Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/6914ce-66c2-4238-92b7-a2d636f325e6/1/U5cqWkNYnX_IKXRLiqWhPWLnj30.roa
File: U5cqWkNYnX_IKXRLiqWhPWLnj30.roa (raw, json)
Hash identifier: rOJ0i9MLtk8hwnYB2wL88M/HGe+Y/PZ5cxU/VSesy7g=
Subject key identifier: 53:97:2A:5A:43:58:9D:7F:C8:29:74:4B:8A:A5:A1:3D:62:E7:8F:7D
Certificate issuer: /CN=d0113dd5d0759c03009380140c668ebbd1f9c168
Certificate serial: 0194228E30B99E98B54EEC7C3DCB64EFDDD5
Authority key identifier: D0:11:3D:D5:D0:75:9C:03:00:93:80:14:0C:66:8E:BB:D1:F9:C1:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BE91dB1nAMAk4AUDGaOu9H5wWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/6914ce-66c2-4238-92b7-a2d636f325e6/1/U5cqWkNYnX_IKXRLiqWhPWLnj30.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21641
IP address blocks: 2a0e:8a84::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:30:b9:9e:98:b5:4e:ec:7c:3d:cb:64:ef:dd:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0113dd5d0759c03009380140c668ebbd1f9c168
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53972a5a43589d7fc829744b8aa5a13d62e78f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4a:a6:03:fb:cd:bf:e6:2d:a3:26:ff:59:a3:
34:ea:84:f0:6b:ea:dc:c2:00:03:bf:12:cb:24:1b:
75:9f:9d:a7:52:ac:15:d3:66:08:c3:74:08:08:13:
3a:c2:9f:a8:c1:98:03:5a:cc:e3:66:4d:9d:68:e0:
59:df:2b:b7:b3:c0:74:7d:36:72:3e:e7:32:ef:96:
79:18:78:68:0f:f4:f9:8f:f3:4f:d9:0b:de:5c:19:
1d:5f:a0:3a:b6:73:b6:46:dc:c4:cc:ed:13:6f:a7:
69:07:a8:06:85:78:e4:be:2e:47:4f:84:1f:0e:66:
12:d0:18:bd:9c:33:70:1a:ee:85:2c:3b:4f:2f:32:
90:4b:5e:c0:6f:f1:e4:73:1f:99:58:2a:3b:21:4e:
f6:3a:45:a5:bc:94:14:4d:d0:2b:4a:45:03:81:a6:
34:14:01:62:13:00:da:53:58:51:1d:a9:db:eb:a5:
06:d6:3b:20:6e:ce:9d:fe:1a:13:25:0e:f0:78:e8:
50:87:50:f1:6b:e0:3a:60:24:62:41:51:f3:17:b0:
c1:10:c6:53:fc:e6:8c:0e:78:af:71:b5:2b:b6:d6:
89:82:42:56:76:dc:41:df:57:e9:96:69:33:7c:52:
fb:75:a6:fe:34:2e:76:3e:be:78:95:b1:4c:6c:13:
c5:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:97:2A:5A:43:58:9D:7F:C8:29:74:4B:8A:A5:A1:3D:62:E7:8F:7D
X509v3 Authority Key Identifier:
keyid:D0:11:3D:D5:D0:75:9C:03:00:93:80:14:0C:66:8E:BB:D1:F9:C1:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BE91dB1nAMAk4AUDGaOu9H5wWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/6914ce-66c2-4238-92b7-a2d636f325e6/1/U5cqWkNYnX_IKXRLiqWhPWLnj30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/6914ce-66c2-4238-92b7-a2d636f325e6/1/0BE91dB1nAMAk4AUDGaOu9H5wWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8a84::/32
