Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/56f526-53de-4c9d-b401-abf0b594646f/1/_G4BPEj7ANS0vazxrz5vo4pF7D0.roa
File: _G4BPEj7ANS0vazxrz5vo4pF7D0.roa (raw, json)
Hash identifier: xO167vhfgz0I5ajGU1YeyzUid/SyKj87Sz3pu5PRJWo=
Subject key identifier: FC:6E:01:3C:48:FB:00:D4:B4:BD:AC:F1:AF:3E:6F:A3:8A:45:EC:3D
Certificate issuer: /CN=03364fcedd691357733cd5ccd7029db8e61d1e3a
Certificate serial: 019427477FEA3D7D1A469B21E749590D8E85
Authority key identifier: 03:36:4F:CE:DD:69:13:57:73:3C:D5:CC:D7:02:9D:B8:E6:1D:1E:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AzZPzt1pE1dzPNXM1wKduOYdHjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/56f526-53de-4c9d-b401-abf0b594646f/1/_G4BPEj7ANS0vazxrz5vo4pF7D0.roa
Signing time: Thu 02 Jan 2025 13:49:44 +0000
ROA not before: Thu 02 Jan 2025 13:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 2a14:16c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:7f:ea:3d:7d:1a:46:9b:21:e7:49:59:0d:8e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03364fcedd691357733cd5ccd7029db8e61d1e3a
Validity
Not Before: Jan 2 13:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc6e013c48fb00d4b4bdacf1af3e6fa38a45ec3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:c8:71:96:24:1d:f2:85:ef:58:0d:aa:d4:
03:3b:9c:96:65:47:ba:6a:b9:df:38:7b:8d:0c:54:
22:76:9e:c6:16:c5:26:44:a3:7a:b8:fc:fe:04:ba:
c4:e1:bb:09:de:84:c8:fc:67:55:cd:78:82:83:dd:
41:eb:f9:b7:e7:5a:09:de:3a:82:54:d2:6c:74:87:
ba:7b:49:9b:db:6e:3d:da:89:30:e1:60:97:fa:1a:
7c:44:01:28:e4:8b:40:3e:d1:d6:d4:17:b1:e7:de:
3a:7f:7f:19:05:6c:a1:8f:54:26:40:50:23:94:dd:
ff:d7:ec:91:21:dd:63:f0:b3:79:b0:46:63:55:89:
bd:0f:c3:cf:79:da:ad:a9:ae:bd:43:bd:f9:4d:ca:
ac:0c:49:44:d5:46:c7:27:65:dc:1a:58:70:8a:eb:
7b:a1:9a:16:a9:34:ec:98:77:1b:96:91:8d:20:5f:
77:5e:81:2e:d9:69:c9:8f:56:c7:68:7c:2b:67:29:
6d:68:78:63:c7:bc:f1:71:d9:7d:66:5f:5a:dc:57:
84:57:8b:2c:60:ad:b5:69:41:cc:bb:b3:bd:b1:b8:
0d:e3:83:3e:80:af:08:40:67:74:05:0e:03:9e:04:
d0:50:23:f9:ca:4e:1a:5e:cb:df:ce:7d:a8:27:06:
25:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:6E:01:3C:48:FB:00:D4:B4:BD:AC:F1:AF:3E:6F:A3:8A:45:EC:3D
X509v3 Authority Key Identifier:
keyid:03:36:4F:CE:DD:69:13:57:73:3C:D5:CC:D7:02:9D:B8:E6:1D:1E:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AzZPzt1pE1dzPNXM1wKduOYdHjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56f526-53de-4c9d-b401-abf0b594646f/1/_G4BPEj7ANS0vazxrz5vo4pF7D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/56f526-53de-4c9d-b401-abf0b594646f/1/AzZPzt1pE1dzPNXM1wKduOYdHjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:74:40:18:3f:c1:f7:48:0e:18:cc:5b:64:04:15:c7:c3:42:
