Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/1rxQLIAJBsFuVfHKAE36SSy0318.roa
File: 1rxQLIAJBsFuVfHKAE36SSy0318.roa (raw, json)
Hash identifier: aEiOeo+IDDx1mtQvh2mfZVHuPwr3q9ZP8l4CvowWfAQ=
Subject key identifier: D6:BC:50:2C:80:09:06:C1:6E:55:F1:CA:00:4D:FA:49:2C:B4:DF:5F
Certificate issuer: /CN=17526ccac4f9064e058549b30172c84439787fbc
Certificate serial: 019421B23E8C1688A97C17DFF5ED07821527
Authority key identifier: 17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/1rxQLIAJBsFuVfHKAE36SSy0318.roa
Signing time: Wed 01 Jan 2025 11:48:37 +0000
ROA not before: Wed 01 Jan 2025 11:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208661
IP address blocks: 2a0c:b6c3::/32 maxlen: 32
2a0c:b6c4::/32 maxlen: 32
2a0c:b6c5::/32 maxlen: 32
2a0c:b6c6::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3e:8c:16:88:a9:7c:17:df:f5:ed:07:82:15:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17526ccac4f9064e058549b30172c84439787fbc
Validity
Not Before: Jan 1 11:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6bc502c800906c16e55f1ca004dfa492cb4df5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:52:0a:ac:0a:31:8a:5b:a0:3f:0b:b5:c1:9e:
54:e9:76:d0:c8:62:37:f4:c4:be:7d:7a:c8:61:38:
57:69:ac:5b:41:96:c3:b5:45:0e:b3:c2:34:2a:32:
a5:59:79:90:6d:7f:28:ec:46:d8:6a:fa:e8:e9:d1:
28:c1:af:bb:72:b0:42:ef:81:a6:e6:1f:62:1d:ba:
4c:a4:40:da:60:fc:a1:4f:d2:ad:0b:7c:c2:ce:2d:
64:3d:f1:58:f0:25:91:c1:47:b2:b8:93:ed:32:c9:
98:a5:9a:89:66:e3:f1:76:d2:d5:83:3f:74:3d:92:
71:67:62:b4:53:64:d3:6b:22:26:17:f4:e9:df:2d:
f0:74:38:dd:f4:e8:8d:41:64:b0:c0:e4:7f:4b:f3:
05:a7:b2:45:8e:c2:a0:b8:aa:e4:5c:0b:89:d9:a6:
b0:ec:6a:d6:b2:7e:6f:28:39:4b:a1:fb:64:05:92:
0f:52:67:86:d2:78:79:6e:94:b4:a9:3e:13:44:c6:
9a:36:3b:b6:48:22:61:23:f4:8e:32:8b:f8:fe:98:
39:03:b4:3a:2a:6c:98:97:f4:2b:c3:1b:78:3e:c6:
69:35:d4:18:d7:d5:33:07:c2:40:f7:3e:e5:24:34:
ad:2b:bb:2e:a3:96:37:bf:7f:1e:b4:07:c3:66:42:
46:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:BC:50:2C:80:09:06:C1:6E:55:F1:CA:00:4D:FA:49:2C:B4:DF:5F
X509v3 Authority Key Identifier:
keyid:17:52:6C:CA:C4:F9:06:4E:05:85:49:B3:01:72:C8:44:39:78:7F:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1JsysT5Bk4FhUmzAXLIRDl4f7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/1rxQLIAJBsFuVfHKAE36SSy0318.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c9aa81-5bfd-4535-9606-941cc6a7bad9/1/F1JsysT5Bk4FhUmzAXLIRDl4f7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b6c3::-2a0c:b6c6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
