Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/VWg3f0Gbf8sa5f2R-1SRG52r7-8.roa
File: VWg3f0Gbf8sa5f2R-1SRG52r7-8.roa (raw, json)
Hash identifier: /HyVmsWd+2rMbD1GgNRa5CoP6uMJQMzjsYwposvYEw0=
Subject key identifier: 55:68:37:7F:41:9B:7F:CB:1A:E5:FD:91:FB:54:91:1B:9D:AB:EF:EF
Certificate issuer: /CN=4021dff35edf0ce6e428d6affc212c4717679ee1
Certificate serial: 019428251E4D5FAC98B45184ED337F8F320F
Authority key identifier: 40:21:DF:F3:5E:DF:0C:E6:E4:28:D6:AF:FC:21:2C:47:17:67:9E:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCHf817fDObkKNav_CEsRxdnnuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/VWg3f0Gbf8sa5f2R-1SRG52r7-8.roa
Signing time: Thu 02 Jan 2025 17:51:48 +0000
ROA not before: Thu 02 Jan 2025 17:51:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204137
IP address blocks: 2a02:6860::/34 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:1e:4d:5f:ac:98:b4:51:84:ed:33:7f:8f:32:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4021dff35edf0ce6e428d6affc212c4717679ee1
Validity
Not Before: Jan 2 17:51:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5568377f419b7fcb1ae5fd91fb54911b9dabefef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:88:12:6f:82:09:ef:8d:14:bf:40:0f:65:ff:
e7:df:99:29:7a:6e:f2:78:97:5d:4e:4d:e7:38:47:
d3:cc:bd:c9:db:c6:f9:51:4e:28:27:77:f8:df:49:
fd:ed:4d:07:59:68:17:94:a2:c5:3a:47:22:f0:d5:
19:c8:76:18:8d:d8:d4:65:b0:f2:ab:63:3b:1a:c1:
f1:4f:29:19:d5:22:cc:bd:3e:43:33:b5:99:2e:37:
75:14:8f:08:04:de:26:d9:88:59:83:d4:3b:a2:fd:
9c:49:98:50:89:62:27:64:8b:cc:45:f6:5e:5d:72:
94:a5:11:a1:e6:a1:6b:fc:49:93:d0:f1:de:03:5a:
6b:b5:7e:45:8e:60:79:9d:f6:61:4c:1d:0e:68:61:
65:01:86:34:1f:c9:b4:e4:54:8e:b4:5c:03:8d:e2:
10:8c:bf:0a:a7:fb:a6:ef:5e:8b:5c:96:a5:1b:d6:
22:4a:52:e0:ab:25:cb:55:a5:79:f5:15:3b:d3:24:
d8:ed:f5:43:b4:a3:56:7f:4b:37:a8:33:59:c2:9d:
16:6c:db:bc:21:01:f3:ee:ce:b5:48:49:05:73:bd:
94:27:09:dd:f9:bd:f6:a5:4a:44:aa:2e:91:70:79:
ac:35:a3:06:00:ed:9e:94:d0:ea:dc:4a:26:cd:61:
62:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:68:37:7F:41:9B:7F:CB:1A:E5:FD:91:FB:54:91:1B:9D:AB:EF:EF
X509v3 Authority Key Identifier:
keyid:40:21:DF:F3:5E:DF:0C:E6:E4:28:D6:AF:FC:21:2C:47:17:67:9E:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCHf817fDObkKNav_CEsRxdnnuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/VWg3f0Gbf8sa5f2R-1SRG52r7-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/014088-5684-49c2-b630-eb53a518c263/1/QCHf817fDObkKNav_CEsRxdnnuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:6860::/34
