Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/a1s9POyeD5aEy_pszaIwPzktp2I.roa
File: a1s9POyeD5aEy_pszaIwPzktp2I.roa (raw, json)
Hash identifier: EMChUR8N4hT4MGMF4Dcb2TZwOOrZ8xg9951lrz7I8UM=
Subject key identifier: 6B:5B:3D:3C:EC:9E:0F:96:84:CB:FA:6C:CD:A2:30:3F:39:2D:A7:62
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019205C1F0A09447AF4AD4429159F45BD602
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/a1s9POyeD5aEy_pszaIwPzktp2I.roa
Signing time: Wed 18 Sep 2024 15:30:49 +0000
ROA not before: Wed 18 Sep 2024 15:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2a04:a5c0::/32 maxlen: 32
2a04:a5c1::/32 maxlen: 32
2a04:a5c2::/32 maxlen: 32
2a04:a5c3::/32 maxlen: 32
2a04:a5c4::/32 maxlen: 32
2a04:a5c5::/32 maxlen: 32
2a04:a5c6::/32 maxlen: 32
2a04:a5c7::/32 maxlen: 32
2a0e:d00::/32 maxlen: 32
2a0e:d01::/32 maxlen: 32
2a0e:d02::/32 maxlen: 32
2a0e:d03::/32 maxlen: 32
2a0e:d04::/32 maxlen: 32
2a0e:d05::/32 maxlen: 32
2a0e:d06::/32 maxlen: 32
2a0e:d07::/32 maxlen: 32
2a0e:b140::/32 maxlen: 32
2a0e:b141::/32 maxlen: 32
2a0e:b142::/32 maxlen: 32
2a0e:b143::/32 maxlen: 32
2a0e:b144::/32 maxlen: 32
2a0e:b145::/32 maxlen: 32
2a0e:b146::/32 maxlen: 32
2a0e:b147::/32 maxlen: 32
2a0f:db80::/32 maxlen: 32
2a0f:db81::/32 maxlen: 32
2a0f:db82::/32 maxlen: 32
2a0f:db83::/32 maxlen: 32
2a0f:db84::/32 maxlen: 32
2a0f:db85::/32 maxlen: 32
2a0f:db86::/32 maxlen: 32
2a0f:db87::/32 maxlen: 32
2a10:4700::/31 maxlen: 31
2a10:4702::/31 maxlen: 31
2a10:4704::/31 maxlen: 31
2a10:4706::/31 maxlen: 31
2a12:4300::/31 maxlen: 31
2a12:4302::/31 maxlen: 31
2a12:4304::/31 maxlen: 31
2a12:4306::/31 maxlen: 31
2a13:ac80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:05:c1:f0:a0:94:47:af:4a:d4:42:91:59:f4:5b:d6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 18 15:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b5b3d3cec9e0f9684cbfa6ccda2303f392da762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:47:bd:bd:78:d0:2c:86:4c:fa:26:ab:b3:ee:
33:38:3a:cb:e8:69:c1:86:c9:fb:e7:a5:0a:72:9d:
5d:36:f1:14:48:ea:46:43:56:ff:2b:94:a7:e1:c6:
c2:09:4f:b8:d0:fa:f7:57:a6:1c:7a:e7:94:cd:a2:
59:94:f3:f1:6e:48:7d:ae:9b:3f:91:57:a0:ed:31:
c1:04:9c:f2:32:11:d1:f6:e6:a3:e2:c2:98:97:2b:
bd:e3:29:af:d2:4d:b1:ca:e4:f7:a9:77:98:91:84:
a8:26:7c:26:1a:7a:41:38:42:6d:4a:9b:2d:be:75:
83:67:f5:e9:f9:d0:05:04:85:4c:75:44:5f:a3:eb:
99:c0:d5:46:c2:41:58:45:18:98:ef:93:d4:aa:23:
d1:20:7e:39:3a:7a:5e:5e:e4:cd:23:29:81:93:4a:
15:31:9e:07:08:08:79:55:3d:06:72:52:67:cd:7c:
59:da:a3:03:3d:6a:2d:34:18:e9:9a:13:5c:aa:cb:
cd:b4:b2:6d:2e:81:0f:4c:1a:4a:02:c1:4b:2c:1c:
9c:dc:bb:b6:94:7e:0b:d4:25:82:31:9a:d9:68:f7:
