Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/tD-h34Qs2oppmxABFTiRVLxjMJI.roa
File: tD-h34Qs2oppmxABFTiRVLxjMJI.roa (raw, json)
Hash identifier: hN/6bXGlaQm+g8z5Fp0vtjeiVMTc3T9g6GJHxsKypiU=
Subject key identifier: B4:3F:A1:DF:84:2C:DA:8A:69:9B:10:01:15:38:91:54:BC:63:30:92
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019515263E653DEE1D69CA364679EEA61289
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/tD-h34Qs2oppmxABFTiRVLxjMJI.roa
Signing time: Mon 17 Feb 2025 18:23:02 +0000
ROA not before: Mon 17 Feb 2025 18:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a11:3c42::/32 maxlen: 32
2a11:6bc5::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:15:26:3e:65:3d:ee:1d:69:ca:36:46:79:ee:a6:12:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Feb 17 18:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b43fa1df842cda8a699b100115389154bc633092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b3:45:03:36:9b:33:1e:ef:c4:51:b4:6c:4a:
af:04:fa:28:8a:9f:7b:e8:e1:b0:14:d1:16:da:1a:
5e:21:26:a0:8d:6e:e4:ff:20:e3:6a:a4:0d:9c:ad:
ed:77:72:b7:19:75:63:22:b3:46:db:82:cc:8a:26:
82:5e:dd:14:4f:e4:ef:68:e9:09:d5:46:2e:4f:a3:
71:10:97:ee:08:b8:60:85:1c:9d:aa:de:be:66:2d:
2b:38:87:bc:d7:29:cc:81:db:b1:53:df:9d:b3:18:
71:cb:a1:3f:f0:7e:7f:12:6d:47:e6:37:e2:eb:29:
50:69:80:4e:b0:c6:6f:39:93:dc:b2:58:68:70:0c:
1a:4c:e8:e1:0b:4a:98:81:98:a7:96:06:6d:c9:e6:
4f:79:9b:19:02:1d:ae:32:5b:ab:83:b2:3d:cd:36:
2f:72:79:dc:9c:35:ec:d7:9e:d4:8d:6b:8d:43:70:
41:e0:96:16:62:7a:48:04:66:6c:c1:0d:b3:75:a5:
67:47:81:9a:27:f3:23:ed:3d:0a:57:dd:67:24:28:
dd:81:f9:cb:ca:41:b8:d6:5d:7d:b4:ab:8d:6f:d4:
8e:5a:7d:49:4b:64:d8:af:06:81:99:8c:a9:3a:3d:
44:e6:ff:68:b4:ca:6c:8c:d8:22:62:16:08:28:a2:
90:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3F:A1:DF:84:2C:DA:8A:69:9B:10:01:15:38:91:54:BC:63:30:92
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/tD-h34Qs2oppmxABFTiRVLxjMJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c42::/32
2a11:6bc5::/32
Signature Algorithm: sha256WithRSAEncryption
6b:e7:d1:81:12:42:51:76:c6:12:17:69:fd:53:c5:39:58:38:
ad:26:fa:44:67:d6:82:25:94:b8:4e:04:43:b2:9b:93:ac:63:
a2:92:89:08:2a:2f:0b:d9:7b:dc:f2:09:8a:05:a7:66:62:0e:
43:04:e8:cc:f8:a3:5f:b8:9c:24:0f:13:3e:f5:e3:56:ae:7a:
33:d5:9d:e7:00:94:34:90:04:26:cb:cb:ad:15:09:58:97:2b:
42:58:f1:3a:3a:e3:de:00:6e:55:d1:d4:a8:7e:77:44:81:a5:
71:d6:35:b9:a9:4d:03:44:e6:11:09:26:53:24:a9:e7:71:7c:
90:a0:e0:6f:df:ba:1a:cf:5d:e0:f7:69:f8:62:2b:78:e2:b1:
0e:25:84:cd:52:c1:5b:8b:62:ca:5c:1b:33:02:8d:a7:16:0b:
ea:c7:56:a2:f7:62:8a:0e:cf:6b:23:a7:88:87:8a:91:9a:3a:
7e:2f:c5:a3:e8:07:a2:25:00:fb:e1:0f:1c:9c:bd:4a:60:c0:
d5:60:7c:70:a8:f3:46:b8:73:36:b6:8f:3c:6c:9f:63:8f:ef:
a7:0d:ad:86:5b:50:66:b2:dc:fd:76:7e:e6:0d:90:61:77:a2:
68:fa:2d:7a:5e:ce:78:66:40:5a:e6:0f:60:6c:9e:13:52:2c:
c3:70:60:4b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZUVJj5lPe4daco2RnnuphKJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMjE3MTgyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNmYTFkZjg0MmNkYThhNjk5YjEwMDExNTM4OTE1NGJjNjMzMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbNFAzabMx7vxFG0bEqvBPooip97
6OGwFNEW2hpeISagjW7k/yDjaqQNnK3td3K3GXVjIrNG24LMiiaCXt0UT+TvaOkJ
1UYuT6NxEJfuCLhghRydqt6+Zi0rOIe81ynMgduxU9+dsxhxy6E/8H5/Em1H5jfi
6ylQaYBOsMZvOZPcslhocAwaTOjhC0qYgZinlgZtyeZPeZsZAh2uMlurg7I9zTYv
cnncnDXs157UjWuNQ3BB4JYWYnpIBGZswQ2zdaVnR4GaJ/Mj7T0KV91nJCjdgfnL
ykG41l19tKuNb9SOWn1JS2TYrwaBmYypOj1E5v9otMpsjNgiYhYIKKKQcQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLQ/od+ELNqKaZsQARU4kVS8YzCSMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvdEQtaDM0UXMyb3BwbXhBQkZUaVJWTHhqTUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhE8QgMF
ACoRa8UwDQYJKoZIhvcNAQELBQADggEBAGvn0YESQlF2xhIXaf1TxTlYOK0m+kRn
1oIllLhOBEOym5OsY6KSiQgqLwvZe9zyCYoFp2ZiDkME6Mz4o1+4nCQPEz7141au
ejPVnecAlDSQBCbLy60VCViXK0JY8To6494AblXR1Kh+d0SBpXHWNbmpTQNE5hEJ
JlMkqedxfJCg4G/fuhrPXeD3afhiK3jisQ4lhM1SwVuLYspcGzMCjacWC+rHVqL3
YooOz2sjp4iHipGaOn4vxaPoB6IlAPvhDxycvUpgwNVgfHCo80a4cza2jzxsn2OP
76cNrYZbUGay3P12fuYNkGF3omj6LXpeznhmQFrmD2BsnhNSLMNwYEs=
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:03:52 2025 by rpki-client