Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/uUbdbfji1wduoDXh4AqJeaJa564.roa
File: uUbdbfji1wduoDXh4AqJeaJa564.roa (raw, json)
Hash identifier: mcE4tKe136UsFISwUkQg3BCl5f/Ei1vauiMoTq7oiwk=
Subject key identifier: B9:46:DD:6D:F8:E2:D7:07:6E:A0:35:E1:E0:0A:89:79:A2:5A:E7:AE
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 019424452ABE237F1621EA0237AE3E6594B0
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/uUbdbfji1wduoDXh4AqJeaJa564.roa
Signing time: Wed 01 Jan 2025 23:48:20 +0000
ROA not before: Wed 01 Jan 2025 23:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a11:c540::/29 maxlen: 29
2a11:c700::/29 maxlen: 29
2a12:15c0::/29 maxlen: 29
2a12:25c0::/29 maxlen: 29
2a12:34c0::/29 maxlen: 29
2a12:4500::/29 maxlen: 29
2a12:5580::/29 maxlen: 29
2a12:6600::/29 maxlen: 29
2a12:8800::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:2a:be:23:7f:16:21:ea:02:37:ae:3e:65:94:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Jan 1 23:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b946dd6df8e2d7076ea035e1e00a8979a25ae7ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ff:3f:f8:f2:63:4d:b0:ab:dc:f3:12:fd:20:
24:5f:05:e3:c2:24:9e:10:3d:89:d5:73:8f:35:ea:
c6:32:b4:66:18:35:9d:7e:23:39:4c:7c:3c:31:83:
6e:bc:7b:a7:0d:d3:dc:05:32:ce:cc:12:a1:53:ac:
a5:1b:a2:c6:83:f2:ac:1f:34:d4:48:7c:33:53:df:
b9:fd:23:1f:15:92:53:f9:cd:65:5a:7d:78:bd:a3:
c4:41:42:23:2a:29:4c:17:2c:53:b2:9f:f7:bf:fe:
c9:06:19:81:af:b6:1f:b8:c2:80:20:65:79:ad:a0:
97:e8:94:90:c4:47:0c:8b:4b:2b:2e:85:1b:11:66:
c6:af:15:1d:9d:5a:1a:7d:c9:77:a4:76:55:fb:33:
1c:d0:bb:97:fa:9f:1f:26:f8:8c:d9:0f:82:e1:34:
ac:d6:55:88:1b:82:68:e0:06:fc:26:10:1f:a2:1c:
14:8b:62:29:d8:2f:ab:9d:f5:3d:46:6d:6f:41:8a:
7b:83:0d:1f:73:78:6f:9d:8f:4f:29:1e:0e:b3:63:
e5:84:4a:1b:1f:73:bd:bd:f2:89:e5:3e:e6:ad:63:
62:77:bf:75:8a:a7:5c:69:8c:04:3e:1e:ba:4c:8e:
3c:c2:ea:58:ae:c3:ba:9b:04:68:db:ef:05:40:60:
9d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:46:DD:6D:F8:E2:D7:07:6E:A0:35:E1:E0:0A:89:79:A2:5A:E7:AE
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/uUbdbfji1wduoDXh4AqJeaJa564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c540::/29
2a11:c700::/29
2a12:15c0::/29
2a12:25c0::/29
2a12:34c0::/29
2a12:4500::/29
2a12:5580::/29
2a12:6600::/29
2a12:8800::/29
Signature Algorithm: sha256WithRSAEncryption
1f:b6:19:c2:ce:74:a3:ca:54:ae:1c:16:7c:a3:e8:70:57:e8:
76:98:f4:fd:14:0e:49:7f:4c:41:96:38:35:c8:62:07:8c:85:
a5:be:d1:8e:48:cc:61:43:eb:0c:69:98:c1:a9:2a:da:1b:4e:
77:46:ec:16:53:94:88:13:28:09:1c:e5:59:70:f5:4d:4b:a6:
b1:c5:0c:d8:29:3b:f0:96:e2:19:39:67:73:49:47:29:13:8c:
72:b5:84:3b:19:25:9d:93:9c:ab:cd:aa:15:13:66:15:60:4d:
10:f3:41:99:0a:59:0b:f2:76:a1:ac:f5:3d:c1:dc:18:e1:ce:
17:23:e6:e9:4a:54:f1:6e:e0:e5:ce:74:7b:5d:94:ff:a4:08:
b1:69:75:3a:db:68:90:f0:d9:81:24:b4:2c:b0:98:3d:95:6f:
c1:9f:50:b0:f3:c6:c3:ff:28:22:be:b9:57:d1:19:5a:f0:6a:
e7:7c:d7:e6:b7:81:0b:cb:f8:f8:5a:98:ae:50:79:46:9d:62:
63:5f:51:6e:fa:74:8a:83:0e:95:fe:9f:9d:82:6b:80:4d:64:
08:66:60:e8:6f:ae:f9:2d:ad:0e:76:7d:21:dc:74:58:98:4d:
29:26:0f:d4:ee:c4:c4:92:4d:1b:40:cd:2b:31:65:bd:88:05:
a5:01:9f:d9
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQkRSq+I38WIeoCN64+ZZSwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwMTAxMjM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQ2ZGQ2ZGY4ZTJkNzA3NmVhMDM1ZTFlMDBhODk3OWEyNWFlN2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP8/+PJjTbCr3PMS/SAkXwXjwiSe
ED2J1XOPNerGMrRmGDWdfiM5THw8MYNuvHunDdPcBTLOzBKhU6ylG6LGg/KsHzTU
SHwzU9+5/SMfFZJT+c1lWn14vaPEQUIjKilMFyxTsp/3v/7JBhmBr7YfuMKAIGV5
raCX6JSQxEcMi0srLoUbEWbGrxUdnVoafcl3pHZV+zMc0LuX+p8fJviM2Q+C4TSs
1lWIG4Jo4Ab8JhAfohwUi2Ip2C+rnfU9Rm1vQYp7gw0fc3hvnY9PKR4Os2PlhEob
H3O9vfKJ5T7mrWNid791iqdcaYwEPh66TI48wupYrsO6mwRo2+8FQGCdIwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLlG3W344tcHbqA14eAKiXmiWueuMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvdVViZGJmamkxd2R1b0RYaDRBcUplYUphNTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKhHFQAMF
AyoRxwADBQMqEhXAAwUDKhIlwAMFAyoSNMADBQMqEkUAAwUDKhJVgAMFAyoSZgAD
BQMqEogAMA0GCSqGSIb3DQEBCwUAA4IBAQAfthnCznSjylSuHBZ8o+hwV+h2mPT9
FA5Jf0xBljg1yGIHjIWlvtGOSMxhQ+sMaZjBqSraG053RuwWU5SIEygJHOVZcPVN
S6axxQzYKTvwluIZOWdzSUcpE4xytYQ7GSWdk5yrzaoVE2YVYE0Q80GZClkL8nah
rPU9wdwY4c4XI+bpSlTxbuDlznR7XZT/pAixaXU622iQ8NmBJLQssJg9lW/Bn1Cw
88bD/ygivrlX0Rla8GrnfNfmt4ELy/j4WpiuUHlGnWJjX1Fu+nSKgw6V/p+dgmuA
TWQIZmDob675La0Odn0h3HRYmE0pJg/U7sTEkk0bQM0rMWW9iAWlAZ/Z
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:05:23 2025 by rpki-client