Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/N7xILsK6QwLuCQez44WUBOptTis.roa
File: N7xILsK6QwLuCQez44WUBOptTis.roa (raw, json)
Hash identifier: XxWUHqyOUBtVspUIJDcafrz0KgDRuFZ6IdJIWaHjBqw=
Subject key identifier: 37:BC:48:2E:C2:BA:43:02:EE:09:07:B3:E3:85:94:04:EA:6D:4E:2B
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195BF3277FC8C2003C0DC7FE93509B62F59
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/N7xILsK6QwLuCQez44WUBOptTis.roa
Signing time: Sat 22 Mar 2025 18:51:50 +0000
ROA not before: Sat 22 Mar 2025 18:51:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215819
IP address blocks: 2a14:1102:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:32:77:fc:8c:20:03:c0:dc:7f:e9:35:09:b6:2f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 22 18:51:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37bc482ec2ba4302ee0907b3e3859404ea6d4e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5c:ff:d6:20:30:cf:73:60:f9:5c:b5:0c:75:
5e:15:e1:72:5a:1f:27:4c:32:a6:6a:5f:b0:16:49:
0b:0a:b5:b5:09:84:25:3b:2c:6c:c7:6c:8a:d4:a4:
15:59:30:30:41:62:0e:71:66:16:a3:74:36:86:b6:
1b:43:64:57:b3:c3:d8:2f:01:23:9f:b8:ad:8f:5f:
87:27:f7:15:ac:fd:fd:47:b5:ab:52:f2:41:72:bc:
3c:e9:f9:e7:10:ce:ff:6f:73:62:3f:d1:59:6d:c1:
a0:4b:bf:99:26:f7:a0:ae:9d:56:7f:8a:50:88:b5:
e4:3f:d1:3c:eb:0b:f5:28:c0:6e:f8:ce:ad:9b:c8:
7e:95:10:7e:86:f4:ac:da:9d:de:37:42:b8:95:3d:
76:2c:ee:ef:40:91:a9:19:58:b0:6e:41:ed:72:6d:
1a:e9:58:e3:86:57:88:6c:a0:84:5e:84:30:99:05:
f2:b4:97:98:f4:68:ad:42:d6:36:03:65:67:ca:ab:
23:d5:c4:95:de:75:04:7f:80:36:9e:66:57:37:40:
c7:50:28:74:fa:5b:f3:01:ac:da:80:2c:ce:8e:ef:
7a:54:0e:9a:ba:fa:4b:10:7a:23:c9:11:97:6f:99:
88:61:33:38:6c:5b:fd:d9:36:25:68:4b:14:2b:98:
34:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BC:48:2E:C2:BA:43:02:EE:09:07:B3:E3:85:94:04:EA:6D:4E:2B
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/N7xILsK6QwLuCQez44WUBOptTis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1102:8000::/33
Signature Algorithm: sha256WithRSAEncryption
7b:ba:08:5a:96:fe:1f:82:2c:7f:b7:59:74:8a:ff:d3:f0:4f:
83:db:73:43:24:08:be:b4:94:3c:2a:68:98:83:69:4b:9c:4c:
f5:26:d8:87:09:bd:c1:f0:c4:13:7d:1e:df:99:44:c1:95:68:
b2:2d:81:fa:75:8f:2b:a1:fd:94:ac:cd:77:2b:09:ee:cb:81:
5f:b8:1a:9e:7e:a1:82:95:f1:a4:00:a9:3f:ce:d3:5b:76:cb:
01:34:da:71:73:6a:16:d3:d4:3f:be:80:4c:82:58:fe:18:75:
96:63:4d:90:41:4f:c0:66:e6:1c:a5:fa:d6:a3:ea:63:e6:6f:
b4:97:4c:0c:ba:88:24:d8:b2:22:06:ee:d4:45:13:d5:c7:04:
c4:d0:19:f0:a9:bf:01:a0:63:7a:59:03:20:fc:41:4a:45:a1:
07:fc:e5:04:ce:82:52:6e:fa:f8:9c:33:63:ca:d9:7d:05:5e:
f9:08:b0:18:68:71:fe:20:36:5a:c5:61:6c:c6:6d:52:c4:3e:
3b:89:17:b5:8c:90:c4:51:ba:0e:f5:c7:e6:31:23:4b:99:a4:
8e:43:43:93:08:27:52:30:d7:84:0e:0a:1f:be:85:35:35:d8:
28:6b:16:ec:6f:fa:82:07:02:3a:0b:d4:a4:b4:45:5a:a0:7b:
27:b4:79:e0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZW/Mnf8jCADwNx/6TUJti9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIyMTg1MTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JjNDgyZWMyYmE0MzAyZWUwOTA3YjNlMzg1OTQwNGVhNmQ0ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lz/1iAwz3Ng+Vy1DHVeFeFyWh8n
TDKmal+wFkkLCrW1CYQlOyxsx2yK1KQVWTAwQWIOcWYWo3Q2hrYbQ2RXs8PYLwEj
n7itj1+HJ/cVrP39R7WrUvJBcrw86fnnEM7/b3NiP9FZbcGgS7+ZJvegrp1Wf4pQ
iLXkP9E86wv1KMBu+M6tm8h+lRB+hvSs2p3eN0K4lT12LO7vQJGpGViwbkHtcm0a
6VjjhleIbKCEXoQwmQXytJeY9GitQtY2A2Vnyqsj1cSV3nUEf4A2nmZXN0DHUCh0
+lvzAazagCzOju96VA6auvpLEHojyRGXb5mIYTM4bFv92TYlaEsUK5g0hQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDe8SC7CukMC7gkHs+OFlATqbU4rMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvTjd4SUxzSzZRd0x1Q1FlejQ0V1VCT3B0VGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhQRAoAw
DQYJKoZIhvcNAQELBQADggEBAHu6CFqW/h+CLH+3WXSK/9PwT4Pbc0MkCL60lDwq
aJiDaUucTPUm2IcJvcHwxBN9Ht+ZRMGVaLItgfp1jyuh/ZSszXcrCe7LgV+4Gp5+
oYKV8aQAqT/O01t2ywE02nFzahbT1D++gEyCWP4YdZZjTZBBT8Bm5hyl+taj6mPm
b7SXTAy6iCTYsiIG7tRFE9XHBMTQGfCpvwGgY3pZAyD8QUpFoQf85QTOglJu+vic
M2PK2X0FXvkIsBhocf4gNlrFYWzGbVLEPjuJF7WMkMRRug71x+YxI0uZpI5DQ5MI
J1Iw14QOCh++hTU12ChrFuxv+oIHAjoL1KS0RVqgeye0eeA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:30:59 2025 by rpki-client