Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/41fVJkrPbHKQA079D4QVuoSoMHA.roa
File: 41fVJkrPbHKQA079D4QVuoSoMHA.roa (raw, json)
Hash identifier: sr+TybZqUtIImaDgTqztSGD1XE6oloq4BZ2M4Xpg+u0=
Subject key identifier: E3:57:D5:26:4A:CF:6C:72:90:03:4E:FD:0F:84:15:BA:84:A8:30:70
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 0194221F7905CC8222F255E44B9E30AB8C95
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/41fVJkrPbHKQA079D4QVuoSoMHA.roa
Signing time: Wed 01 Jan 2025 13:47:55 +0000
ROA not before: Wed 01 Jan 2025 13:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43443
IP address blocks: 2a03:9c00:a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:79:05:cc:82:22:f2:55:e4:4b:9e:30:ab:8c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 13:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e357d5264acf6c7290034efd0f8415ba84a83070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:00:26:1d:c9:aa:e5:c0:46:31:84:36:d4:ca:
06:24:ac:8f:08:ba:d1:38:36:b9:95:c1:25:4e:58:
f0:05:9d:75:73:4f:ab:54:a4:09:65:15:7d:18:b4:
35:8b:8f:7f:61:ce:2f:15:05:d2:ea:c8:55:81:ee:
38:4d:a5:42:71:79:49:eb:6d:f2:b1:7f:30:de:aa:
2b:63:0f:8b:f9:76:24:eb:f8:f6:c1:63:8c:f9:04:
91:27:07:ec:43:e3:b0:cd:a6:98:f8:0a:13:86:84:
1d:d8:56:98:d2:3e:ae:e3:92:8f:82:27:37:76:ee:
ef:8f:87:b0:8d:7d:73:a4:8b:6c:b3:e3:6f:e0:61:
d8:e2:73:fc:65:d2:a3:fb:98:bc:94:6b:cb:98:3b:
51:32:fe:89:3c:f5:65:65:eb:1e:2a:d6:08:cf:4a:
79:d5:5d:6b:f5:39:d9:f2:e0:52:b9:18:c8:3b:a0:
06:45:9b:c5:6e:93:4d:03:6e:cc:38:d0:fa:63:5b:
55:07:69:9f:51:ef:b2:6a:c8:12:e8:e2:46:de:b8:
f9:81:ca:ca:24:15:3e:c8:de:36:be:39:2b:52:b1:
53:fb:cf:21:73:cb:32:6c:f7:69:f4:8e:e3:21:b6:
2f:5a:c9:81:60:10:ab:91:26:4f:b3:94:c8:40:0e:
4b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:57:D5:26:4A:CF:6C:72:90:03:4E:FD:0F:84:15:BA:84:A8:30:70
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/41fVJkrPbHKQA079D4QVuoSoMHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:9c00:a::/48
Signature Algorithm: sha256WithRSAEncryption
7f:78:ea:ab:21:6e:f3:9d:22:96:18:81:96:48:3d:2d:dc:fe:
ee:ac:e6:11:a2:1c:45:e4:b8:dd:08:a4:ee:38:2d:dd:0f:23:
52:5f:a5:ad:d6:ad:79:a1:66:e3:87:34:60:15:1a:12:4b:bc:
33:16:e6:cf:c2:8c:13:47:22:62:f6:9b:79:c8:b5:71:8f:e1:
4b:eb:d9:16:f3:21:5e:ae:3e:1d:36:c4:7d:ef:04:04:e3:96:
2d:fc:42:3e:87:30:f8:56:eb:40:2b:4b:27:df:6e:4f:55:3e:
67:bb:5a:e3:e5:73:62:c3:1b:85:6b:56:83:1d:e3:02:5c:14:
37:9e:05:c8:8c:99:70:52:fb:a4:eb:45:f4:93:78:a0:b5:4a:
e1:1b:f9:42:1a:8e:c1:77:a0:13:3b:47:03:71:1c:dd:92:17:
73:f6:bf:97:ed:f4:37:9e:55:5f:16:e5:bb:d5:26:9c:f2:3c:
fe:64:d0:ea:84:6f:04:a5:cf:22:e3:30:a8:1a:ee:1a:9e:c1:
3d:3f:44:b5:7d:f8:6c:04:eb:fc:71:2d:f6:35:2b:86:42:5c:
dc:3f:aa:9f:18:33:ed:9a:84:a6:e2:64:6e:61:02:1c:ba:6a:
8e:de:71:1c:cf:2b:b0:81:fd:7e:40:42:93:e6:39:88:f9:8a:
11:08:60:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH3kFzIIi8lXkS54wq4yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjUwMTAxMTM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU3ZDUyNjRhY2Y2YzcyOTAwMzRlZmQwZjg0MTViYTg0YTgzMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowAmHcmq5cBGMYQ21MoGJKyPCLrR
ODa5lcElTljwBZ11c0+rVKQJZRV9GLQ1i49/Yc4vFQXS6shVge44TaVCcXlJ623y
sX8w3qorYw+L+XYk6/j2wWOM+QSRJwfsQ+OwzaaY+AoThoQd2FaY0j6u45KPgic3
du7vj4ewjX1zpItss+Nv4GHY4nP8ZdKj+5i8lGvLmDtRMv6JPPVlZeseKtYIz0p5
1V1r9TnZ8uBSuRjIO6AGRZvFbpNNA27MOND6Y1tVB2mfUe+yasgS6OJG3rj5gcrK
JBU+yN42vjkrUrFT+88hc8sybPdp9I7jIbYvWsmBYBCrkSZPs5TIQA5LxwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFONX1SZKz2xykANO/Q+EFbqEqDBwMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvNDFmVkprclBiSEtRQTA3OUQ0UVZ1b1NvTUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgOcAAAK
MA0GCSqGSIb3DQEBCwUAA4IBAQB/eOqrIW7znSKWGIGWSD0t3P7urOYRohxF5Ljd
CKTuOC3dDyNSX6Wt1q15oWbjhzRgFRoSS7wzFubPwowTRyJi9pt5yLVxj+FL69kW
8yFerj4dNsR97wQE45Yt/EI+hzD4VutAK0sn325PVT5nu1rj5XNiwxuFa1aDHeMC
XBQ3ngXIjJlwUvuk60X0k3igtUrhG/lCGo7Bd6ATO0cDcRzdkhdz9r+X7fQ3nlVf
FuW71Sac8jz+ZNDqhG8Epc8i4zCoGu4ansE9P0S1ffhsBOv8cS32NSuGQlzcP6qf
GDPtmoSm4mRuYQIcumqO3nEczyuwgf1+QEKT5jmI+YoRCGAF
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:19:04 2025 by rpki-client