Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/lrUiZniRQz-h8c2XhwOWkweOdEA.roa
File: lrUiZniRQz-h8c2XhwOWkweOdEA.roa (raw, json)
Hash identifier: d49AW/uRjxvRRJYubTh5j7tar5tvmS5hfgjaKWxZ/ps=
Subject key identifier: 96:B5:22:66:78:91:43:3F:A1:F1:CD:97:87:03:96:93:07:8E:74:40
Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Certificate serial: 01941FFA4827610A21E2A8704798A6EA6DE0
Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/lrUiZniRQz-h8c2XhwOWkweOdEA.roa
Signing time: Wed 01 Jan 2025 03:48:03 +0000
ROA not before: Wed 01 Jan 2025 03:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a11:9c80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:48:27:61:0a:21:e2:a8:70:47:98:a6:ea:6d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Validity
Not Before: Jan 1 03:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96b522667891433fa1f1cd9787039693078e7440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4e:20:91:eb:7d:95:ca:bf:2a:e3:bd:4a:6d:
d6:74:2a:97:a2:64:18:61:ab:66:62:b4:5a:30:2a:
dd:ac:86:2a:a4:55:cd:6f:bf:7e:58:8e:b1:8c:17:
3a:94:43:2a:21:4f:d2:5b:45:63:96:a8:2b:4b:e4:
b9:f7:9f:71:82:97:ff:f5:8a:f4:b8:b1:e8:59:64:
bd:46:9c:2c:02:7c:67:79:f3:17:da:a4:5e:e0:b2:
f6:f8:6b:f2:29:3b:ad:3c:14:c4:f3:eb:6f:a7:69:
94:4a:1d:d5:8c:e4:aa:54:ff:ad:8c:ed:ed:2f:37:
7c:16:9f:fb:ea:9e:5d:c0:79:01:03:f5:4d:54:77:
83:5f:c8:80:72:46:76:a0:ef:a5:35:9d:bd:7a:4e:
a5:50:86:ee:96:52:fb:7b:4c:41:15:2b:b8:8a:7c:
16:9d:6d:98:05:ed:a2:b9:dc:c2:0c:98:e0:cb:eb:
eb:ef:73:e3:d4:2e:e7:8c:ee:b6:68:ae:8b:05:78:
75:59:83:45:18:40:00:01:ef:40:cd:0d:dc:d2:85:
17:ef:0b:3f:81:26:65:e7:a9:eb:16:13:e7:0e:61:
74:e8:df:1f:90:34:17:c5:48:ce:98:5f:f1:51:60:
30:e0:dd:00:1d:4b:48:3e:de:5e:07:8b:08:77:83:
b8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B5:22:66:78:91:43:3F:A1:F1:CD:97:87:03:96:93:07:8E:74:40
X509v3 Authority Key Identifier:
keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/lrUiZniRQz-h8c2XhwOWkweOdEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
02:e1:8d:d1:0e:fb:11:1d:ce:7b:0d:b1:c2:47:27:cf:2f:c2:
24:9e:d8:30:3f:43:75:7b:e8:c4:8d:0b:9b:1e:e4:ec:53:3b:
11:b6:03:8d:99:0e:6d:7a:36:30:68:b5:e5:34:f6:08:81:24:
ee:69:c7:95:86:af:d4:1c:5e:2b:45:da:3a:e7:03:a6:f6:17:
9b:26:6f:5a:53:db:bb:ba:68:0d:6b:75:25:c7:45:2a:1f:1a:
70:ef:b4:8c:92:2c:e1:0b:dc:14:f6:b0:61:72:c7:79:06:4b:
a9:02:61:df:8b:4c:1a:05:8b:f7:ce:6d:db:4f:aa:3d:72:f5:
08:e5:77:4d:8b:61:81:cb:8d:20:2e:a2:bf:cd:22:f8:83:51:
75:8b:c9:01:9d:06:bc:69:6a:d9:ec:06:c0:ec:42:bd:e6:23:
14:96:22:40:13:99:cc:35:35:59:f6:77:7c:f4:f0:96:9c:c9:
d3:73:9a:18:73:0d:04:64:ba:21:f5:84:93:f7:77:1d:87:17:
55:c5:b7:d5:e2:77:2e:73:e7:7a:fd:52:7f:5c:60:1b:b5:96:
37:2f:ea:e6:89:18:04:c6:33:63:b9:51:b6:d6:98:b8:6b:86:
66:8d:3e:83:b9:33:d8:e8:f0:1a:33:12:64:97:06:75:29:7d:
c4:3c:38:1f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQf+kgnYQoh4qhwR5im6m3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZhNmJlM2Y1YzM4ZjRiYjdlMDYyYjY3MDc3NDdmNDk2
MWEwNDgwHhcNMjUwMTAxMDM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmI1MjI2Njc4OTE0MzNmYTFmMWNkOTc4NzAzOTY5MzA3OGU3NDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz04gket9lcq/KuO9Sm3WdCqXomQY
YatmYrRaMCrdrIYqpFXNb79+WI6xjBc6lEMqIU/SW0VjlqgrS+S5959xgpf/9Yr0
uLHoWWS9RpwsAnxnefMX2qRe4LL2+GvyKTutPBTE8+tvp2mUSh3VjOSqVP+tjO3t
Lzd8Fp/76p5dwHkBA/VNVHeDX8iAckZ2oO+lNZ29ek6lUIbullL7e0xBFSu4inwW
nW2YBe2iudzCDJjgy+vr73Pj1C7njO62aK6LBXh1WYNFGEAAAe9AzQ3c0oUX7ws/
gSZl56nrFhPnDmF06N8fkDQXxUjOmF/xUWAw4N0AHUtIPt5eB4sId4O4pQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJa1ImZ4kUM/ofHNl4cDlpMHjnRAMB8GA1UdIwQY
MBaAFNNPpr4/XDj0u34GK2cHdH9JYaBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEt
OTgxMTg0ZGVlMTMxLzEvbHJVaVpuaVJRei1oOGMyWGh3T1drd2VPZEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEtOTgxMTg0ZGVlMTMx
LzEvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAuGN0Q77ER3Oew2xwkcnzy/CJJ7YMD9DdXvoxI0L
mx7k7FM7EbYDjZkObXo2MGi15TT2CIEk7mnHlYav1BxeK0XaOucDpvYXmyZvWlPb
u7poDWt1JcdFKh8acO+0jJIs4QvcFPawYXLHeQZLqQJh34tMGgWL985t20+qPXL1
COV3TYthgcuNIC6iv80i+INRdYvJAZ0GvGlq2ewGwOxCveYjFJYiQBOZzDU1WfZ3
fPTwlpzJ03OaGHMNBGS6IfWEk/d3HYcXVcW31eJ3LnPnev1Sf1xgG7WWNy/q5okY
BMYzY7lRttaYuGuGZo0+g7kz2OjwGjMSZJcGdSl9xDw4Hw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:58:41 2025 by rpki-client