Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/Uly4hJm4n0CW_m9VG7FdyUYLXQ0.roa
File: Uly4hJm4n0CW_m9VG7FdyUYLXQ0.roa (raw, json)
Hash identifier: W7kTTFRMLEf4OA7s2XNv00hUyVmO5iV/FwUiWEf3g0U=
Subject key identifier: 52:5C:B8:84:99:B8:9F:40:96:FE:6F:55:1B:B1:5D:C9:46:0B:5D:0D
Certificate issuer: /CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Certificate serial: 019425FCA120504C13E147ED344BBC70BD7B
Authority key identifier: B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/Uly4hJm4n0CW_m9VG7FdyUYLXQ0.roa
Signing time: Thu 02 Jan 2025 07:48:20 +0000
ROA not before: Thu 02 Jan 2025 07:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42721
IP address blocks: 2a09:6340::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:a1:20:50:4c:13:e1:47:ed:34:4b:bc:70:bd:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Validity
Not Before: Jan 2 07:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=525cb88499b89f4096fe6f551bb15dc9460b5d0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:63:c0:3e:f5:40:e9:0e:34:8b:57:3a:bc:
27:1f:35:f6:dc:5a:b1:25:99:c3:e4:03:b7:b5:57:
f1:58:53:35:41:d9:97:24:84:ca:07:de:ab:94:c8:
b5:3f:b8:32:ef:a5:d0:bc:4b:ba:34:35:f1:16:72:
94:d2:62:af:52:b3:fd:11:a7:5c:81:38:82:e0:bd:
d7:d9:cd:bd:8f:92:0c:80:b5:a6:ac:25:9a:2c:56:
d8:1c:53:c4:2f:a9:80:25:96:70:d3:c1:a5:3a:a3:
c2:54:9a:21:b1:bb:0e:37:8a:ca:87:0f:de:36:dd:
79:c5:7b:9e:66:35:9d:43:20:3d:20:0e:02:c8:52:
f7:5e:97:03:c0:41:4b:a8:f2:bb:77:e6:75:4c:69:
b9:48:97:ed:f5:97:b2:2b:9d:65:1e:5e:0e:eb:a7:
e1:c1:86:5d:c2:99:27:45:2c:dc:6b:b0:e0:88:e9:
5c:ac:66:f1:0e:70:75:bc:40:85:12:dd:fb:1d:02:
42:7d:4d:9a:09:15:f8:02:91:34:ca:19:0d:2c:7c:
fc:b9:cd:9d:69:d2:06:09:b4:41:63:49:2d:c9:c4:
36:08:4d:a2:7e:b5:2d:bd:0f:46:23:4d:6d:3f:e0:
2f:1b:d2:51:cd:67:e5:52:4b:66:ff:a7:e5:de:4b:
a8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5C:B8:84:99:B8:9F:40:96:FE:6F:55:1B:B1:5D:C9:46:0B:5D:0D
X509v3 Authority Key Identifier:
keyid:B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/Uly4hJm4n0CW_m9VG7FdyUYLXQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/sN-v02cwOW_jOOdy2tvkw8hc2VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6340::/44
Signature Algorithm: sha256WithRSAEncryption
38:1d:8b:62:a8:1c:cb:00:b6:f8:50:da:f0:5a:da:b5:6a:e3:
94:57:4f:27:bb:8c:f5:2e:1c:6b:89:46:95:62:0e:c5:e8:9d:
1f:f1:e0:df:e4:80:bf:62:01:26:27:22:42:f4:b5:12:a8:b0:
5d:60:3d:0d:c5:ea:8c:c9:2e:cf:67:d7:44:1e:98:24:8a:21:
6b:98:a6:16:71:c6:fe:12:f5:35:4a:67:86:11:70:24:cb:b9:
77:e4:af:68:ee:4e:ec:8d:d0:84:74:35:59:cc:b0:98:a0:00:
ab:23:18:67:65:fb:5d:e1:0d:74:16:d8:d2:81:a7:04:ee:02:
f6:84:70:26:e5:f2:ca:af:77:ca:74:37:7d:77:6b:59:07:19:
70:25:bd:1c:47:5a:34:a2:98:17:d6:70:52:33:01:39:22:0d:
bb:ff:18:27:95:00:f4:58:e4:f2:ef:8f:51:b9:4a:4b:e3:8c:
07:ee:38:c9:c2:69:04:8f:3e:0e:dd:46:ad:01:e2:3b:58:50:
9f:a7:46:8e:a1:ff:7a:cf:ea:4d:31:e7:16:45:15:0c:dc:f5:
83:ae:fa:60:f0:bd:d8:c0:79:e7:10:a2:cb:96:03:cf:58:fb:
9f:c9:e9:87:9f:84:2a:51:96:cc:ea:7f:72:3f:f6:03:d2:60:
8e:7c:d6:ff
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/KEgUEwT4UftNEu8cL17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZGZhZmQzNjczMDM5NmZlMzM4ZTc3MmRhZGJlNGMzYzg1
Y2Q5NTIwHhcNMjUwMTAyMDc0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjVjYjg4NDk5Yjg5ZjQwOTZmZTZmNTUxYmIxNWRjOTQ2MGI1ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjhjwD71QOkONItXOrwnHzX23Fqx
JZnD5AO3tVfxWFM1QdmXJITKB96rlMi1P7gy76XQvEu6NDXxFnKU0mKvUrP9Eadc
gTiC4L3X2c29j5IMgLWmrCWaLFbYHFPEL6mAJZZw08GlOqPCVJohsbsON4rKhw/e
Nt15xXueZjWdQyA9IA4CyFL3XpcDwEFLqPK7d+Z1TGm5SJft9ZeyK51lHl4O66fh
wYZdwpknRSzca7DgiOlcrGbxDnB1vECFEt37HQJCfU2aCRX4ApE0yhkNLHz8uc2d
adIGCbRBY0ktycQ2CE2ifrUtvQ9GI01tP+AvG9JRzWflUktm/6fl3kuoRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFJcuISZuJ9Alv5vVRuxXclGC10NMB8GA1UdIwQY
MBaAFLDfr9NnMDlv4zjnctrb5MPIXNlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUt
MGFhNWI0NmJmOGFhLzEvVWx5NGhKbTRuMENXX205Vkc3RmR5VVlMWFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUtMGFhNWI0NmJmOGFh
LzEvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgljQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4HYtiqBzLALb4UNrwWtq1auOUV08nu4z1Lhxr
iUaVYg7F6J0f8eDf5IC/YgEmJyJC9LUSqLBdYD0NxeqMyS7PZ9dEHpgkiiFrmKYW
ccb+EvU1SmeGEXAky7l35K9o7k7sjdCEdDVZzLCYoACrIxhnZftd4Q10FtjSgacE
7gL2hHAm5fLKr3fKdDd9d2tZBxlwJb0cR1o0opgX1nBSMwE5Ig27/xgnlQD0WOTy
749RuUpL44wH7jjJwmkEjz4O3UatAeI7WFCfp0aOof96z+pNMecWRRUM3PWDrvpg
8L3YwHnnEKLLlgPPWPufyemHn4QqUZbM6n9yP/YD0mCOfNb/
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:39:59 2025 by rpki-client