Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/iqS7pyC6Vm9MJMhXPPaFHdFXlzU.roa
File: iqS7pyC6Vm9MJMhXPPaFHdFXlzU.roa (raw, json)
Hash identifier: itbQBO3qhVRtc9RSKAk3g9zDCa+FHSSmZWvIfErp3Lo=
Subject key identifier: 8A:A4:BB:A7:20:BA:56:6F:4C:24:C8:57:3C:F6:85:1D:D1:57:97:35
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5B585710D84AE31002C6AD20DB4E4
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/iqS7pyC6Vm9MJMhXPPaFHdFXlzU.roa
Signing time: Wed 01 Jan 2025 07:47:43 +0000
ROA not before: Wed 01 Jan 2025 07:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51964
IP address blocks: 2a01:ce80::/26 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b5:85:71:0d:84:ae:31:00:2c:6a:d2:0d:b4:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8aa4bba720ba566f4c24c8573cf6851dd1579735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:05:96:ad:b7:c3:92:88:82:a0:d9:30:ec:
92:d2:1f:e2:22:8b:dd:66:d9:5b:69:d4:63:e8:8b:
2c:e8:d9:16:0f:7e:20:dd:54:8b:9f:6e:18:b1:99:
24:b8:6d:33:ff:11:16:14:14:29:d7:03:64:b6:f1:
39:73:59:86:09:31:fd:9f:e3:bd:9b:c1:1e:38:79:
56:c2:2b:de:df:57:42:b8:99:06:d8:8b:99:97:92:
29:2b:62:af:cb:90:22:c2:25:cd:80:1e:e0:66:93:
e6:3f:0e:9f:ab:c6:b6:20:c8:6d:99:61:51:02:56:
46:99:9c:1d:36:0d:c1:cd:c1:d7:b1:87:00:11:89:
58:83:34:84:bf:2c:f0:51:fa:90:0a:7c:8b:73:07:
b3:89:98:d8:e3:a4:6c:87:0e:c9:e1:e0:99:e6:cd:
f5:88:e5:b6:8e:cb:a4:7d:c2:4a:61:d6:64:1f:de:
f3:af:a5:9a:41:75:7a:62:9d:cf:21:7a:c8:34:56:
a5:a2:d9:23:28:82:b2:dc:c9:5a:3e:60:3a:04:74:
71:62:0a:36:28:e0:08:08:05:a3:a7:a4:fc:f1:81:
29:ef:4a:e8:90:41:43:d8:13:72:bd:89:98:d4:cb:
9c:e5:e1:98:21:37:5d:bd:ad:05:72:d0:f3:5c:3e:
e8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A4:BB:A7:20:BA:56:6F:4C:24:C8:57:3C:F6:85:1D:D1:57:97:35
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/iqS7pyC6Vm9MJMhXPPaFHdFXlzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ce80::/26
Signature Algorithm: sha256WithRSAEncryption
2a:93:23:b8:00:34:7e:83:93:0b:de:0e:13:f9:bf:6b:47:bb:
1b:a4:66:f1:45:c1:eb:71:19:15:7d:2a:91:06:62:5e:76:18:
8a:f8:84:86:28:a0:09:0e:17:09:77:b9:92:0d:ce:95:e9:24:
bb:0c:6f:7d:6d:bb:74:4a:13:bd:44:84:42:0c:80:b5:8a:8a:
5f:5b:e6:9d:9e:1c:0c:d4:3c:c6:a8:2a:ff:e4:5d:07:dd:61:
71:e6:aa:b2:71:c9:21:ae:a0:ff:90:3b:a1:1a:3d:41:fc:55:
4f:7e:4a:07:51:d8:a5:a5:c7:89:9d:05:38:87:58:8f:89:f3:
49:c7:92:18:52:7b:f5:6a:28:38:d0:c3:33:bb:22:54:7c:24:
72:ca:76:ba:0c:88:99:3e:bf:d9:9c:8d:0c:06:8b:41:83:65:
f0:c3:87:26:27:a0:12:d0:af:0f:eb:55:8c:0f:01:bc:aa:39:
22:d6:ca:81:89:97:bb:c7:82:d9:8b:95:39:f5:14:fe:3c:6b:
7c:aa:5e:4c:46:fb:fc:73:0f:6d:eb:09:d4:46:31:b4:70:ec:
05:70:6c:a3:37:ba:6d:e2:4f:6f:ff:87:c2:8f:ad:1d:61:f5:
13:73:52:f3:85:69:c3:15:b4:dd:5a:f4:62:94:74:b3:b1:39:
91:8e:1b:e8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQg1bWFcQ2ErjEALGrSDbTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWE0YmJhNzIwYmE1NjZmNGMyNGM4NTczY2Y2ODUxZGQxNTc5NzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnIFlq23w5KIgqDZMOyS0h/iIovd
ZtlbadRj6Iss6NkWD34g3VSLn24YsZkkuG0z/xEWFBQp1wNktvE5c1mGCTH9n+O9
m8EeOHlWwive31dCuJkG2IuZl5IpK2Kvy5AiwiXNgB7gZpPmPw6fq8a2IMhtmWFR
AlZGmZwdNg3BzcHXsYcAEYlYgzSEvyzwUfqQCnyLcweziZjY46Rshw7J4eCZ5s31
iOW2jsukfcJKYdZkH97zr6WaQXV6Yp3PIXrINFalotkjKIKy3MlaPmA6BHRxYgo2
KOAICAWjp6T88YEp70rokEFD2BNyvYmY1Muc5eGYITddva0FctDzXD7oiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIqku6cgulZvTCTIVzz2hR3RV5c1MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvaXFTN3B5QzZWbTlNSk1oWFBQYUZIZEZYbHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUGKgHOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAKpMjuAA0foOTC94OE/m/a0e7G6Rm8UXB63EZFX0q
kQZiXnYYiviEhiigCQ4XCXe5kg3OlekkuwxvfW27dEoTvUSEQgyAtYqKX1vmnZ4c
DNQ8xqgq/+RdB91hceaqsnHJIa6g/5A7oRo9QfxVT35KB1HYpaXHiZ0FOIdYj4nz
SceSGFJ79WooONDDM7siVHwkcsp2ugyImT6/2ZyNDAaLQYNl8MOHJiegEtCvD+tV
jA8BvKo5ItbKgYmXu8eC2YuVOfUU/jxrfKpeTEb7/HMPbesJ1EYxtHDsBXBsoze6
beJPb/+Hwo+tHWH1E3NS84VpwxW03Vr0YpR0s7E5kY4b6A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:46:15 2025 by rpki-client