f4:14:31:b0:b8:3e:eb:0c:8e:9e:e0:f2:2f:6b:89:
ca:dc:0d:9f:e7:ee:cc:2a:c0:ca:30:db:18:de:70:
78:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5B:3D:3C:EC:9E:0F:96:84:CB:FA:6C:CD:A2:30:3F:39:2D:A7:62
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/a1s9POyeD5aEy_pszaIwPzktp2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:d00::/29
2a0e:b140::/29
2a0f:db80::/29
2a10:4700::/29
2a12:4300::/29
2a13:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
53:c8:a1:51:43:5a:48:fc:75:13:dd:45:6b:28:85:26:52:ad:
49:8d:98:d8:52:23:9f:b2:c1:d9:e5:7d:26:90:4a:c5:89:ab:
c0:85:97:99:3b:13:25:e2:3b:9d:c0:fb:f9:ea:ed:cb:64:1b:
cd:56:66:40:6c:85:7e:ad:5a:b7:7b:84:fd:62:e3:81:ff:61:
ea:41:31:e7:9e:38:f0:1d:34:da:78:d9:ef:b1:48:c7:d4:58:
b1:18:4d:1a:15:42:ae:38:7c:57:3c:20:16:34:74:78:57:e9:
9a:af:63:73:69:13:2d:f3:09:15:db:02:98:36:c3:bf:09:6b:
35:5b:a5:fb:da:57:22:d2:40:c5:04:90:1d:06:45:0a:be:61:
7b:0a:0b:cb:61:8e:d5:e4:ea:5a:af:c3:ea:39:eb:b7:6c:37:
32:13:6d:1d:a8:8f:ae:df:ce:db:ca:28:4b:e0:c5:17:6b:ac:
ec:13:33:d2:5b:37:a4:05:16:6c:06:50:83:b4:96:b9:a9:20:
a4:e7:d7:f9:b8:74:bb:59:75:0a:b2:6a:42:8f:ba:c8:4a:79:
b1:44:5f:35:cf:76:ca:b1:dc:e9:a6:b1:a9:d4:f2:56:ca:51:
9b:68:22:40:79:0b:76:11:68:c6:aa:7f:a9:53:68:c3:bb:c4:
dc:da:74:1a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZIFwfCglEevStRCkVn0W9YCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTE4MTUzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjViM2QzY2VjOWUwZjk2ODRjYmZhNmNjZGEyMzAzZjM5MmRhNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUe9vXjQLIZM+iars+4zODrL6GnB
hsn756UKcp1dNvEUSOpGQ1b/K5Sn4cbCCU+40Pr3V6YceueUzaJZlPPxbkh9rps/
kVeg7THBBJzyMhHR9uaj4sKYlyu94ymv0k2xyuT3qXeYkYSoJnwmGnpBOEJtSpst
vnWDZ/Xp+dAFBIVMdURfo+uZwNVGwkFYRRiY75PUqiPRIH45OnpeXuTNIymBk0oV
MZ4HCAh5VT0GclJnzXxZ2qMDPWotNBjpmhNcqsvNtLJtLoEPTBpKAsFLLByc3Lu2
lH4L1CWCMZrZaPf0FDGwuD7rDI6e4PIva4nK3A2f5+7MKsDKMNsY3nB4PQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGtbPTzsng+WhMv6bM2iMD85LadiMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvYTFzOVBPeWVENWFFeV9wc3phSXdQemt0cDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgSlwAMF
AyoODQADBQMqDrFAAwUDKg/bgAMFAyoQRwADBQMqEkMAAwUDKhOsgDANBgkqhkiG
9w0BAQsFAAOCAQEAU8ihUUNaSPx1E91FayiFJlKtSY2Y2FIjn7LB2eV9JpBKxYmr
wIWXmTsTJeI7ncD7+erty2QbzVZmQGyFfq1at3uE/WLjgf9h6kEx55448B002njZ
77FIx9RYsRhNGhVCrjh8VzwgFjR0eFfpmq9jc2kTLfMJFdsCmDbDvwlrNVul+9pX
ItJAxQSQHQZFCr5hewoLy2GO1eTqWq/D6jnrt2w3MhNtHaiPrt/O28ooS+DFF2us
7BMz0ls3pAUWbAZQg7SWuakgpOfX+bh0u1l1CrJqQo+6yEp5sURfNc92yrHc6aax
qdTyVspRm2giQHkLdhFoxqp/qVNow7vE3Np0Gg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:11:04 2025 by rpki-client