Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jXwZsgDdnnGhpMwrW8IgFhbgc60.roa
File: jXwZsgDdnnGhpMwrW8IgFhbgc60.roa (raw, json)
Hash identifier: UcxxWtUMNhGN/BOZcWSLZeojF0Zo1CU3ZEgobKcT0Ys=
Subject key identifier: 8D:7C:19:B2:00:DD:9E:71:A1:A4:CC:2B:5B:C2:20:16:16:E0:73:AD
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942522899CF30D603F58F7F5EB7F193041
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jXwZsgDdnnGhpMwrW8IgFhbgc60.roa
Signing time: Thu 02 Jan 2025 03:50:07 +0000
ROA not before: Thu 02 Jan 2025 03:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215532
IP address blocks: 2a10:ccc0:420::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:89:9c:f3:0d:60:3f:58:f7:f5:eb:7f:19:30:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d7c19b200dd9e71a1a4cc2b5bc2201616e073ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:28:81:4a:e8:f8:af:53:45:9a:40:24:d6:de:
da:0d:5c:6a:e3:2d:95:ab:88:1f:c4:71:ab:5d:59:
74:a8:97:29:33:f8:a7:e1:ff:40:36:85:3b:ef:f1:
1f:cb:81:68:20:9d:a6:81:d9:ed:c8:cf:5a:34:f8:
98:3d:af:bb:7c:19:75:e4:d8:88:88:2c:d3:b2:c6:
f8:b5:2c:25:49:2a:e6:07:c4:58:89:ae:e1:46:4d:
e5:c4:4a:14:bc:e5:db:1c:a7:5a:e0:13:77:db:22:
ec:a6:4e:fa:55:e0:79:e9:f5:6e:5e:25:c8:4e:44:
0b:9d:09:d3:21:03:a2:ea:91:40:0f:0e:9b:6d:c0:
f2:ec:57:f9:b0:5b:7f:a0:fc:78:6d:c9:a1:9b:b6:
86:b7:53:46:92:28:65:0e:8a:e5:26:05:24:94:6d:
91:69:9e:b7:a7:0e:db:85:25:d0:0c:9b:b8:c6:d3:
5b:25:0f:8f:49:65:64:6b:20:61:9a:9d:18:e9:50:
03:05:be:9b:a2:b9:df:7b:10:8e:dd:c6:bb:89:d9:
fb:37:a1:3e:61:81:d7:fe:44:8d:de:cf:46:81:4e:
d4:17:1e:5e:9b:2c:d5:e4:b4:16:9a:55:8f:d3:47:
d2:b4:0e:1a:aa:94:31:9d:10:00:3d:2f:ef:fe:c9:
e0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:7C:19:B2:00:DD:9E:71:A1:A4:CC:2B:5B:C2:20:16:16:E0:73:AD
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/jXwZsgDdnnGhpMwrW8IgFhbgc60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc0:420::/44
Signature Algorithm: sha256WithRSAEncryption
3c:fc:4c:bc:b4:bc:49:83:d0:82:f2:ee:6a:4b:18:ec:1c:c5:
9b:f7:61:72:6e:ab:13:51:a0:e9:f5:4f:2f:9d:fd:4e:96:03:
fd:da:61:f9:c9:7e:78:2c:12:a8:ee:53:ab:5d:76:94:4b:67:
45:eb:6f:91:cd:37:48:b3:ec:42:bd:93:56:66:25:32:df:f9:
4b:96:62:4b:b7:e8:05:a1:67:15:fd:72:1c:d2:bf:91:da:12:
55:b8:83:8d:1d:a6:d9:ca:d6:80:85:87:a9:cf:f7:34:24:e2:
d5:45:2b:16:cd:90:57:d7:12:fb:a3:b7:a8:53:63:22:9c:15:
4d:fc:11:21:93:53:98:09:8e:c1:97:01:09:51:fa:f8:12:9e:
2f:47:52:33:d9:6b:a2:62:b6:f8:5f:47:68:70:9d:ed:2a:9a:
41:79:a7:e5:81:04:60:9d:ef:10:d1:be:85:e6:97:4c:2f:be:
de:7a:a5:e6:08:bd:d9:b4:fe:6a:ef:e0:77:c1:d1:0a:ea:39:
9c:02:fb:93:ed:31:02:db:ac:65:19:73:fe:ba:ec:f7:fc:fa:
ab:b6:32:d0:39:79:d8:34:6a:3e:f2:d1:6f:6b:78:2b:b2:38:
97:b3:84:3c:75:19:43:0b:5c:10:ce:a3:a9:2b:c2:76:be:15:
c5:a5:20:62
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIomc8w1gP1j39et/GTBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDdjMTliMjAwZGQ5ZTcxYTFhNGNjMmI1YmMyMjAxNjE2ZTA3M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iiBSuj4r1NFmkAk1t7aDVxq4y2V
q4gfxHGrXVl0qJcpM/in4f9ANoU77/Efy4FoIJ2mgdntyM9aNPiYPa+7fBl15NiI
iCzTssb4tSwlSSrmB8RYia7hRk3lxEoUvOXbHKda4BN32yLspk76VeB56fVuXiXI
TkQLnQnTIQOi6pFADw6bbcDy7Ff5sFt/oPx4bcmhm7aGt1NGkihlDorlJgUklG2R
aZ63pw7bhSXQDJu4xtNbJQ+PSWVkayBhmp0Y6VADBb6bornfexCO3ca7idn7N6E+
YYHX/kSN3s9GgU7UFx5emyzV5LQWmlWP00fStA4aqpQxnRAAPS/v/sngTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI18GbIA3Z5xoaTMK1vCIBYW4HOtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvalh3WnNnRGRubkdocE13clc4SWdGaGJnYzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhDMwAQg
MA0GCSqGSIb3DQEBCwUAA4IBAQA8/Ey8tLxJg9CC8u5qSxjsHMWb92FybqsTUaDp
9U8vnf1OlgP92mH5yX54LBKo7lOrXXaUS2dF62+RzTdIs+xCvZNWZiUy3/lLlmJL
t+gFoWcV/XIc0r+R2hJVuIONHabZytaAhYepz/c0JOLVRSsWzZBX1xL7o7eoU2Mi
nBVN/BEhk1OYCY7BlwEJUfr4Ep4vR1Iz2WuiYrb4X0docJ3tKppBeaflgQRgne8Q
0b6F5pdML77eeqXmCL3ZtP5q7+B3wdEK6jmcAvuT7TEC26xlGXP+uuz3/PqrtjLQ
OXnYNGo+8tFva3grsjiXs4Q8dRlDC1wQzqOpK8J2vhXFpSBi
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:11:27 2025 by rpki-client