Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ga0KLDUpKphpd5uhD-u7xvCdgo8.roa
File: ga0KLDUpKphpd5uhD-u7xvCdgo8.roa (raw, json)
Hash identifier: iNvTkN67twKCRuI+xwjBz8piFCF9xnDfvAKVgLU20KI=
Subject key identifier: 81:AD:0A:2C:35:29:2A:98:69:77:9B:A1:0F:EB:BB:C6:F0:9D:82:8F
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0195B90E7F4B8F7BEAEF4AC2AA0F00979734
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ga0KLDUpKphpd5uhD-u7xvCdgo8.roa
Signing time: Fri 21 Mar 2025 14:14:49 +0000
ROA not before: Fri 21 Mar 2025 14:14:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214478
IP address blocks: 2a14:67c1:b200::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b9:0e:7f:4b:8f:7b:ea:ef:4a:c2:aa:0f:00:97:97:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Mar 21 14:14:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81ad0a2c35292a9869779ba10febbbc6f09d828f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bc:01:ba:88:45:21:fc:83:8d:1b:ef:3d:55:
83:66:67:8e:95:62:6d:ec:bf:52:33:70:eb:2e:f9:
7c:1a:55:86:f8:40:53:fa:a4:5a:3c:72:bf:f5:c3:
0e:56:78:39:85:34:9c:88:51:ad:79:65:95:42:5c:
77:ae:9d:57:fd:f8:2b:ff:ab:64:d7:39:ac:aa:e3:
51:e4:02:99:8c:1d:7d:32:8f:cd:5b:a0:66:25:2a:
1f:a1:e1:3c:28:7e:48:b2:dc:96:21:ad:5d:45:9c:
55:37:58:fe:84:be:d2:dd:e9:7a:e7:15:02:b0:2d:
06:1e:d0:da:70:19:f3:28:86:d0:96:d9:4e:a3:82:
47:83:84:2e:b5:07:d9:25:93:94:f5:ee:39:a3:c7:
54:df:58:f9:53:32:7e:02:ef:22:24:1c:88:33:da:
f2:5f:a5:0d:c8:96:98:0f:84:e5:63:a2:43:98:1e:
8f:6e:58:98:17:ee:11:fb:4c:58:40:6f:e4:4d:15:
2b:1f:33:c1:09:d4:a2:8c:23:de:d6:b8:e9:2e:4f:
4e:bc:9e:bc:53:1b:88:9d:ca:1b:ca:74:11:90:14:
6e:fa:66:80:53:3e:15:5b:45:30:3d:25:c5:2c:bf:
f5:8d:11:84:32:8d:d6:8b:85:08:85:e1:f5:14:cf:
39:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AD:0A:2C:35:29:2A:98:69:77:9B:A1:0F:EB:BB:C6:F0:9D:82:8F
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/ga0KLDUpKphpd5uhD-u7xvCdgo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:b200::/40
Signature Algorithm: sha256WithRSAEncryption
8c:e5:87:7a:98:77:df:7b:97:e3:5c:8a:b9:dd:db:cc:ed:2d:
30:df:b1:4d:b1:08:f9:5d:d0:b0:b0:58:18:d8:23:b9:26:87:
89:3e:85:4f:02:76:7d:34:7a:8b:e4:4f:75:4c:d4:f0:03:58:
f5:c5:5e:6d:6e:d1:b6:d8:7c:59:38:e8:55:93:8f:0b:e9:c3:
d8:34:b2:8a:d1:4c:0d:72:44:e6:ad:5d:1a:38:85:3e:fd:8a:
4b:f2:d2:da:07:b3:8b:38:27:46:85:84:05:05:4b:fd:a2:3c:
dd:e0:06:79:e1:14:08:01:2b:17:af:16:71:b4:a9:c5:60:95:
42:30:2e:7c:ad:57:96:0a:7a:45:b8:74:47:92:77:35:f6:4a:
a6:92:eb:ec:91:00:d4:c2:04:ab:8a:a9:a5:e9:dc:65:ea:ec:
f9:2e:70:12:5c:c9:e8:7e:26:ad:db:8c:2e:55:1c:a8:f8:c8:
dd:5a:b1:ef:aa:54:7b:aa:7b:5c:80:3c:2d:db:61:46:57:59:
9c:3f:e5:22:06:ab:22:52:7d:cd:ea:99:90:bf:68:ad:b7:13:
ab:24:23:8c:fd:cb:0d:2c:54:c0:24:cb:ea:51:87:f9:cd:c3:
27:ab:6d:f6:ab:8d:02:d3:79:b8:af:43:ae:c7:43:d4:60:18:
23:62:62:ce
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZW5Dn9Lj3vq70rCqg8Al5c0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMzIxMTQxNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFkMGEyYzM1MjkyYTk4Njk3NzliYTEwZmViYmJjNmYwOWQ4MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbwBuohFIfyDjRvvPVWDZmeOlWJt
7L9SM3DrLvl8GlWG+EBT+qRaPHK/9cMOVng5hTSciFGteWWVQlx3rp1X/fgr/6tk
1zmsquNR5AKZjB19Mo/NW6BmJSofoeE8KH5IstyWIa1dRZxVN1j+hL7S3el65xUC
sC0GHtDacBnzKIbQltlOo4JHg4QutQfZJZOU9e45o8dU31j5UzJ+Au8iJByIM9ry
X6UNyJaYD4TlY6JDmB6PbliYF+4R+0xYQG/kTRUrHzPBCdSijCPe1rjpLk9OvJ68
UxuIncobynQRkBRu+maAUz4VW0UwPSXFLL/1jRGEMo3Wi4UIheH1FM85gwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIGtCiw1KSqYaXeboQ/ru8bwnYKPMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvZ2EwS0xEVXBLcGhwZDV1aEQtdTd4dkNkZ284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhRnwbIw
DQYJKoZIhvcNAQELBQADggEBAIzlh3qYd997l+Ncirnd28ztLTDfsU2xCPld0LCw
WBjYI7kmh4k+hU8Cdn00eovkT3VM1PADWPXFXm1u0bbYfFk46FWTjwvpw9g0sorR
TA1yROatXRo4hT79ikvy0toHs4s4J0aFhAUFS/2iPN3gBnnhFAgBKxevFnG0qcVg
lUIwLnytV5YKekW4dEeSdzX2SqaS6+yRANTCBKuKqaXp3GXq7PkucBJcyeh+Jq3b
jC5VHKj4yN1ase+qVHuqe1yAPC3bYUZXWZw/5SIGqyJSfc3qmZC/aK23E6skI4z9
yw0sVMAky+pRh/nNwyerbfarjQLTebivQ67HQ9RgGCNiYs4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:02:20 2025 by rpki-client