Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/x51a-tBphj5oeqxqtMYJ9_3xAwg.roa
File: x51a-tBphj5oeqxqtMYJ9_3xAwg.roa (raw, json)
Hash identifier: dokuT2vkCwkEoIqbgmJLQO0fZKjjInT+5d9CuE+kfOE=
Subject key identifier: C7:9D:5A:FA:D0:69:86:3E:68:7A:AC:6A:B4:C6:09:F7:FD:F1:03:08
Certificate issuer: /CN=ccf9a6d2f6cd588a77f423622e6b8d1c654bcdf2
Certificate serial: 01942143DDE60AAAA5B59BCEF7B0087BCB5D
Authority key identifier: CC:F9:A6:D2:F6:CD:58:8A:77:F4:23:62:2E:6B:8D:1C:65:4B:CD:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/x51a-tBphj5oeqxqtMYJ9_3xAwg.roa
Signing time: Wed 01 Jan 2025 09:48:03 +0000
ROA not before: Wed 01 Jan 2025 09:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5588
IP address blocks: 62.201.16.0/20 maxlen: 20
2a06:8080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:dd:e6:0a:aa:a5:b5:9b:ce:f7:b0:08:7b:cb:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccf9a6d2f6cd588a77f423622e6b8d1c654bcdf2
Validity
Not Before: Jan 1 09:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c79d5afad069863e687aac6ab4c609f7fdf10308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:17:08:e5:f4:78:c0:3c:dd:58:4f:a5:34:4a:
a4:bc:3f:fc:bc:56:af:b0:f1:8a:cd:f8:0f:a2:71:
9e:ed:22:df:ec:f6:53:db:cf:7a:d8:c4:56:c2:09:
c7:6f:b4:69:95:3e:ee:a6:c9:ab:be:ee:b1:44:26:
92:d3:fe:0e:82:1e:4d:6c:52:9b:d8:34:92:1c:1a:
68:f6:4c:c3:4f:50:96:2b:ba:ed:c1:1d:7b:2d:98:
db:c5:f5:bd:93:ba:47:2c:77:ef:1b:70:10:0f:56:
66:00:d0:db:65:9d:6b:2a:e3:50:28:06:fa:d0:f4:
cf:f5:62:c0:f8:2a:85:bc:c8:8a:f9:86:66:42:1d:
70:a8:93:d3:44:e0:e0:ea:00:a1:ae:83:e6:58:d3:
f5:4d:18:be:39:a3:0d:79:43:cf:f8:2d:a8:95:f5:
f2:48:bd:b3:cb:91:14:e7:2d:ff:f9:bc:5c:f7:db:
6a:26:8e:61:26:a0:ab:b9:db:ca:9a:a7:a4:7d:d0:
c2:31:ad:c1:c0:a7:a3:6e:d6:80:37:9a:97:e7:b4:
98:20:c8:ac:30:f4:7f:74:79:e9:0a:4e:c0:ee:06:
6e:c3:18:93:44:a2:c6:44:5f:34:73:f5:20:24:a5:
07:3a:7f:c7:bb:6d:49:2c:ff:06:3d:1e:d8:c0:c0:
af:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9D:5A:FA:D0:69:86:3E:68:7A:AC:6A:B4:C6:09:F7:FD:F1:03:08
X509v3 Authority Key Identifier:
keyid:CC:F9:A6:D2:F6:CD:58:8A:77:F4:23:62:2E:6B:8D:1C:65:4B:CD:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zPmm0vbNWIp39CNiLmuNHGVLzfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/x51a-tBphj5oeqxqtMYJ9_3xAwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/421e40-edf6-47aa-9abe-1b0f254de619/1/zPmm0vbNWIp39CNiLmuNHGVLzfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.16.0/20
IPv6:
2a06:8080::/29
Signature Algorithm: sha256WithRSAEncryption
