Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/TJKP__jRvYBXC3BBkXlRyzg2w0g.roa
File: TJKP__jRvYBXC3BBkXlRyzg2w0g.roa (raw, json)
Hash identifier: GHcOS4AOS4XcRUHap/0HcPOkV0jRHLBB5ZJ27pNCDaI=
Subject key identifier: 4C:92:8F:FF:F8:D1:BD:80:57:0B:70:41:91:79:51:CB:38:36:C3:48
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 019427470721FC8FB5491CC5E720781C418F
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/TJKP__jRvYBXC3BBkXlRyzg2w0g.roa
Signing time: Thu 02 Jan 2025 13:49:13 +0000
ROA not before: Thu 02 Jan 2025 13:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200334
IP address blocks: 2a0f:6580:104::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:07:21:fc:8f:b5:49:1c:c5:e7:20:78:1c:41:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Jan 2 13:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c928ffff8d1bd80570b7041917951cb3836c348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:23:93:c1:18:8b:08:be:c9:ac:89:b9:fe:04:
f3:72:54:bc:2a:7d:4a:3e:9a:78:f0:af:7d:52:3e:
af:7f:f8:e7:86:d7:5f:4b:1f:dc:0f:b2:32:d2:e0:
d5:9c:30:c4:82:dc:f1:8d:8f:53:94:72:ab:d1:11:
d4:de:c3:1e:f5:30:c7:54:3b:bc:fa:99:71:b5:c3:
c4:21:d4:2d:13:c9:c4:19:34:be:a8:35:7f:8e:22:
5d:6a:e4:4c:b1:b6:1c:8b:ab:60:06:a9:f7:3e:0f:
f9:3c:b9:01:45:c4:66:90:1e:b4:b8:ae:53:65:a4:
5a:03:f1:d1:e3:ff:ee:b8:8d:ed:20:b7:b1:90:97:
dc:a2:de:f9:f9:0b:b5:60:41:27:2c:e9:b7:bd:6c:
fc:a4:12:a9:52:37:c4:e3:1f:fa:83:73:22:4e:fb:
c3:67:9e:54:9c:cd:b4:e3:5d:87:cc:40:84:12:df:
ec:f2:b0:b9:8c:85:68:53:6d:e8:e1:67:ea:ab:da:
81:7a:d7:5a:9b:4e:ce:a9:fa:52:9f:a0:af:2a:57:
d7:ad:96:7f:09:c2:11:c3:d7:bb:76:e6:09:8d:3a:
87:41:6c:d3:56:7d:e9:b5:01:5b:7e:76:c8:22:4f:
87:54:67:4e:42:1a:95:e7:91:f3:b7:b1:47:44:a4:
d3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:92:8F:FF:F8:D1:BD:80:57:0B:70:41:91:79:51:CB:38:36:C3:48
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/TJKP__jRvYBXC3BBkXlRyzg2w0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6580:104::/48
Signature Algorithm: sha256WithRSAEncryption
90:97:a7:2b:0a:22:d1:cb:f7:08:ab:09:79:11:ab:91:c9:b2:
c4:69:cf:40:b4:4b:6c:df:13:86:dd:93:0a:94:ed:a4:3f:4e:
22:06:7d:53:39:70:a5:59:1a:38:66:90:ad:dc:8d:b3:c8:6f:
d7:31:59:11:99:53:9d:4a:23:e5:a6:cf:d4:a8:e0:19:76:04:
66:e2:92:1c:a4:9c:75:83:cd:7f:0c:bf:f9:d0:00:0a:3e:d7:
30:19:58:9c:e5:2f:9a:a6:a9:f0:ce:d6:95:a9:8f:fe:ae:7a:
2a:5d:25:6c:9f:d0:be:32:a7:14:f4:3c:a7:57:dd:f1:f9:07:
df:e6:ae:30:76:10:0a:58:64:09:97:ff:9e:89:35:1a:25:1e:
1b:4d:b4:2e:82:9a:7e:16:a8:16:5c:43:eb:af:27:49:8c:20:
77:66:94:a7:5e:5f:14:12:94:46:d1:5f:4c:ba:6e:f2:28:d8:
8b:36:c9:3e:bd:23:80:5a:25:97:01:14:97:40:80:65:ac:4a:
fc:f5:e6:dc:32:b4:b3:83:c2:46:36:75:16:0e:74:90:31:f0:
04:eb:4c:12:c5:5f:2f:37:70:a5:8b:b0:07:e5:3a:7f:48:44:
6d:08:c7:60:79:31:19:56:8f:40:2f:88:2b:a0:0e:7c:c2:cd:
3b:1d:c9:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRwch/I+1SRzF5yB4HEGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjUwMTAyMTM0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzkyOGZmZmY4ZDFiZDgwNTcwYjcwNDE5MTc5NTFjYjM4MzZjMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSOTwRiLCL7JrIm5/gTzclS8Kn1K
Ppp48K99Uj6vf/jnhtdfSx/cD7Iy0uDVnDDEgtzxjY9TlHKr0RHU3sMe9TDHVDu8
+plxtcPEIdQtE8nEGTS+qDV/jiJdauRMsbYci6tgBqn3Pg/5PLkBRcRmkB60uK5T
ZaRaA/HR4//uuI3tILexkJfcot75+Qu1YEEnLOm3vWz8pBKpUjfE4x/6g3MiTvvD
Z55UnM20412HzECEEt/s8rC5jIVoU23o4Wfqq9qBetdam07OqfpSn6CvKlfXrZZ/
CcIRw9e7duYJjTqHQWzTVn3ptQFbfnbIIk+HVGdOQhqV55Hzt7FHRKTTAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEySj//40b2AVwtwQZF5Ucs4NsNIMB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvVEpLUF9falJ2WUJYQzNCQmtYbFJ5emcydzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9lgAEE
MA0GCSqGSIb3DQEBCwUAA4IBAQCQl6crCiLRy/cIqwl5EauRybLEac9AtEts3xOG
3ZMKlO2kP04iBn1TOXClWRo4ZpCt3I2zyG/XMVkRmVOdSiPlps/UqOAZdgRm4pIc
pJx1g81/DL/50AAKPtcwGVic5S+apqnwztaVqY/+rnoqXSVsn9C+MqcU9DynV93x
+Qff5q4wdhAKWGQJl/+eiTUaJR4bTbQugpp+FqgWXEPrrydJjCB3ZpSnXl8UEpRG
0V9Mum7yKNiLNsk+vSOAWiWXARSXQIBlrEr89ebcMrSzg8JGNnUWDnSQMfAE60wS
xV8vN3Cli7AH5Tp/SERtCMdgeTEZVo9AL4groA58ws07Hcm5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:07 2025 by rpki-client