73:8f:aa:15:5c:56:e4:53:e8:42:da:ae:ac:74:a3:0b:68:c6:
c0:1b:c5:34:05:09:41:01:92:49:81:70:75:73:d4:cc:1b:b2:
84:cc:0e:99:9b:dc:ca:b4:9c:2c:17:2a:ac:f4:73:e1:88:80:
1a:6d:23:10:c4:ff:bd:d8:ef:0d:43:30:92:07:5d:ee:63:5e:
ab:a9:9f:8d:7e:73:12:58:fa:7f:8e:2b:40:40:f3:39:13:c1:
69:5d:a7:20:5d:75:b1:38:11:18:ca:51:d3:36:24:42:22:93:
85:fa:06:d7:82:60:da:a6:16:62:af:b2:8c:a7:40:4e:83:1a:
3c:0e:3c:6d:9e:96:1c:98:69:75:af:84:47:e6:46:47:73:19:
3c:69:eb:4a:ef:a9:87:ce:82:2e:fb:b0:ab:16:59:3a:88:fe:
00:e1:e0:a7:45:55:82:92:5f:2c:e9:67:27:00:4d:93:a2:79:
c1:ab:17:c3:cc:26:fe:9e:8e:b4:6e:69:fa:37:6d:e6:5e:4a:
38:a7:ed:df:46:66:70:62:57:ef:b5:99:6a:04:f8:87:29:b5:
0e:48:82:62:cb:2e:89:1c:18:dc:32:a8:13:7e:95:fb:73:73:
b9:05:42:67:5b:c7:b4:de:2e:e8:03:38:b9:c3:54:fc:f3:1d:
ad:f5:da:63
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQhsj6MFoipfBff9e0HghUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTI2Y2NhYzRmOTA2NGUwNTg1NDliMzAxNzJjODQ0Mzk3
ODdmYmMwHhcNMjUwMTAxMTE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmJjNTAyYzgwMDkwNmMxNmU1NWYxY2EwMDRkZmE0OTJjYjRkZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1IKrAoxilugPwu1wZ5U6XbQyGI3
9MS+fXrIYThXaaxbQZbDtUUOs8I0KjKlWXmQbX8o7EbYavro6dEowa+7crBC74Gm
5h9iHbpMpEDaYPyhT9KtC3zCzi1kPfFY8CWRwUeyuJPtMsmYpZqJZuPxdtLVgz90
PZJxZ2K0U2TTayImF/Tp3y3wdDjd9OiNQWSwwOR/S/MFp7JFjsKguKrkXAuJ2aaw
7GrWsn5vKDlLoftkBZIPUmeG0nh5bpS0qT4TRMaaNju2SCJhI/SOMov4/pg5A7Q6
KmyYl/Qrwxt4PsZpNdQY19UzB8JA9z7lJDStK7suo5Y3v38etAfDZkJGpwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNa8UCyACQbBblXxygBN+kkstN9fMB8GA1UdIwQY
MBaAFBdSbMrE+QZOBYVJswFyyEQ5eH+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYt
OTQxY2M2YTdiYWQ5LzEvMXJ4UUxJQUpCc0Z1VmZIS0FFMzZTU3kwMzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jOWFhODEtNWJmZC00NTM1LTk2MDYtOTQxY2M2YTdiYWQ5
LzEvRjFKc3lzVDVCazRGaFVtekFYTElSRGw0Zjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDLbD
AwUAKgy2xjANBgkqhkiG9w0BAQsFAAOCAQEAc4+qFVxW5FPoQtqurHSjC2jGwBvF
NAUJQQGSSYFwdXPUzBuyhMwOmZvcyrScLBcqrPRz4YiAGm0jEMT/vdjvDUMwkgdd
7mNeq6mfjX5zElj6f44rQEDzORPBaV2nIF11sTgRGMpR0zYkQiKThfoG14Jg2qYW
Yq+yjKdAToMaPA48bZ6WHJhpda+ER+ZGR3MZPGnrSu+ph86CLvuwqxZZOoj+AOHg
p0VVgpJfLOlnJwBNk6J5wasXw8wm/p6OtG5p+jdt5l5KOKft30ZmcGJX77WZagT4
hym1DkiCYssuiRwY3DKoE36V+3NzuQVCZ1vHtN4u6AM4ucNU/PMdrfXaYw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:27:49 2025 by rpki-client