Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/tOXM1ArNi_WlT9YM3bcgjCEuYiE.roa
File: tOXM1ArNi_WlT9YM3bcgjCEuYiE.roa (raw, json)
Hash identifier: WoZWnVDNekQ1pmAx1W3mwlUwZGDjKwmVnvBatyWe8dU=
Subject key identifier: B4:E5:CC:D4:0A:CD:8B:F5:A5:4F:D6:0C:DD:B7:20:8C:21:2E:62:21
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 019427B67170758C03CFD01CF878D7827B8C
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/tOXM1ArNi_WlT9YM3bcgjCEuYiE.roa
Signing time: Thu 02 Jan 2025 15:50:55 +0000
ROA not before: Thu 02 Jan 2025 15:50:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 719
IP address blocks: 2.20.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:71:70:75:8c:03:cf:d0:1c:f8:78:d7:82:7b:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 2 15:50:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4e5ccd40acd8bf5a54fd60cddb7208c212e6221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a2:ae:23:24:f1:5a:22:2a:d8:f6:cf:5f:8b:
b7:36:a6:0f:df:79:2b:9b:92:b0:df:bf:47:28:e5:
fb:f7:6e:b4:47:6a:57:91:b5:a2:d8:6d:e9:d5:57:
42:c0:7a:1f:07:52:e5:64:d6:9a:bb:97:55:49:dc:
58:71:22:b9:ac:9c:b2:16:0d:e9:06:09:b1:58:fd:
2f:7b:3f:00:49:36:f5:59:fb:eb:38:fc:e8:d2:27:
4c:6e:be:db:25:10:71:92:03:a9:0a:a6:a1:05:fd:
76:5e:f2:5e:16:05:a9:f6:0a:d8:85:42:20:57:90:
32:76:c7:0b:2b:5c:3b:78:5e:8a:54:24:34:98:62:
66:26:17:88:26:66:33:7d:2a:fa:fd:51:4b:22:d3:
ce:13:77:cd:83:aa:6b:45:aa:66:f2:f3:54:71:2d:
13:23:fd:48:16:2d:fb:69:af:65:44:13:c6:78:85:
02:ec:2a:3d:11:0a:27:04:f9:86:0b:0f:bf:46:f5:
a5:bd:57:97:9a:f2:4f:2c:4a:aa:91:3c:c2:00:56:
41:1a:b5:39:e8:84:b3:bc:6f:10:b3:72:c9:d9:85:
b5:46:f4:f5:16:e7:4d:f3:a7:c1:ea:45:d9:cf:73:
c4:35:5c:64:d9:5b:2a:1d:40:9d:3d:4b:f2:09:e2:
20:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E5:CC:D4:0A:CD:8B:F5:A5:4F:D6:0C:DD:B7:20:8C:21:2E:62:21
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/tOXM1ArNi_WlT9YM3bcgjCEuYiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.20.0.0/22
Signature Algorithm: sha256WithRSAEncryption
87:f0:31:12:d1:61:fd:e3:3b:b6:b3:2e:1e:dc:4b:28:1e:ad:
b2:10:7a:7c:2e:74:5b:12:e3:e9:e6:7b:a9:29:19:dc:23:fc:
0b:86:d5:a9:2d:0d:e7:23:b7:fe:48:09:44:e3:e4:3f:57:e6:
c3:ab:ff:6a:d7:b8:a8:ce:ab:06:4d:fb:92:bc:a1:c4:e9:aa:
f6:6c:a3:c5:5f:01:50:9a:57:94:e5:be:4b:bf:95:ad:5d:34:
e3:f9:82:68:44:88:e6:95:47:6d:95:ef:d7:12:db:f4:5d:17:
ba:cf:63:d1:3b:3f:76:9d:ee:81:64:5b:19:81:8f:e3:98:95:
c5:8d:cd:da:68:31:9a:b0:6e:fa:81:d6:da:e3:64:d7:c7:ac:
31:73:ff:bd:b0:57:23:c6:11:d8:97:4a:d0:26:6a:98:52:ed:
6b:b5:29:5d:ad:4c:7a:dc:2e:75:47:87:39:01:a7:57:fb:af:
36:ca:b7:67:7b:39:dd:4d:d5:23:de:47:f8:03:50:70:d6:32:
f7:e9:22:54:dd:f9:e3:a6:09:6d:b1:10:3d:df:89:e4:33:3d:
98:18:7e:03:99:c5:08:76:f7:dc:a8:db:e4:1e:4b:e9:cf:59:
2d:1a:fa:d0:3a:a0:28:dd:64:4d:15:b5:ea:14:68:b3:51:c9:
fb:88:c0:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntnFwdYwDz9Ac+HjXgnuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjUwMTAyMTU1MDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU1Y2NkNDBhY2Q4YmY1YTU0ZmQ2MGNkZGI3MjA4YzIxMmU2MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6KuIyTxWiIq2PbPX4u3NqYP33kr
m5Kw379HKOX79260R2pXkbWi2G3p1VdCwHofB1LlZNaau5dVSdxYcSK5rJyyFg3p
BgmxWP0vez8ASTb1WfvrOPzo0idMbr7bJRBxkgOpCqahBf12XvJeFgWp9grYhUIg
V5AydscLK1w7eF6KVCQ0mGJmJheIJmYzfSr6/VFLItPOE3fNg6prRapm8vNUcS0T
I/1IFi37aa9lRBPGeIUC7Co9EQonBPmGCw+/RvWlvVeXmvJPLEqqkTzCAFZBGrU5
6ISzvG8Qs3LJ2YW1RvT1FudN86fB6kXZz3PENVxk2VsqHUCdPUvyCeIgTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLTlzNQKzYv1pU/WDN23IIwhLmIhMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvdE9YTTFBck5pX1dsVDlZTTNiY2dqQ0V1WWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAhQAMA0G
CSqGSIb3DQEBCwUAA4IBAQCH8DES0WH94zu2sy4e3EsoHq2yEHp8LnRbEuPp5nup
KRncI/wLhtWpLQ3nI7f+SAlE4+Q/V+bDq/9q17iozqsGTfuSvKHE6ar2bKPFXwFQ
mleU5b5Lv5WtXTTj+YJoRIjmlUdtle/XEtv0XRe6z2PROz92ne6BZFsZgY/jmJXF
jc3aaDGasG76gdba42TXx6wxc/+9sFcjxhHYl0rQJmqYUu1rtSldrUx63C51R4c5
AadX+682yrdnezndTdUj3kf4A1Bw1jL36SJU3fnjpgltsRA934nkMz2YGH4DmcUI
dvfcqNvkHkvpz1ktGvrQOqAo3WRNFbXqFGizUcn7iMB4
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:14:21 2025 by rpki-client