Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/TeWmN6EHoWRaSQ7AOqv2c821wck.roa
File: TeWmN6EHoWRaSQ7AOqv2c821wck.roa (raw, json)
Hash identifier: nLb50bk1nICV8KXxpzGqIvnlONr6M9e61qQJa/r2Gnk=
Subject key identifier: 4D:E5:A6:37:A1:07:A1:64:5A:49:0E:C0:3A:AB:F6:73:CD:B5:C1:C9
Certificate issuer: /CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Certificate serial: 01942521F8889C34A1E2B9E30B33DECD150F
Authority key identifier: F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/TeWmN6EHoWRaSQ7AOqv2c821wck.roa
Signing time: Thu 02 Jan 2025 03:49:30 +0000
ROA not before: Thu 02 Jan 2025 03:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50973
IP address blocks: 2a03:6947:100::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:f8:88:9c:34:a1:e2:b9:e3:0b:33:de:cd:15:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Validity
Not Before: Jan 2 03:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4de5a637a107a1645a490ec03aabf673cdb5c1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:90:a2:e0:33:6e:1f:77:ae:c2:99:4d:a9:41:
91:6b:2a:43:29:21:01:09:41:0c:b7:96:16:7e:1d:
fc:30:42:a7:be:ba:c1:bb:26:43:ea:e2:0d:fd:05:
ad:21:5e:7d:f2:6f:b4:ee:bb:9d:ac:fa:b9:68:0d:
82:bc:18:c3:c9:a1:cc:c7:c3:cb:5d:70:7d:39:41:
43:cb:18:7d:69:b2:43:7b:9d:70:5a:38:f9:d7:1e:
bc:e9:6d:4a:db:ae:70:40:de:8c:68:ff:5d:85:79:
2a:ac:b1:06:86:58:c9:e7:3c:38:ef:0a:e4:82:d6:
5d:07:2d:1d:c1:72:86:25:d1:59:54:0d:66:f4:98:
0c:72:d4:8d:21:ed:3e:0e:d8:98:e2:95:82:97:25:
6f:37:85:e5:07:c0:11:3f:82:c0:d3:04:56:e4:c3:
c6:68:4c:d5:13:55:93:35:4e:79:1c:b0:b6:1e:32:
06:2f:65:1e:22:19:7a:e5:4a:a5:fa:54:d5:f8:65:
89:28:b0:bb:e5:c9:56:76:e6:b2:6f:56:2e:5d:96:
38:e0:e1:11:22:7e:6f:61:30:45:df:36:fd:bf:18:
a7:75:e1:ce:ba:8e:0f:f3:e7:ea:82:b3:29:a1:af:
63:e8:0a:ab:1e:5d:e7:c4:c2:9d:93:ae:76:6f:03:
37:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E5:A6:37:A1:07:A1:64:5A:49:0E:C0:3A:AB:F6:73:CD:B5:C1:C9
X509v3 Authority Key Identifier:
keyid:F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/TeWmN6EHoWRaSQ7AOqv2c821wck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/87kHgdu-vbjsQrr2ZIgFnqWGaqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6947:100::/40
Signature Algorithm: sha256WithRSAEncryption
06:3f:57:73:cf:bd:63:6d:06:7f:84:9c:1c:1f:2d:f4:ea:07:
8c:19:9c:0e:b8:bf:d6:62:73:d8:36:15:3d:db:3a:5e:a9:62:
bb:18:23:d1:0d:4e:7f:16:06:60:d5:a5:1f:17:0b:86:85:87:
51:c4:70:10:63:88:9d:65:28:de:f3:e9:fa:e4:9b:42:67:93:
2d:a5:b3:61:60:90:1d:72:f1:7c:89:23:17:04:c9:81:60:15:
9d:6f:af:49:0f:29:2b:b8:17:f5:0b:a0:40:33:ca:1f:ce:bb:
0c:c0:77:2f:4e:ef:13:87:be:1c:fc:cb:e9:38:2f:1b:0c:ea:
9b:24:14:3c:5a:93:74:34:d3:7f:10:6e:2d:71:5b:4f:f2:1a:
70:9a:7b:65:79:e5:a9:c2:f3:e8:b8:ec:da:ca:69:06:e3:33:
a9:8b:4f:22:cc:81:e3:74:77:dd:f8:90:30:99:3e:97:12:21:
a5:c4:54:ac:23:72:d9:6d:a4:cf:53:75:37:b9:6d:4a:ba:27:
47:26:b9:87:fe:9f:6f:d2:a1:54:13:91:14:9c:1f:60:37:1b:
fa:56:57:84:99:c6:90:61:47:eb:49:d3:43:f7:b0:6d:00:98:
fb:a3:b5:a1:57:bd:15:6f:24:7f:38:27:01:31:d6:a2:7c:34:
fe:9c:0b:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIfiInDSh4rnjCzPezRUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjkwNzgxZGJiZWJkYjhlYzQyYmFmNjY0ODgwNTllYTU4
NjZhYWMwHhcNMjUwMTAyMDM0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGU1YTYzN2ExMDdhMTY0NWE0OTBlYzAzYWFiZjY3M2NkYjVjMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5Ci4DNuH3euwplNqUGRaypDKSEB
CUEMt5YWfh38MEKnvrrBuyZD6uIN/QWtIV598m+07rudrPq5aA2CvBjDyaHMx8PL
XXB9OUFDyxh9abJDe51wWjj51x686W1K265wQN6MaP9dhXkqrLEGhljJ5zw47wrk
gtZdBy0dwXKGJdFZVA1m9JgMctSNIe0+DtiY4pWClyVvN4XlB8ARP4LA0wRW5MPG
aEzVE1WTNU55HLC2HjIGL2UeIhl65Uql+lTV+GWJKLC75clWduayb1YuXZY44OER
In5vYTBF3zb9vxindeHOuo4P8+fqgrMpoa9j6AqrHl3nxMKdk652bwM3mQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFE3lpjehB6FkWkkOwDqr9nPNtcHJMB8GA1UdIwQY
MBaAFPO5B4Hbvr247EK69mSIBZ6lhmqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAt
M2VmNWViN2M4NTk4LzEvVGVXbU42RUhvV1JhU1E3QU9xdjJjODIxd2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAtM2VmNWViN2M4NTk4
LzEvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgNpRwEw
DQYJKoZIhvcNAQELBQADggEBAAY/V3PPvWNtBn+EnBwfLfTqB4wZnA64v9Zic9g2
FT3bOl6pYrsYI9ENTn8WBmDVpR8XC4aFh1HEcBBjiJ1lKN7z6frkm0Jnky2ls2Fg
kB1y8XyJIxcEyYFgFZ1vr0kPKSu4F/ULoEAzyh/OuwzAdy9O7xOHvhz8y+k4LxsM
6pskFDxak3Q0038Qbi1xW0/yGnCae2V55anC8+i47NrKaQbjM6mLTyLMgeN0d934
kDCZPpcSIaXEVKwjctltpM9TdTe5bUq6J0cmuYf+n2/SoVQTkRScH2A3G/pWV4SZ
xpBhR+tJ00P3sG0AmPujtaFXvRVvJH84JwEx1qJ8NP6cC0A=
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:11 2025 by rpki-client