0NDg1YzFiYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N588MEg5WGJMnWT5Dzd2o7LGsTH
JYzviV+Oef6c/qcUT1kEedXIBNwsk+G8GKh+s6is3Hxf+Dhykp0TNro02EqMCbp4
DjI89m8VgY+8omon5Sb9UADcrv6050LM9nbQiBe2NzhjDjKSvmHCqHfzsPq7un/5
0/GJwrgjI3khZI26pufIH7kS73croKpdCjmUBWyYRFmmut5i3Xl4H+bdhIsDTmNK
Qyoj5YXXCPpz9Hrm1fy/G4TQJV3AIZYoN+eEF91RuehOUDt6Qj1VUBXpX8AtXzzC
5HlFPKcvYrAVlCoWiVMwp7TZQfOf0jt6px0dp/VhHLLH1ww699R6i2uMXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL70MtGI/IuodYONmUwMIUSFwbsPMB8GA1UdIwQY
MBaAFOgTk73/YBRipVWR0mrLPYySP/JtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkJPVHZmOWdGR0tsVlpIU2FzczlqSklfOG0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iZDAzODQtODA1ZC00OGExLWJmMDkt
M2MxNDYyMWVjZmM1LzEvdnZReTBZajhpNmgxZzQyWlRBd2hSSVhCdXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iZDAzODQtODA1ZC00OGExLWJmMDktM2MxNDYyMWVjZmM1
LzEvNkJPVHZmOWdGR0tsVlpIU2FzczlqSklfOG0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAAjgKAwQA
lQOqMA0EAgACMAcDBQEqEF/AMA0GCSqGSIb3DQEBCwUAA4IBAQCq0sWMyYZzr5/V
MTQePltV14iQpmdNqfPCb+w0xXBSzTCGvbBJCsr30ctxR2s9pnERtDvn+xSWbryU
XeAatxKZzAzzBK/GjFnlBsu3WQLSjIAmHY5UoABfK/bBOOQc3rTcgSbRFgYK7a9r
LyC85B5hXEQKp1ArBTiS+k2Z+uSP1L5OW5/rs658Dcx5obBtc8rQU8btfDcz3ZM3
NNfBCHXOPg5MJt9wHAT1NguobAmXhgT7TgtH3ePYBbMYdkHGZfRmx5WwzIQO3MBk
UwAHwRqr7S7uSnjKI8ScqSnkFelDhYd72sVOsOYxxFTR3aePB4lf6LSHMBqS65A6
A+pV+XNC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:10 2025 by rpki-client