Signature Algorithm: sha256WithRSAEncryption
83:89:31:65:2f:f9:3d:ef:48:6a:41:a6:0b:8d:d4:f6:30:60:
6b:ce:89:bb:bf:53:ba:04:00:a1:13:05:9d:84:0d:65:a9:a5:
ae:ea:4c:3d:d5:83:0d:79:e0:2f:d8:ce:76:7b:f8:65:61:6d:
ea:d5:e3:41:a1:c6:7c:9b:f4:6a:fe:45:12:2e:d5:50:80:88:
28:9a:fa:87:92:d6:e0:95:9c:36:55:1b:bc:75:a8:69:3c:e3:
8d:a4:79:04:6d:d8:49:51:f8:c1:6f:37:10:c6:34:78:51:81:
be:6b:dd:2e:2c:92:f9:48:53:d9:47:81:5e:de:0a:fb:1d:b5:
5f:b2:0f:51:36:89:75:79:e7:5c:31:de:4e:ab:5d:a4:49:bc:
ed:26:31:53:79:9c:97:ed:02:d2:f6:75:6b:c3:e2:50:c9:ae:
25:26:0c:0b:c3:68:00:95:3f:d1:a4:01:ee:f5:a7:c6:02:c9:
44:12:96:d9:81:ee:8f:bf:e8:5c:07:5f:16:6b:76:7c:02:cd:
a8:31:ef:56:02:44:48:bc:3c:63:3f:34:18:20:41:41:22:d1:
94:29:79:69:a4:07:e6:cf:e4:c5:82:46:77:8b:1c:91:95:24:
01:93:5b:91:b7:a0:33:dc:22:97:41:f2:08:3b:db:a6:2e:6d:
be:4e:8e:f8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQoJR5NX6yYtFGE7TN/jzIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjFkZmYzNWVkZjBjZTZlNDI4ZDZhZmZjMjEyYzQ3MTc2
NzllZTEwHhcNMjUwMTAyMTc1MTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY4Mzc3ZjQxOWI3ZmNiMWFlNWZkOTFmYjU0OTExYjlkYWJlZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvogSb4IJ740Uv0APZf/n35kpem7y
eJddTk3nOEfTzL3J28b5UU4oJ3f430n97U0HWWgXlKLFOkci8NUZyHYYjdjUZbDy
q2M7GsHxTykZ1SLMvT5DM7WZLjd1FI8IBN4m2YhZg9Q7ov2cSZhQiWInZIvMRfZe
XXKUpRGh5qFr/EmT0PHeA1prtX5FjmB5nfZhTB0OaGFlAYY0H8m05FSOtFwDjeIQ
jL8Kp/um716LXJalG9YiSlLgqyXLVaV59RU70yTY7fVDtKNWf0s3qDNZwp0WbNu8
IQHz7s61SEkFc72UJwnd+b32pUpEqi6RcHmsNaMGAO2elNDq3EomzWFiKwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFVoN39Bm3/LGuX9kftUkRudq+/vMB8GA1UdIwQY
MBaAFEAh3/Ne3wzm5CjWr/whLEcXZ57hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNIZjgxN2ZET2JrS05hdl9DRXNSeGRubnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMTQwODgtNTY4NC00OWMyLWI2MzAt
ZWI1M2E1MThjMjYzLzEvVldnM2YwR2JmOHNhNWYyUi0xU1JHNTJyNy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMTQwODgtNTY4NC00OWMyLWI2MzAtZWI1M2E1MThjMjYz
LzEvUUNIZjgxN2ZET2JrS05hdl9DRXNSeGRubnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKgJoYAAw
DQYJKoZIhvcNAQELBQADggEBAIOJMWUv+T3vSGpBpguN1PYwYGvOibu/U7oEAKET
BZ2EDWWppa7qTD3Vgw154C/YznZ7+GVhberV40Ghxnyb9Gr+RRIu1VCAiCia+oeS
1uCVnDZVG7x1qGk8442keQRt2ElR+MFvNxDGNHhRgb5r3S4skvlIU9lHgV7eCvsd
tV+yD1E2iXV551wx3k6rXaRJvO0mMVN5nJftAtL2dWvD4lDJriUmDAvDaACVP9Gk
Ae71p8YCyUQSltmB7o+/6FwHXxZrdnwCzagx71YCREi8PGM/NBggQUEi0ZQpeWmk
B+bP5MWCRneLHJGVJAGTW5G3oDPcIpdB8gg726Yubb5Ojvg=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:38 2025 by rpki-client