Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/cALRRqL0ihrntADr1Zf3Xbtw0Xo.roa
File: cALRRqL0ihrntADr1Zf3Xbtw0Xo.roa (raw, json)
Hash identifier: o6PErmsvlXUGVFgPmFgWQjBOLMMyyF53Zqk0rZ/2ZIE=
Subject key identifier: 70:02:D1:46:A2:F4:8A:1A:E7:B4:00:EB:D5:97:F7:5D:BB:70:D1:7A
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019423D6FA64E23A4687F8CF0E3481CF655B
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/cALRRqL0ihrntADr1Zf3Xbtw0Xo.roa
Signing time: Wed 01 Jan 2025 21:47:58 +0000
ROA not before: Wed 01 Jan 2025 21:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 2a11:3c43::/32 maxlen: 32
2a11:3c46::/32 maxlen: 32
2a11:6bc3::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:fa:64:e2:3a:46:87:f8:cf:0e:34:81:cf:65:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7002d146a2f48a1ae7b400ebd597f75dbb70d17a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:10:c3:f9:e6:6c:69:be:a4:42:cc:bc:4a:
75:d9:25:23:67:44:c4:c6:d0:72:a3:46:ea:46:61:
69:c7:66:ac:d5:8b:68:d0:81:d9:ec:4f:b8:1f:ee:
30:5e:7e:cc:04:48:ae:e8:e6:8e:88:48:88:87:17:
44:0a:c5:05:b2:99:e8:cb:ef:0b:47:54:e3:ec:64:
69:a5:49:52:17:61:74:38:3b:0b:87:90:8e:5a:2f:
75:58:7b:22:81:9b:22:07:bf:d4:c7:d7:98:26:52:
9c:92:c8:5e:c1:67:f0:bf:6b:c6:be:eb:dd:4a:3d:
da:fb:d3:34:e1:ed:4a:d0:d8:34:d1:6a:25:a3:fb:
4b:b9:dd:61:d1:17:8e:b6:f8:a2:e0:c9:64:a2:ad:
34:97:22:c9:34:23:18:c0:c7:52:2a:de:51:af:f7:
e5:94:62:5c:f7:b9:df:6f:a0:23:aa:89:1c:2f:34:
4e:03:52:b1:9e:98:db:a2:d6:a7:a8:02:a7:10:d0:
a3:29:7c:a3:47:bb:44:a1:ef:60:2e:0a:35:7f:a6:
44:53:4b:28:75:b9:f7:29:9c:30:48:42:81:51:45:
8b:0b:43:cd:2b:04:9f:e5:1d:c5:0d:9e:3b:2e:a3:
0d:09:18:2c:25:54:ec:cf:b0:c0:cd:ce:40:bd:ad:
23:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:02:D1:46:A2:F4:8A:1A:E7:B4:00:EB:D5:97:F7:5D:BB:70:D1:7A
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/cALRRqL0ihrntADr1Zf3Xbtw0Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c43::/32
2a11:3c46::/32
2a11:6bc3::/32
Signature Algorithm: sha256WithRSAEncryption
3f:17:e0:cc:b0:28:db:bb:c5:8e:af:43:fc:94:2e:c5:97:fe:
fe:f1:ae:f3:f1:f8:a9:ce:fd:70:59:ac:2c:15:17:5f:c9:4e:
c0:0e:95:d1:54:b7:9f:0f:c9:bf:73:7f:07:4c:90:4e:c0:74:
2d:f4:d6:86:7a:51:dd:4e:56:3a:26:2c:19:18:2e:fa:03:24:
ee:0f:06:10:b9:74:53:50:95:e6:c5:b1:b9:45:ee:46:9f:64:
60:93:ff:6c:7e:05:f8:b8:db:9a:f8:d5:9e:90:bf:4e:f2:f4:
97:60:44:e5:10:f7:6d:71:c1:c9:e8:f3:ac:06:ab:39:6a:9e:
f9:1a:a5:e8:bd:0b:6c:63:9b:f3:8e:61:82:41:5d:c1:aa:a8:
39:7f:33:a3:c5:93:e8:e6:ce:ea:5d:0c:e7:96:37:09:b1:26:
3e:6b:37:2c:5e:ab:ad:6f:93:b9:b3:38:a4:c8:06:e2:14:c6:
9e:01:62:27:73:e2:9a:21:4d:6b:fd:7c:10:64:83:02:12:1d:
6f:3e:b2:ba:f0:5a:de:5a:cb:69:b2:fa:f7:ed:3a:9d:c0:11:
be:e5:a6:07:08:b7:ff:6e:7c:5b:61:04:75:ae:59:b7:18:c9:
f6:69:9c:d7:bc:06:89:db:1e:b3:1b:a1:7d:c8:75:f9:a1:20:
b4:2f:bc:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQj1vpk4jpGh/jPDjSBz2VbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDAyZDE0NmEyZjQ4YTFhZTdiNDAwZWJkNTk3Zjc1ZGJiNzBkMTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk0Qw/nmbGm+pELMvEp12SUjZ0TE
xtByo0bqRmFpx2as1Yto0IHZ7E+4H+4wXn7MBEiu6OaOiEiIhxdECsUFspnoy+8L
R1Tj7GRppUlSF2F0ODsLh5COWi91WHsigZsiB7/Ux9eYJlKckshewWfwv2vGvuvd
Sj3a+9M04e1K0Ng00Wolo/tLud1h0ReOtvii4Mlkoq00lyLJNCMYwMdSKt5Rr/fl
lGJc97nfb6AjqokcLzROA1KxnpjbotanqAKnENCjKXyjR7tEoe9gLgo1f6ZEU0so
dbn3KZwwSEKBUUWLC0PNKwSf5R3FDZ47LqMNCRgsJVTsz7DAzc5Ava0j2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHAC0Uai9Ioa57QA69WX9127cNF6MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvY0FMUlJxTDBpaHJudEFEcjFaZjNYYnR3MFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhE8QwMF
ACoRPEYDBQAqEWvDMA0GCSqGSIb3DQEBCwUAA4IBAQA/F+DMsCjbu8WOr0P8lC7F
l/7+8a7z8fipzv1wWawsFRdfyU7ADpXRVLefD8m/c38HTJBOwHQt9NaGelHdTlY6
JiwZGC76AyTuDwYQuXRTUJXmxbG5Re5Gn2Rgk/9sfgX4uNua+NWekL9O8vSXYETl
EPdtccHJ6POsBqs5ap75GqXovQtsY5vzjmGCQV3Bqqg5fzOjxZPo5s7qXQznljcJ
sSY+azcsXqutb5O5szikyAbiFMaeAWInc+KaIU1r/XwQZIMCEh1vPrK68FreWstp
svr37TqdwBG+5aYHCLf/bnxbYQR1rlm3GMn2aZzXvAaJ2x6zG6F9yHX5oSC0L7yw
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:58:51 2025 by rpki-client