Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/CE1f-YmOt3cbqlraaC6IGn8dNx8.roa
File: CE1f-YmOt3cbqlraaC6IGn8dNx8.roa (raw, json)
Hash identifier: hC8+uGsl40jWrUT8KIzrEqF0aoiSCTeNkiDU1uFCjGI=
Subject key identifier: 08:4D:5F:F9:89:8E:B7:77:1B:AA:5A:DA:68:2E:88:1A:7F:1D:37:1F
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 019421445FA9CFA4C49C798CE251A40F8437
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/CE1f-YmOt3cbqlraaC6IGn8dNx8.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214020
IP address blocks: 2a06:d1c1:70::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:5f:a9:cf:a4:c4:9c:79:8c:e2:51:a4:0f:84:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=084d5ff9898eb7771baa5ada682e881a7f1d371f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:20:bf:de:b7:30:81:60:dd:96:d9:36:e1:4d:
26:85:79:5a:18:d0:c8:88:00:d5:69:ec:57:ec:4d:
bf:a6:55:4b:2f:04:93:bb:61:d4:53:b9:d4:3c:8a:
6d:24:26:32:01:40:11:89:87:51:81:7d:8b:49:7a:
0f:a7:54:f1:92:e9:23:d2:f9:d5:ec:b8:49:da:04:
71:5f:ed:6e:dd:78:1d:d6:94:23:0c:71:c4:0d:73:
53:22:0b:fe:ea:4a:aa:68:de:e6:ab:a0:93:0d:7d:
15:f2:90:2a:48:88:47:4d:56:74:4a:7c:4d:96:7f:
fb:51:a4:13:b2:2b:9a:b2:a0:8e:bf:ef:d8:ee:65:
21:ef:16:7c:f7:54:d3:8c:c3:56:04:46:15:48:10:
5b:7a:16:47:b7:7d:8c:49:82:bf:94:c1:bf:3e:26:
b5:38:8e:2a:b3:84:78:b0:6a:f7:1f:17:6c:b0:9d:
d4:b4:82:77:fc:fd:e7:fa:f4:32:9f:0b:dd:d0:7a:
1f:8d:f7:07:f0:44:7c:69:5e:e0:cd:c1:26:c7:72:
df:48:78:f4:b6:d0:64:97:05:22:97:38:ad:3e:2c:
b4:da:b8:27:a5:0f:a8:69:f6:1d:29:33:25:98:1c:
f8:c6:b3:6d:9f:f0:46:43:31:ec:84:3c:65:02:b2:
78:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4D:5F:F9:89:8E:B7:77:1B:AA:5A:DA:68:2E:88:1A:7F:1D:37:1F
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/CE1f-YmOt3cbqlraaC6IGn8dNx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d1c1:70::/44
Signature Algorithm: sha256WithRSAEncryption
4a:2c:13:8b:74:62:1f:d2:de:87:a7:ea:6d:78:ff:be:0e:77:
35:1a:62:92:13:e5:9c:bb:87:8c:cb:ad:aa:4c:57:f5:6e:5d:
ed:23:0f:df:cb:6b:5c:25:16:c3:d2:d5:15:a9:17:6e:89:13:
47:79:78:2e:04:5e:50:dc:9d:e2:de:d5:4f:c0:c3:48:49:62:
9e:87:c6:94:2e:e1:ed:15:01:52:0f:18:27:df:5b:0f:db:8f:
d6:fd:c3:18:43:68:2f:de:56:a5:e9:64:fe:12:c2:b3:1c:d6:
2a:56:58:80:c4:46:20:ef:8c:23:c7:66:46:a9:9a:1a:8a:be:
1b:67:b2:5b:14:1a:41:31:7c:bf:a4:12:21:59:20:52:d3:e5:
17:3b:d7:ff:1b:a6:f0:fa:d3:57:48:b8:82:31:bf:7e:8f:df:
51:bf:72:c2:cf:5a:54:55:96:01:53:50:aa:7a:0d:b8:fe:9a:
84:44:e9:bd:9f:bc:06:1c:36:37:50:b9:b9:61:f1:bd:68:1e:
6d:bf:81:a4:86:56:22:54:f4:e4:91:91:21:02:c2:b7:26:d2:
bb:e9:e3:e7:09:9e:50:64:65:1b:31:9a:ee:a8:5d:f5:31:fa:
0d:17:82:c2:80:10:0b:68:06:23:02:31:d1:0f:8b:82:4d:aa:
00:ab:d2:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRF+pz6TEnHmM4lGkD4Q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRkNWZmOTg5OGViNzc3MWJhYTVhZGE2ODJlODgxYTdmMWQzNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyC/3rcwgWDdltk24U0mhXlaGNDI
iADVaexX7E2/plVLLwSTu2HUU7nUPIptJCYyAUARiYdRgX2LSXoPp1Txkukj0vnV
7LhJ2gRxX+1u3Xgd1pQjDHHEDXNTIgv+6kqqaN7mq6CTDX0V8pAqSIhHTVZ0SnxN
ln/7UaQTsiuasqCOv+/Y7mUh7xZ891TTjMNWBEYVSBBbehZHt32MSYK/lMG/Pia1
OI4qs4R4sGr3HxdssJ3UtIJ3/P3n+vQynwvd0HofjfcH8ER8aV7gzcEmx3LfSHj0
ttBklwUilzitPiy02rgnpQ+oafYdKTMlmBz4xrNtn/BGQzHshDxlArJ4zQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAhNX/mJjrd3G6pa2mguiBp/HTcfMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvQ0UxZi1ZbU90M2NicWxyYWFDNklHbjhkTng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbRwQBw
MA0GCSqGSIb3DQEBCwUAA4IBAQBKLBOLdGIf0t6Hp+pteP++Dnc1GmKSE+Wcu4eM
y62qTFf1bl3tIw/fy2tcJRbD0tUVqRduiRNHeXguBF5Q3J3i3tVPwMNISWKeh8aU
LuHtFQFSDxgn31sP24/W/cMYQ2gv3lal6WT+EsKzHNYqVliAxEYg74wjx2ZGqZoa
ir4bZ7JbFBpBMXy/pBIhWSBS0+UXO9f/G6bw+tNXSLiCMb9+j99Rv3LCz1pUVZYB
U1Cqeg24/pqEROm9n7wGHDY3ULm5YfG9aB5tv4GkhlYiVPTkkZEhAsK3JtK76ePn
CZ5QZGUbMZruqF31MfoNF4LCgBALaAYjAjHRD4uCTaoAq9JV
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:38:39 2025 by rpki-client