Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UO7xryDol2p3krIKMCkv999_urQ.roa
File: UO7xryDol2p3krIKMCkv999_urQ.roa (raw, json)
Hash identifier: Xy7Upoc2VsccaTx0EC/kw72OW1M9o27lrsbWbdMHCVw=
Subject key identifier: 50:EE:F1:AF:20:E8:97:6A:77:92:B2:0A:30:29:2F:F7:DF:7F:BA:B4
Certificate issuer: /CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Certificate serial: 01941FFA0A6D7FFDAF0D997FB99DA098B3E5
Authority key identifier: 51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UO7xryDol2p3krIKMCkv999_urQ.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215528
IP address blocks: 2a13:cc82:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0a:6d:7f:fd:af:0d:99:7f:b9:9d:a0:98:b3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50eef1af20e8976a7792b20a30292ff7df7fbab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fd:e5:ee:8f:63:84:89:53:bf:4a:36:79:78:
78:5a:45:3f:aa:fc:47:0c:b5:e2:35:ab:2f:17:cb:
cc:93:54:63:d3:f8:76:16:fa:c1:ea:81:21:31:cf:
4d:5c:f8:16:26:87:d2:f3:95:56:d7:f6:a8:63:1c:
90:37:e2:2e:85:b0:18:48:01:b8:51:63:90:48:c9:
be:e3:3e:75:62:04:fd:fa:93:90:e1:ac:b8:88:78:
f4:b6:7e:50:c3:f8:a9:77:d4:96:ae:20:38:2f:dc:
35:2d:a9:aa:c9:18:fe:5f:f8:50:4f:30:88:23:29:
cd:72:ac:0e:91:44:7a:48:6b:64:0f:cc:6b:87:fa:
3b:b6:cd:da:45:d8:09:51:e7:74:a6:6a:38:eb:5c:
de:34:7f:f5:c4:fd:1f:16:f0:f3:78:8e:ba:a7:22:
ec:39:a0:a5:e2:d5:46:be:ae:49:e7:69:67:1e:28:
50:9d:1c:93:72:1a:0d:fc:0d:05:ce:3d:b2:b0:8b:
d2:98:53:1b:28:2b:68:cd:49:66:29:a9:ff:f3:78:
2d:d5:7a:e0:4d:89:55:b1:f3:04:1d:ef:25:9a:76:
fe:37:6d:cb:c7:af:40:90:80:53:75:5d:ae:bb:f2:
ef:7a:4d:61:54:9f:89:d7:f0:06:c9:02:7e:5b:61:
db:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EE:F1:AF:20:E8:97:6A:77:92:B2:0A:30:29:2F:F7:DF:7F:BA:B4
X509v3 Authority Key Identifier:
keyid:51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UO7xryDol2p3krIKMCkv999_urQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cc82:2::/48
Signature Algorithm: sha256WithRSAEncryption
5a:04:d4:99:67:79:d0:42:17:b0:81:14:38:4d:9d:54:7d:51:
85:ce:27:07:02:aa:93:0f:e3:f4:02:e2:5b:b8:d9:5c:92:f5:
8a:cc:db:cb:01:8d:cf:c7:d7:25:37:40:43:8d:57:64:fd:ab:
5d:24:0e:e8:11:f6:b2:64:30:ca:1e:00:f6:3b:0a:05:39:1c:
6e:45:4e:a1:37:01:35:a1:75:5d:f1:11:10:55:b3:3c:c4:f0:
17:f8:2a:de:a2:c0:af:e1:3c:5e:d4:07:0b:62:2e:94:34:e5:
cd:8f:75:21:5a:c5:ee:31:33:78:af:e2:c1:2d:93:a7:1f:ea:
76:64:e1:2a:94:e5:a4:3b:4c:99:9e:59:3a:4b:9d:22:97:b8:
ec:b3:41:75:af:db:64:2f:50:e7:c2:2a:03:ec:7e:50:d0:f6:
2c:e0:57:57:7c:a3:68:18:19:fe:b4:cb:be:a3:06:89:7c:09:
e3:6a:c9:2a:14:a1:d0:85:dd:74:06:df:4a:73:34:69:51:cb:
9e:ab:e5:a4:ac:82:39:64:bc:8c:20:55:94:89:5e:bf:c1:5d:
61:30:72:00:ef:fe:41:82:46:3b:ab:da:07:22:4a:82:06:65:
c2:e8:20:b8:fb:df:59:ce:a1:61:b4:57:37:9a:12:66:70:4e:
19:cb:4b:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+gptf/2vDZl/uZ2gmLPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxN2EwYzk2ODQyYmFmYzlmNjMwYmExNGI4M2VhNzliZDEy
YTUzYjkwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGVlZjFhZjIwZTg5NzZhNzc5MmIyMGEzMDI5MmZmN2RmN2ZiYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP3l7o9jhIlTv0o2eXh4WkU/qvxH
DLXiNasvF8vMk1Rj0/h2FvrB6oEhMc9NXPgWJofS85VW1/aoYxyQN+IuhbAYSAG4
UWOQSMm+4z51YgT9+pOQ4ay4iHj0tn5Qw/ipd9SWriA4L9w1LamqyRj+X/hQTzCI
IynNcqwOkUR6SGtkD8xrh/o7ts3aRdgJUed0pmo461zeNH/1xP0fFvDzeI66pyLs
OaCl4tVGvq5J52lnHihQnRyTchoN/A0Fzj2ysIvSmFMbKCtozUlmKan/83gt1Xrg
TYlVsfMEHe8lmnb+N23Lx69AkIBTdV2uu/Lvek1hVJ+J1/AGyQJ+W2HbJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFDu8a8g6Jdqd5KyCjApL/fff7q0MB8GA1UdIwQY
MBaAFFF6DJaEK6/J9jC6FLg+p5vRKlO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMt
YjBlYjY3MTVlMGFmLzEvVU83eHJ5RG9sMnAza3JJS01Da3Y5OTlfdXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMtYjBlYjY3MTVlMGFm
LzEvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPMggAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBaBNSZZ3nQQhewgRQ4TZ1UfVGFzicHAqqTD+P0
AuJbuNlckvWKzNvLAY3Px9clN0BDjVdk/atdJA7oEfayZDDKHgD2OwoFORxuRU6h
NwE1oXVd8REQVbM8xPAX+CreosCv4Txe1AcLYi6UNOXNj3UhWsXuMTN4r+LBLZOn
H+p2ZOEqlOWkO0yZnlk6S50il7jss0F1r9tkL1DnwioD7H5Q0PYs4FdXfKNoGBn+
tMu+owaJfAnjaskqFKHQhd10Bt9KczRpUcueq+WkrII5ZLyMIFWUiV6/wV1hMHIA
7/5BgkY7q9oHIkqCBmXC6CC4+99ZzqFhtFc3mhJmcE4Zy0sx
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:30:56 2025 by rpki-client