Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/otP4cyQZHuk2YXzJGtNpVI8P-e0.roa
File: otP4cyQZHuk2YXzJGtNpVI8P-e0.roa (raw, json)
Hash identifier: 2KVuFZKACcnMtQQ1k7okRljtHa261BI+4KEYD3mBXWg=
Subject key identifier: A2:D3:F8:73:24:19:1E:E9:36:61:7C:C9:1A:D3:69:54:8F:0F:F9:ED
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01942521CE28D8D7D5A01577E4A0BDE56646
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/otP4cyQZHuk2YXzJGtNpVI8P-e0.roa
Signing time: Thu 02 Jan 2025 03:49:19 +0000
ROA not before: Thu 02 Jan 2025 03:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39753
IP address blocks: 2a0e:b107:24::/46 maxlen: 48
2a10:2f01:100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ce:28:d8:d7:d5:a0:15:77:e4:a0:bd:e5:66:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2d3f87324191ee936617cc91ad369548f0ff9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:76:88:cb:61:09:65:94:40:34:6e:dd:af:66:
f6:c3:ea:28:96:f8:53:db:dd:e5:e4:ec:c6:dc:78:
db:f3:6e:2a:95:32:67:f5:13:9f:0f:87:80:87:14:
e2:78:ec:13:a7:7d:3c:89:b8:b4:a4:4b:3d:eb:9b:
88:b3:b4:a9:f6:f0:92:df:dd:be:02:0f:08:23:e5:
e8:46:07:48:b2:ad:21:c9:cf:54:d1:a2:9a:a5:f1:
08:72:eb:2f:a0:f2:25:7c:89:f1:e7:1b:d1:b0:50:
65:41:63:15:a9:94:ec:ab:76:f6:5f:36:3d:18:57:
40:d6:58:03:32:ec:8c:84:fe:25:9e:72:d7:3d:b3:
ee:4a:68:5f:c5:63:54:eb:40:b4:a5:1a:b9:88:d4:
90:7d:88:2b:d1:23:8b:cc:0c:77:27:b3:4d:1a:12:
9f:30:ad:ba:81:c9:ee:18:72:0a:0d:a7:19:66:3b:
bf:3d:96:b0:1b:34:1a:a6:d9:5b:dc:e3:5e:6e:51:
8e:16:dd:e9:26:c8:b1:e2:78:b6:55:ab:e5:74:53:
07:d7:51:89:5a:85:36:6f:49:db:ed:5c:50:b4:a1:
73:01:de:c7:a6:c6:06:4a:69:49:c4:45:e3:d4:25:
74:15:c8:dc:10:9a:c7:d6:eb:1e:88:e4:d6:51:2f:
e4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:D3:F8:73:24:19:1E:E9:36:61:7C:C9:1A:D3:69:54:8F:0F:F9:ED
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/otP4cyQZHuk2YXzJGtNpVI8P-e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:24::/46
2a10:2f01:100::/40
Signature Algorithm: sha256WithRSAEncryption
52:35:df:61:d5:e2:82:8a:10:a2:08:09:cb:4c:30:1c:6a:36:
e5:66:5c:50:c1:a1:ea:a3:71:b3:41:5f:d7:6e:18:87:28:6d:
11:d3:64:4b:4c:2a:30:c9:06:b6:43:8b:18:9c:28:77:66:eb:
fa:1c:51:ee:8e:db:05:12:3e:63:2c:ea:a9:a3:33:db:21:0c:
7f:a0:2f:98:c3:fa:11:4b:cf:3f:24:9e:31:c5:7e:28:c8:04:
c9:67:e4:5c:5f:9a:37:13:a8:11:57:65:10:4f:2d:7c:48:5a:
70:82:4a:7d:42:fe:d4:9f:bc:c5:3c:bd:25:d9:3e:51:e0:0b:
f5:13:c1:9e:66:e9:81:10:0c:75:d8:c0:f7:3b:1e:13:7d:b3:
d5:9c:27:2c:5b:37:7a:c7:7c:7a:c3:79:cf:18:f0:86:8d:50:
f3:08:bf:c6:3f:d0:4a:e2:d7:82:7d:00:d9:eb:31:56:6b:c9:
15:7b:a4:c8:25:95:e4:58:a7:fc:7e:82:5e:f4:98:7a:ed:5e:
9e:3a:b5:e9:c9:63:19:ee:9c:67:bf:04:a3:a9:f3:a9:97:45:
02:86:2f:f9:12:8e:ae:ce:a4:e5:7f:99:01:0b:fe:a9:00:72:
7a:5e:13:e4:43:16:98:7e:d7:8d:8c:c0:3e:66:c6:56:18:1e:
f5:ff:d5:de
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQlIc4o2NfVoBV35KC95WZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmQzZjg3MzI0MTkxZWU5MzY2MTdjYzkxYWQzNjk1NDhmMGZmOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHaIy2EJZZRANG7dr2b2w+oolvhT
293l5OzG3Hjb824qlTJn9ROfD4eAhxTieOwTp308ibi0pEs965uIs7Sp9vCS392+
Ag8II+XoRgdIsq0hyc9U0aKapfEIcusvoPIlfInx5xvRsFBlQWMVqZTsq3b2XzY9
GFdA1lgDMuyMhP4lnnLXPbPuSmhfxWNU60C0pRq5iNSQfYgr0SOLzAx3J7NNGhKf
MK26gcnuGHIKDacZZju/PZawGzQaptlb3ONeblGOFt3pJsix4ni2VavldFMH11GJ
WoU2b0nb7VxQtKFzAd7HpsYGSmlJxEXj1CV0FcjcEJrH1useiOTWUS/kIwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKLT+HMkGR7pNmF8yRrTaVSPD/ntMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvb3RQNGN5UVpIdWsyWVh6Skd0TnBWSThQLWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcCKg6xBwAk
AwYAKhAvAQEwDQYJKoZIhvcNAQELBQADggEBAFI132HV4oKKEKIICctMMBxqNuVm
XFDBoeqjcbNBX9duGIcobRHTZEtMKjDJBrZDixicKHdm6/ocUe6O2wUSPmMs6qmj
M9shDH+gL5jD+hFLzz8knjHFfijIBMln5FxfmjcTqBFXZRBPLXxIWnCCSn1C/tSf
vMU8vSXZPlHgC/UTwZ5m6YEQDHXYwPc7HhN9s9WcJyxbN3rHfHrDec8Y8IaNUPMI
v8Y/0Eri14J9ANnrMVZryRV7pMglleRYp/x+gl70mHrtXp46tenJYxnunGe/BKOp
86mXRQKGL/kSjq7OpOV/mQEL/qkAcnpeE+RDFph+142MwD5mxlYYHvX/1d4=
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:24:41 2025 by rpki-client