Signature Algorithm: sha256WithRSAEncryption
2f:5b:60:bb:55:64:30:0b:c4:97:d8:a9:17:8c:8f:5e:1a:4a:
9c:25:1b:f2:10:0c:d4:4b:0b:a4:7a:9d:82:dd:89:25:c4:a9:
3d:8a:dc:d9:16:a1:81:0c:79:68:56:cb:3d:19:25:f8:a4:b4:
e2:07:53:16:ba:2e:d5:fd:4d:ea:f7:7d:43:da:8e:f0:27:39:
ba:fe:6b:7e:7e:08:00:21:1a:2b:10:76:42:e2:f0:d0:3b:fe:
34:8a:40:5d:2a:88:96:dd:c3:c8:8c:a3:38:72:09:78:2e:ba:
10:37:cd:22:e7:a0:4a:61:48:d3:05:b0:57:0a:e4:83:d6:f5:
c1:09:36:e7:9d:da:8e:45:50:34:31:20:ab:0e:85:e9:4c:3f:
ce:92:c8:c1:eb:fa:02:50:4b:b6:2c:c5:a5:34:b6:49:f8:d0:
aa:3e:1e:c9:73:8c:bf:2b:1e:e0:64:0a:f2:fc:ad:e5:01:ba:
d2:a6:ef:5d:c5:4e:76:17:dd:ca:13:d3:4b:b8:af:fa:23:44:
52:be:a2:04:37:19:bb:e8:a2:5f:6b:cf:7b:8c:dd:44:b8:3d:
84:a3:bd:db:8b:12:2d:84:ca:9d:54:f2:0a:1f:12:94:57:dc:
2b:b1:e8:7e:68:a6:d9:f7:18:37:76:cd:c8:05:53:ed:6b:ba:
af:87:12:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQijjC5npi1Tux8Pctk793VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMTEzZGQ1ZDA3NTljMDMwMDkzODAxNDBjNjY4ZWJiZDFm
OWMxNjgwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk3MmE1YTQzNTg5ZDdmYzgyOTc0NGI4YWE1YTEzZDYyZTc4ZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EqmA/vNv+Ytoyb/WaM06oTwa+rc
wgADvxLLJBt1n52nUqwV02YIw3QICBM6wp+owZgDWszjZk2daOBZ3yu3s8B0fTZy
Pucy75Z5GHhoD/T5j/NP2QveXBkdX6A6tnO2RtzEzO0Tb6dpB6gGhXjkvi5HT4Qf
DmYS0Bi9nDNwGu6FLDtPLzKQS17Ab/Hkcx+ZWCo7IU72OkWlvJQUTdArSkUDgaY0
FAFiEwDaU1hRHanb66UG1jsgbs6d/hoTJQ7weOhQh1Dxa+A6YCRiQVHzF7DBEMZT
/OaMDnivcbUrttaJgkJWdtxB31fplmkzfFL7dab+NC52Pr54lbFMbBPFoQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFOXKlpDWJ1/yCl0S4qloT1i5499MB8GA1UdIwQY
MBaAFNARPdXQdZwDAJOAFAxmjrvR+cFoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEJFOTFkQjFuQU1BazRBVURHYU91OUg1d1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS82OTE0Y2UtNjZjMi00MjM4LTkyYjct
YTJkNjM2ZjMyNWU2LzEvVTVjcVdrTlluWF9JS1hSTGlxV2hQV0xuajMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS82OTE0Y2UtNjZjMi00MjM4LTkyYjctYTJkNjM2ZjMyNWU2
LzEvMEJFOTFkQjFuQU1BazRBVURHYU91OUg1d1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg6KhDAN
BgkqhkiG9w0BAQsFAAOCAQEAL1tgu1VkMAvEl9ipF4yPXhpKnCUb8hAM1EsLpHqd
gt2JJcSpPYrc2RahgQx5aFbLPRkl+KS04gdTFrou1f1N6vd9Q9qO8Cc5uv5rfn4I
ACEaKxB2QuLw0Dv+NIpAXSqIlt3DyIyjOHIJeC66EDfNIuegSmFI0wWwVwrkg9b1
wQk2553ajkVQNDEgqw6F6Uw/zpLIwev6AlBLtizFpTS2SfjQqj4eyXOMvyse4GQK
8vyt5QG60qbvXcVOdhfdyhPTS7iv+iNEUr6iBDcZu+iiX2vPe4zdRLg9hKO924sS
LYTKnVTyCh8SlFfcK7Hofmim2fcYN3bNyAVT7Wu6r4cS1w==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:50:02 2025 by rpki-client