Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-uJi1EoQ8JN25Kce17nNqq77GaQ.roa
File: 1-uJi1EoQ8JN25Kce17nNqq77GaQ.roa (raw, json)
Hash identifier: RupUOxGdri6PWDYtu5n40Qgd2BA9j7G7QB/M2ca35RY=
Subject key identifier: FA:E2:62:D4:4A:10:F0:93:76:E4:A7:1E:D7:B9:CD:AA:AE:FB:19:A4
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0195DE5B7269E31D93E05C651524DC1F8505
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-uJi1EoQ8JN25Kce17nNqq77GaQ.roa
Signing time: Fri 28 Mar 2025 20:04:49 +0000
ROA not before: Fri 28 Mar 2025 20:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:4342::/32 maxlen: 32
2a11:b686::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:de:5b:72:69:e3:1d:93:e0:5c:65:15:24:dc:1f:85:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Mar 28 20:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fae262d44a10f09376e4a71ed7b9cdaaaefb19a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3e:44:05:bc:4a:86:33:bd:b8:33:1d:2f:2b:
f1:59:c1:b6:d9:5b:81:de:1e:70:fc:d1:bf:f5:3f:
11:9b:ce:8e:ab:27:7a:14:04:cd:5b:a8:7b:f0:25:
e9:52:7f:66:52:a3:11:c2:be:38:3a:09:74:f3:07:
2b:dd:4e:8f:28:08:d4:4b:95:04:1e:ca:c1:e1:3a:
45:be:a1:b9:69:56:d1:b2:0d:6b:9b:2e:8c:6b:a6:
95:df:b5:14:a3:9a:dc:52:2b:19:8e:f2:b2:5e:c7:
13:47:8c:5e:e5:20:bd:5d:c9:85:68:49:84:ee:03:
f1:14:37:56:ff:83:a4:ea:56:4c:b4:79:03:31:4f:
fc:39:73:7a:e9:b5:7b:27:aa:dd:ea:e5:72:ff:f2:
c8:c7:50:06:17:e1:f4:63:20:41:71:ff:32:50:41:
be:c8:5f:d9:de:42:26:dd:0a:6f:e0:0a:d7:73:c2:
45:5c:3f:81:99:dc:a0:45:2b:43:6d:af:a5:7f:60:
e2:74:51:ef:56:4d:d0:d7:c1:2b:11:3b:69:7e:77:
22:f4:b5:7a:89:3a:38:46:a6:36:bf:fb:d4:30:96:
fd:18:d2:5a:80:d5:81:e5:b5:09:4d:e2:56:2f:39:
8a:a5:8d:bb:67:33:a6:7b:2c:12:21:ed:31:b7:da:
61:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E2:62:D4:4A:10:F0:93:76:E4:A7:1E:D7:B9:CD:AA:AE:FB:19:A4
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/1-uJi1EoQ8JN25Kce17nNqq77GaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4342::/32
2a11:b686::/32
Signature Algorithm: sha256WithRSAEncryption
26:e8:4b:fe:ae:3e:ab:9e:92:81:a3:84:a2:c9:0f:2f:c7:89:
1a:d5:59:28:d3:6d:5b:59:ad:4d:4c:06:86:c5:b7:22:51:ee:
35:a2:fc:f0:f6:8e:0e:f5:93:b2:83:7b:20:99:ef:b9:5c:10:
df:e8:34:5f:9f:a9:4f:d2:db:2f:ec:d5:5b:d6:c1:f7:3c:fc:
1f:92:27:05:7e:cc:43:ff:77:9b:63:42:f8:91:ee:89:99:1f:
c8:b9:71:a3:59:cb:8d:9b:69:24:60:00:16:e9:73:b0:2f:6b:
b3:c2:1e:8f:c8:93:25:d8:51:2d:a9:bd:fb:cc:a1:a1:7b:c8:
4c:b9:6c:a7:97:7e:90:02:29:75:37:e1:37:10:01:f1:83:06:
17:13:45:c7:00:19:1e:fa:c1:db:7b:6c:4e:fa:08:8d:94:2d:
5a:d6:ba:48:23:1c:44:cc:5d:8e:42:18:86:6b:6b:15:c4:45:
52:0e:cf:1c:d7:fe:7e:9c:33:d7:0f:36:5f:3e:7c:96:80:db:
f0:d9:c1:f5:e0:8c:ad:04:03:88:80:f2:57:7d:21:0c:7b:16:
ef:b4:cf:f8:07:f1:2f:56:b7:e7:6a:d4:f1:9d:9e:a4:a9:af:
c2:72:b3:d2:05:9c:54:3b:5e:1f:23:85:b3:eb:d9:72:27:97:
f5:0d:d0:af
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZXeW3Jp4x2T4FxlFSTcH4UFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMzI4MjAwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWUyNjJkNDRhMTBmMDkzNzZlNGE3MWVkN2I5Y2RhYWFlZmIxOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj5EBbxKhjO9uDMdLyvxWcG22VuB
3h5w/NG/9T8Rm86Oqyd6FATNW6h78CXpUn9mUqMRwr44Ogl08wcr3U6PKAjUS5UE
HsrB4TpFvqG5aVbRsg1rmy6Ma6aV37UUo5rcUisZjvKyXscTR4xe5SC9XcmFaEmE
7gPxFDdW/4Ok6lZMtHkDMU/8OXN66bV7J6rd6uVy//LIx1AGF+H0YyBBcf8yUEG+
yF/Z3kIm3Qpv4ArXc8JFXD+BmdygRStDba+lf2DidFHvVk3Q18ErETtpfnci9LV6
iTo4RqY2v/vUMJb9GNJagNWB5bUJTeJWLzmKpY27ZzOmeywSIe0xt9phnQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPriYtRKEPCTduSnHte5zaqu+xmkMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvMS11SmkxRW9ROEpOMjVLY2UxN25OcXE3N0dhUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvODk3NDQ5LWU5Y2YtNGE3OS04OWNmLTQxYmIyMWFjMjgw
MS8xL3c0S0F4VEFMZElpS3gtdEwtbVFYMmFMbnNMNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFACoOQ0ID
BQAqEbaGMA0GCSqGSIb3DQEBCwUAA4IBAQAm6Ev+rj6rnpKBo4SiyQ8vx4ka1Vko
021bWa1NTAaGxbciUe41ovzw9o4O9ZOyg3sgme+5XBDf6DRfn6lP0tsv7NVb1sH3
PPwfkicFfsxD/3ebY0L4ke6JmR/IuXGjWcuNm2kkYAAW6XOwL2uzwh6PyJMl2FEt
qb37zKGhe8hMuWynl36QAil1N+E3EAHxgwYXE0XHABke+sHbe2xO+giNlC1a1rpI
IxxEzF2OQhiGa2sVxEVSDs8c1/5+nDPXDzZfPnyWgNvw2cH14IytBAOIgPJXfSEM
exbvtM/4B/EvVrfnatTxnZ6kqa/CcrPSBZxUO14fI4Wz69lyJ5f1DdCv
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:51:21 2025 by rpki-client