4d:f6:35:63:40:85:75:a6:ea:45:a0:41:ea:a1:e6:49:2b:77:
8b:32:a9:82:6a:37:5a:99:8f:2f:f7:9c:26:4f:62:cb:5d:2d:
87:60:1d:5d:dc:65:f0:c8:a1:e4:10:6b:34:cd:2a:32:0f:d0:
e7:73:a0:00:f2:a4:2b:21:85:76:48:86:86:f4:86:b0:c6:ed:
42:0d:7a:38:29:db:40:9f:71:b8:ef:72:3e:b0:42:e2:ec:6e:
b0:fb:5a:e9:f3:2f:07:66:91:57:9b:55:af:6e:b3:54:9e:3a:
45:f9:95:b3:ba:ec:c2:0d:2a:9a:9e:18:3b:de:9b:8a:99:54:
43:87:1a:88:b5:a6:f7:fa:bb:a7:c3:f6:75:d6:db:b6:44:1a:
93:5d:b8:10:71:a1:5d:74:fb:8a:32:c8:6b:8d:d6:1f:fc:79:
d3:ac:0d:fb:fa:a0:96:c3:e8:cf:6a:a7:60:46:ab:b0:18:ec:
72:28:d9:e8:76:d7:98:55:ee:7b:38:e6:32:5f:61:d2:f3:36:
ec:25:0f:6b:56:61:d4:16:6f:86:8a:57:bd:c3:8a:a1:80:0e:
62:b3:66:12:0f:63:17:85:81:fb:9f:43:5c:23:9d:5f:8c:b8:
53:b7:3c:2f:ce:96:ba:0f:e1:f7:fb:b3:e0:38:aa:e5:bb:db:
8e:b5:d3:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhQ93mCqqltZvO97AIe8tdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZjlhNmQyZjZjZDU4OGE3N2Y0MjM2MjJlNmI4ZDFjNjU0
YmNkZjIwHhcNMjUwMTAxMDk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzlkNWFmYWQwNjk4NjNlNjg3YWFjNmFiNGM2MDlmN2ZkZjEwMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBcI5fR4wDzdWE+lNEqkvD/8vFav
sPGKzfgPonGe7SLf7PZT28962MRWwgnHb7RplT7upsmrvu6xRCaS0/4Ogh5NbFKb
2DSSHBpo9kzDT1CWK7rtwR17LZjbxfW9k7pHLHfvG3AQD1ZmANDbZZ1rKuNQKAb6
0PTP9WLA+CqFvMiK+YZmQh1wqJPTRODg6gChroPmWNP1TRi+OaMNeUPP+C2olfXy
SL2zy5EU5y3/+bxc99tqJo5hJqCrudvKmqekfdDCMa3BwKejbtaAN5qX57SYIMis
MPR/dHnpCk7A7gZuwxiTRKLGRF80c/UgJKUHOn/Hu21JLP8GPR7YwMCvEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMedWvrQaYY+aHqsarTGCff98QMIMB8GA1UdIwQY
MBaAFMz5ptL2zViKd/QjYi5rjRxlS83yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelBtbTB2Yk5XSXAzOUNOaUxtdU5IR1ZMemZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS80MjFlNDAtZWRmNi00N2FhLTlhYmUt
MWIwZjI1NGRlNjE5LzEveDUxYS10QnBoajVvZXF4cXRNWUo5XzN4QXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS80MjFlNDAtZWRmNi00N2FhLTlhYmUtMWIwZjI1NGRlNjE5
LzEvelBtbTB2Yk5XSXAzOUNOaUxtdU5IR1ZMemZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEPskQMA0E
AgACMAcDBQMqBoCAMA0GCSqGSIb3DQEBCwUAA4IBAQBN9jVjQIV1pupFoEHqoeZJ
K3eLMqmCajdamY8v95wmT2LLXS2HYB1d3GXwyKHkEGs0zSoyD9Dnc6AA8qQrIYV2
SIaG9Iawxu1CDXo4KdtAn3G473I+sELi7G6w+1rp8y8HZpFXm1WvbrNUnjpF+ZWz
uuzCDSqanhg73puKmVRDhxqItab3+runw/Z11tu2RBqTXbgQcaFddPuKMshrjdYf
/HnTrA37+qCWw+jPaqdgRquwGOxyKNnodteYVe57OOYyX2HS8zbsJQ9rVmHUFm+G
ile9w4qhgA5is2YSD2MXhYH7n0NcI51fjLhTtzwvzpa6D+H3+7PgOKrlu9uOtdM2
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:14:22 2025 by rpki-client