Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/_nH3cPU3PrciJvf2cSH-1emIRyg.roa
File: _nH3cPU3PrciJvf2cSH-1emIRyg.roa (raw, json)
Hash identifier: BCY42q/DFayG+lgVA9wLBm0F3TxVoqg0RFvWtLPEpMs=
Subject key identifier: FE:71:F7:70:F5:37:3E:B7:22:26:F7:F6:71:21:FE:D5:E9:88:47:28
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195BF318C0AF4F94A6E0335A9C0D2A46438
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/_nH3cPU3PrciJvf2cSH-1emIRyg.roa
Signing time: Sat 22 Mar 2025 18:50:50 +0000
ROA not before: Sat 22 Mar 2025 18:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215059
IP address blocks: 2a10:77c0::/29 maxlen: 29
2a14:1100:8000::/33 maxlen: 33
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bf:31:8c:0a:f4:f9:4a:6e:03:35:a9:c0:d2:a4:64:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 22 18:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe71f770f5373eb72226f7f67121fed5e9884728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:72:3a:3f:98:08:dc:80:35:8e:f3:7e:ad:bb:
bb:1a:ba:c2:eb:64:ec:2a:33:89:80:4d:22:d9:69:
1e:ce:08:79:00:98:4d:52:19:2d:53:3c:0e:8c:5b:
ae:a7:64:8d:8b:2f:9b:79:db:d9:96:d3:69:8e:ae:
e6:ce:b9:95:96:66:42:34:e0:54:fe:39:6e:9a:d1:
86:af:ed:bb:58:66:d4:38:37:2d:8a:3f:81:d1:d9:
65:08:1a:fb:42:cd:62:60:c7:07:76:85:c7:f7:9a:
b3:90:07:99:3e:44:68:47:8b:94:c2:31:3c:9f:5f:
af:5b:8f:f5:ba:74:4f:e2:06:f7:a0:8b:63:8d:f6:
42:25:bd:17:8f:51:53:21:ab:47:64:f7:56:07:c3:
a3:58:03:57:f2:15:41:f8:6f:ab:c2:90:05:1c:e8:
29:cc:c3:49:07:28:61:36:8e:96:9e:49:da:81:93:
a3:06:18:1a:51:34:95:71:72:f4:17:c7:59:7a:94:
b9:57:76:a3:54:60:7d:b4:9d:87:9d:27:33:23:aa:
f7:08:94:16:30:29:dc:d7:f4:6f:e9:bd:e6:7f:2b:
66:33:f9:43:05:1b:e4:6f:f8:3e:30:c7:7f:ca:d1:
e3:22:7b:32:7c:7c:1a:9a:4d:bf:90:2b:eb:e2:0b:
a8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:71:F7:70:F5:37:3E:B7:22:26:F7:F6:71:21:FE:D5:E9:88:47:28
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/_nH3cPU3PrciJvf2cSH-1emIRyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:77c0::/29
2a14:1100:8000::/33
Signature Algorithm: sha256WithRSAEncryption
6b:b5:ed:69:01:1c:13:b2:a2:fd:ac:5f:da:41:07:5e:1c:82:
87:6a:c3:5b:97:9f:85:b1:1e:14:77:8b:e4:13:4b:79:77:d1:
cc:d0:c5:ce:2c:f8:41:47:75:48:31:e8:21:4f:2c:df:5a:fd:
ca:f8:e8:24:cd:e6:9e:c3:ad:03:fb:22:a0:83:18:f2:b4:76:
1e:68:a1:15:da:9e:db:f5:d6:88:20:e1:71:7b:36:f7:7e:30:
a4:22:73:51:9b:83:c6:0c:ff:a2:51:a8:20:05:02:cf:ed:ab:
9b:26:4e:c9:1b:43:cc:ee:26:1f:6a:44:c1:49:4f:a4:4c:7e:
ec:5b:d8:9f:d8:63:59:c9:d8:76:3d:6b:49:2c:0d:c5:c7:84:
1c:79:9a:0c:66:07:8a:f4:89:80:16:f5:5a:e5:d6:ca:98:e4:
c2:d1:65:8b:3f:db:4a:db:43:f5:9f:ce:4d:72:9d:83:ec:b5:
29:eb:94:de:76:e5:3c:8e:64:9e:f0:4d:36:d7:bf:3d:a1:b0:
2c:e8:9f:22:47:ae:ad:68:07:76:c3:17:2f:1d:f4:df:2d:0b:
ba:c4:8c:49:e5:aa:a3:64:19:21:d5:81:6d:ac:7f:7b:fd:df:
40:3c:94:d2:29:25:55:67:97:80:72:db:e9:9f:01:11:d8:8c:
2a:3d:05:f3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZW/MYwK9PlKbgM1qcDSpGQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzIyMTg1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTcxZjc3MGY1MzczZWI3MjIyNmY3ZjY3MTIxZmVkNWU5ODg0NzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3I6P5gI3IA1jvN+rbu7GrrC62Ts
KjOJgE0i2Wkezgh5AJhNUhktUzwOjFuup2SNiy+bedvZltNpjq7mzrmVlmZCNOBU
/jlumtGGr+27WGbUODctij+B0dllCBr7Qs1iYMcHdoXH95qzkAeZPkRoR4uUwjE8
n1+vW4/1unRP4gb3oItjjfZCJb0Xj1FTIatHZPdWB8OjWANX8hVB+G+rwpAFHOgp
zMNJByhhNo6WnknagZOjBhgaUTSVcXL0F8dZepS5V3ajVGB9tJ2HnSczI6r3CJQW
MCnc1/Rv6b3mfytmM/lDBRvkb/g+MMd/ytHjInsyfHwamk2/kCvr4guoGwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFP5x93D1Nz63Iib39nEh/tXpiEcoMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvX25IM2NQVTNQcmNpSnZmMmNTSC0xZW1JUnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwUDKhB3wAMG
ByoUEQCAMA0GCSqGSIb3DQEBCwUAA4IBAQBrte1pARwTsqL9rF/aQQdeHIKHasNb
l5+FsR4Ud4vkE0t5d9HM0MXOLPhBR3VIMeghTyzfWv3K+Ogkzeaew60D+yKggxjy
tHYeaKEV2p7b9daIIOFxezb3fjCkInNRm4PGDP+iUaggBQLP7aubJk7JG0PM7iYf
akTBSU+kTH7sW9if2GNZydh2PWtJLA3Fx4QceZoMZgeK9ImAFvVa5dbKmOTC0WWL
P9tK20P1n85Ncp2D7LUp65TeduU8jmSe8E021789obAs6J8iR66taAd2wxcvHfTf
LQu6xIxJ5aqjZBkh1YFtrH97/d9APJTSKSVVZ5eActvpnwER2IwqPQXz
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:13:08 2025 by rpki-client