Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/h4W-VjJcy1QFeMUrhU0dF3Ixqa0.roa
File: h4W-VjJcy1QFeMUrhU0dF3Ixqa0.roa (raw, json)
Hash identifier: 5B5X7otDiidFA+PB/Jg+nfAWrr9IuoZCHyarTdrsmt0=
Subject key identifier: 87:85:BE:56:32:5C:CB:54:05:78:C5:2B:85:4D:1D:17:72:31:A9:AD
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 0194266C34BEA329D44D414560969AA30C2A
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/h4W-VjJcy1QFeMUrhU0dF3Ixqa0.roa
Signing time: Thu 02 Jan 2025 09:50:13 +0000
ROA not before: Thu 02 Jan 2025 09:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41996
IP address blocks: 2a0b:b600:3c03::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:34:be:a3:29:d4:4d:41:45:60:96:9a:a3:0c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 2 09:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8785be56325ccb540578c52b854d1d177231a9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6f:62:09:03:56:53:d7:29:48:fd:ce:cc:63:
b8:c2:a0:f4:22:60:53:b8:6c:c3:d3:8a:de:c8:f0:
44:ad:90:95:fe:3b:6b:06:cd:bc:ef:15:3e:c4:e4:
f0:b0:e4:82:4c:ca:0e:a9:20:e6:44:82:b5:62:04:
21:4e:1c:62:89:d0:14:00:73:04:ad:9f:10:8c:42:
89:c7:58:0e:76:69:18:f9:1b:cc:ed:22:a7:14:03:
c6:ce:4a:e5:4b:38:19:c0:3c:f0:38:57:1d:6d:33:
e7:f9:01:ac:c0:1d:29:b7:ae:4b:df:9c:30:91:32:
19:06:37:44:1c:4f:00:10:36:d3:42:7f:27:32:4a:
82:22:47:f4:53:9f:c6:84:03:ac:1c:3d:02:3c:46:
fa:f7:0f:8a:75:26:a2:58:02:5a:1c:ce:2c:86:b8:
85:d9:bb:0c:4e:c2:ab:10:56:23:55:1b:59:35:55:
8c:7b:25:aa:34:da:98:b6:92:2a:92:04:be:e0:40:
f7:9b:fb:15:6f:3a:82:c2:75:2d:8f:2b:60:7f:fc:
d3:cf:1d:93:08:3c:d1:5e:5b:00:49:da:7d:80:cf:
75:75:06:1d:01:8a:29:59:3d:0a:7f:19:5e:0a:26:
34:bc:46:07:a5:a4:13:00:f2:c0:20:fe:fe:c0:23:
f7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:85:BE:56:32:5C:CB:54:05:78:C5:2B:85:4D:1D:17:72:31:A9:AD
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/h4W-VjJcy1QFeMUrhU0dF3Ixqa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b600:3c03::/48
Signature Algorithm: sha256WithRSAEncryption
cf:a2:d0:bd:9c:31:1a:d2:73:2f:5c:80:9b:c7:eb:a4:1a:59:
ab:d9:d7:dd:fb:81:de:4a:a2:03:d2:64:a7:e5:c8:fa:65:72:
d0:f0:09:e9:0c:e8:ae:70:13:7b:bc:e5:12:4d:d3:05:61:6d:
69:57:7d:85:44:23:41:d7:97:88:24:5e:65:8a:6a:24:51:1f:
78:76:4d:7b:68:81:d6:e7:5c:da:fc:d1:62:8f:38:2e:db:85:
ba:97:39:1d:1f:a7:fb:63:de:61:1d:01:d3:2b:1a:30:dd:62:
1c:09:d2:6c:59:82:8c:67:4b:4e:ed:41:53:a1:cc:cd:ee:7b:
4f:43:fc:73:14:a4:d6:bd:c8:3c:21:ba:d4:63:28:78:11:f0:
a8:69:ff:c0:9e:f9:e0:c0:6d:4b:a6:65:2c:15:72:91:d4:2f:
12:93:88:bd:a1:13:75:a2:ff:58:b1:3b:12:1f:6f:d8:a8:d8:
1f:ae:98:71:75:36:99:63:d2:40:f2:7a:2d:61:8b:33:dc:b3:
7d:e2:50:b2:7e:8e:95:28:f0:41:63:16:95:6f:e0:4e:6e:96:
30:2e:b0:1f:e8:57:a5:c4:c9:c5:a9:7c:9b:ae:78:e7:18:0d:
8f:4e:07:0a:39:2b:75:4c:09:4b:12:35:69:8e:70:04:cd:89:
6b:d0:83:69
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQmbDS+oynUTUFFYJaaowwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjUwMTAyMDk1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzg1YmU1NjMyNWNjYjU0MDU3OGM1MmI4NTRkMWQxNzcyMzFhOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW9iCQNWU9cpSP3OzGO4wqD0ImBT
uGzD04reyPBErZCV/jtrBs287xU+xOTwsOSCTMoOqSDmRIK1YgQhThxiidAUAHME
rZ8QjEKJx1gOdmkY+RvM7SKnFAPGzkrlSzgZwDzwOFcdbTPn+QGswB0pt65L35ww
kTIZBjdEHE8AEDbTQn8nMkqCIkf0U5/GhAOsHD0CPEb69w+KdSaiWAJaHM4shriF
2bsMTsKrEFYjVRtZNVWMeyWqNNqYtpIqkgS+4ED3m/sVbzqCwnUtjytgf/zTzx2T
CDzRXlsASdp9gM91dQYdAYopWT0KfxleCiY0vEYHpaQTAPLAIP7+wCP37wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIeFvlYyXMtUBXjFK4VNHRdyMamtMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvaDRXLVZqSmN5MVFGZU1VcmhVMGRGM0l4cWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgu2ADwD
MA0GCSqGSIb3DQEBCwUAA4IBAQDPotC9nDEa0nMvXICbx+ukGlmr2dfd+4HeSqID
0mSn5cj6ZXLQ8AnpDOiucBN7vOUSTdMFYW1pV32FRCNB15eIJF5limokUR94dk17
aIHW51za/NFijzgu24W6lzkdH6f7Y95hHQHTKxow3WIcCdJsWYKMZ0tO7UFToczN
7ntPQ/xzFKTWvcg8IbrUYyh4EfCoaf/AnvngwG1LpmUsFXKR1C8Sk4i9oRN1ov9Y
sTsSH2/YqNgfrphxdTaZY9JA8notYYsz3LN94lCyfo6VKPBBYxaVb+BObpYwLrAf
6FelxMnFqXybrnjnGA2PTgcKOSt1TAlLEjVpjnAEzYlr0INp
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:46:45 2025 by rpki-client