ea:a4:08:a7:f5:03:80:13:59:ce:e2:7a:9a:ed:a0:2f:6f:8a:
a7:2d:39:da:06:61:9a:54:80:19:8e:79:ba:05:cf:68:8d:3f:
79:7b:fc:6e:e1:9a:8d:71:74:c5:d3:b6:08:b0:21:1f:09:ee:
4f:2f:a6:1a:49:6d:33:64:9f:f6:14:1e:4d:c0:e0:a6:69:69:
a7:9d:f7:7c:6b:23:8e:fe:89:a5:25:4c:ec:bb:76:5c:3e:f9:
64:4d:46:a0:a4:e4:67:e2:95:98:61:f3:44:95:9a:21:4a:89:
45:cd:52:02:39:cd:97:70:a0:90:04:fe:c9:1d:0d:34:a4:f4:
0b:3f:1f:09:b2:58:41:d8:40:ab:e6:3d:20:14:fd:a9:28:bb:
83:3e:dd:71:b9:37:49:35:3c:36:f9:b5:6c:3a:68:1a:df:bf:
a5:c0:ff:0a:1f:f0:3b:9d:3e:e1:2e:41:6a:ec:7d:99:7f:4a:
6e:17:71:43:09:17:8b:69:10:c5:a4:aa:e2:b9:a2:38:f4:14:
0b:3d:e1:43:6b:0c:89:7c:86:6b:db:73:f5:aa:f8:23:5b:86:
23:da:60:ef:a6:7d:5a:3a:82:fa:ce:43:34:6f:15:50:6d:36:
69:eb:7e:60
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnR3/qPX0aRpsh50lZDY6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMzY0ZmNlZGQ2OTEzNTc3MzNjZDVjY2Q3MDI5ZGI4ZTYx
ZDFlM2EwHhcNMjUwMTAyMTM0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzZlMDEzYzQ4ZmIwMGQ0YjRiZGFjZjFhZjNlNmZhMzhhNDVlYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLvIcZYkHfKF71gNqtQDO5yWZUe6
arnfOHuNDFQidp7GFsUmRKN6uPz+BLrE4bsJ3oTI/GdVzXiCg91B6/m351oJ3jqC
VNJsdIe6e0mb22492okw4WCX+hp8RAEo5ItAPtHW1Bex5946f38ZBWyhj1QmQFAj
lN3/1+yRId1j8LN5sEZjVYm9D8PPedqtqa69Q735TcqsDElE1UbHJ2XcGlhwiut7
oZoWqTTsmHcblpGNIF93XoEu2WnJj1bHaHwrZyltaHhjx7zxcdl9Zl9a3FeEV4ss
YK21aUHMu7O9sbgN44M+gK8IQGd0BQ4DngTQUCP5yk4aXsvfzn2oJwYlzwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPxuATxI+wDUtL2s8a8+b6OKRew9MB8GA1UdIwQY
MBaAFAM2T87daRNXczzVzNcCnbjmHR46MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXpaUHp0MXBFMWR6UE5YTTF3S2R1T1lkSGpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81NmY1MjYtNTNkZS00YzlkLWI0MDEt
YWJmMGI1OTQ2NDZmLzEvX0c0QlBFajdBTlMwdmF6eHJ6NXZvNHBGN0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81NmY1MjYtNTNkZS00YzlkLWI0MDEtYWJmMGI1OTQ2NDZm
LzEvQXpaUHp0MXBFMWR6UE5YTTF3S2R1T1lkSGpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAb3RAGD/B90gOGMxbZAQVx8NC6qQIp/UDgBNZzuJ6
mu2gL2+Kpy052gZhmlSAGY55ugXPaI0/eXv8buGajXF0xdO2CLAhHwnuTy+mGklt
M2Sf9hQeTcDgpmlpp533fGsjjv6JpSVM7Lt2XD75ZE1GoKTkZ+KVmGHzRJWaIUqJ
Rc1SAjnNl3CgkAT+yR0NNKT0Cz8fCbJYQdhAq+Y9IBT9qSi7gz7dcbk3STU8Nvm1
bDpoGt+/pcD/Ch/wO50+4S5Baux9mX9KbhdxQwkXi2kQxaSq4rmiOPQUCz3hQ2sM
iXyGa9tz9ar4I1uGI9pg76Z9WjqC+s5DNG8VUG02aet+YA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:29:52 2025 by rpki-client