Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/VuDAkYQz4YbjMw9baoDcqo0utQE.roa
File: VuDAkYQz4YbjMw9baoDcqo0utQE.roa (raw, json)
Hash identifier: qb3v8K9bKRA0SiijhoKdyAEC98EBS0JX4313QJALZhc=
Subject key identifier: 56:E0:C0:91:84:33:E1:86:E3:33:0F:5B:6A:80:DC:AA:8D:2E:B5:01
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195BF32759601831597953061CA1986DBF5
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/VuDAkYQz4YbjMw9baoDcqo0utQE.roa
Signing time: Sat 22 Mar 2025 18:51:49 +0000
ROA not before: Sat 22 Mar 2025 18:51:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205227
IP address blocks: 2a14:1102::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:32:75:96:01:83:15:97:95:30:61:ca:19:86:db:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 22 18:51:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56e0c0918433e186e3330f5b6a80dcaa8d2eb501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a8:62:a7:b8:87:8e:2f:e7:03:c3:3f:55:ce:
9c:04:ce:1b:33:15:f8:bc:7c:6c:25:6f:67:59:24:
20:18:80:21:ac:8f:1d:53:65:ec:a3:42:f0:36:67:
44:72:9d:c5:97:d0:a8:0d:a0:0c:56:00:32:bc:f6:
e7:ab:be:56:e2:f2:7a:d0:94:69:62:35:77:c5:66:
91:03:23:ca:65:b3:f3:d9:bc:56:15:4a:a9:81:10:
de:99:f9:ca:ec:a1:8a:4e:8f:6a:e5:bc:df:8b:ab:
4a:20:94:14:d0:3e:f1:7d:b6:b3:d3:46:c5:d3:59:
b3:82:5d:4f:85:94:3d:1b:d8:27:bd:cd:ac:b1:5d:
85:15:09:4d:13:80:a1:09:b6:7c:ec:a5:61:75:17:
9f:8c:88:c1:be:ba:6a:a5:bf:db:05:d9:da:58:10:
5a:eb:7c:94:f9:0b:2d:0a:32:b5:a4:76:79:6c:48:
be:e5:80:ce:c3:c6:e5:1d:a2:b8:be:c1:c8:18:60:
44:c2:98:38:b6:db:3f:00:2b:23:81:ea:a3:d0:94:
48:1a:b8:d0:67:ab:b3:b2:d9:65:bc:f8:4c:a3:a8:
65:0e:7c:de:46:3c:3a:7a:8a:89:3b:66:06:cc:05:
f9:b0:da:11:db:f4:a9:b5:28:46:6d:e9:0c:23:8e:
d5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E0:C0:91:84:33:E1:86:E3:33:0F:5B:6A:80:DC:AA:8D:2E:B5:01
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/VuDAkYQz4YbjMw9baoDcqo0utQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1102::/33
Signature Algorithm: sha256WithRSAEncryption
6b:2c:36:1d:5e:8c:e0:09:a1:7f:33:31:f4:6d:11:bf:61:dd:
7c:50:29:9f:ef:d0:2a:74:bd:ac:a2:99:fb:2e:5a:0c:d4:ac:
d8:82:9b:37:4c:50:c9:0e:16:2a:03:d0:f5:dd:a1:18:3b:93:
2a:b1:ed:c0:27:94:56:d8:a6:84:bb:41:3a:d7:5d:aa:4e:a3:
61:a5:ac:68:78:e5:3e:57:16:44:1b:e3:74:f9:77:3f:dc:3a:
5a:3e:84:f5:0f:0f:7f:d6:0c:5f:fb:83:8a:40:1e:f4:44:02:
dd:e9:32:b2:d3:4c:f3:f7:06:c8:76:2f:6e:d2:e3:44:48:dd:
47:32:07:7a:ca:ed:af:db:79:a8:b6:fc:42:61:da:5e:70:51:
66:2a:a4:76:88:e3:ed:d7:61:df:63:2d:91:db:3b:bc:8f:38:
69:12:27:7d:96:a5:28:c3:64:38:ab:09:1f:5d:05:cd:2c:57:
4b:ce:3d:b8:07:9e:f4:e2:67:1e:5a:14:3a:ca:ce:73:d5:b0:
85:4f:27:e7:f6:64:1a:0d:50:21:54:4c:06:75:17:d1:30:bb:
8f:ae:f0:ae:4a:f3:45:8b:8a:04:05:fd:55:a0:6f:39:a1:43:
53:0f:6f:75:70:2d:7f:fd:4b:93:57:a6:99:89:fd:89:d3:ea:
b0:2d:c5:cb
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZW/MnWWAYMVl5UwYcoZhtv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIyMTg1MTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmUwYzA5MTg0MzNlMTg2ZTMzMzBmNWI2YTgwZGNhYThkMmViNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46hip7iHji/nA8M/Vc6cBM4bMxX4
vHxsJW9nWSQgGIAhrI8dU2Xso0LwNmdEcp3Fl9CoDaAMVgAyvPbnq75W4vJ60JRp
YjV3xWaRAyPKZbPz2bxWFUqpgRDemfnK7KGKTo9q5bzfi6tKIJQU0D7xfbaz00bF
01mzgl1PhZQ9G9gnvc2ssV2FFQlNE4ChCbZ87KVhdRefjIjBvrpqpb/bBdnaWBBa
63yU+QstCjK1pHZ5bEi+5YDOw8blHaK4vsHIGGBEwpg4tts/ACsjgeqj0JRIGrjQ
Z6uzstllvPhMo6hlDnzeRjw6eoqJO2YGzAX5sNoR2/SptShGbekMI47VSQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFbgwJGEM+GG4zMPW2qA3KqNLrUBMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvVnVEQWtZUXo0WWJqTXc5YmFvRGNxbzB1dFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhQRAgAw
DQYJKoZIhvcNAQELBQADggEBAGssNh1ejOAJoX8zMfRtEb9h3XxQKZ/v0Cp0vayi
mfsuWgzUrNiCmzdMUMkOFioD0PXdoRg7kyqx7cAnlFbYpoS7QTrXXapOo2GlrGh4
5T5XFkQb43T5dz/cOlo+hPUPD3/WDF/7g4pAHvREAt3pMrLTTPP3Bsh2L27S40RI
3UcyB3rK7a/beai2/EJh2l5wUWYqpHaI4+3XYd9jLZHbO7yPOGkSJ32WpSjDZDir
CR9dBc0sV0vOPbgHnvTiZx5aFDrKznPVsIVPJ+f2ZBoNUCFUTAZ1F9Ewu4+u8K5K
80WLigQF/VWgbzmhQ1MPb3VwLX/9S5NXppmJ/YnT6rAtxcs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:47:30 2025 by rpki-client