Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/esqIgEA4R0YTJV-NJQ3PyliQxZg.roa
File: esqIgEA4R0YTJV-NJQ3PyliQxZg.roa (raw, json)
Hash identifier: 3lEh/qMxZO6QiRrcjIxTCmmUWd9A0auk6RJN5gxd0O8=
Subject key identifier: 7A:CA:88:80:40:38:47:46:13:25:5F:8D:25:0D:CF:CA:58:90:C5:98
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747EC977D100850A2E2C7A3F7DE8A0D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/esqIgEA4R0YTJV-NJQ3PyliQxZg.roa
Signing time: Thu 02 Jan 2025 13:50:12 +0000
ROA not before: Thu 02 Jan 2025 13:50:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211772
IP address blocks: 2a0b:b81::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:ec:97:7d:10:08:50:a2:e2:c7:a3:f7:de:8a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7aca88804038474613255f8d250dcfca5890c598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fd:95:25:ce:6c:53:d4:a7:31:9a:53:9b:97:
e7:3e:a5:06:b2:c7:bf:78:d5:38:61:91:7a:52:cd:
ae:38:af:ed:6d:28:66:d1:02:b2:06:7d:13:09:38:
02:f8:a9:82:1c:74:8b:a2:57:a1:f9:e0:7f:48:c0:
f2:e9:79:78:a4:f9:64:6d:18:d6:97:81:e8:46:ca:
71:ec:29:32:46:2f:dc:c3:f3:60:3b:f2:38:bf:ca:
a7:5d:bf:7d:c4:86:cf:87:1b:d1:57:a2:18:bf:6a:
b2:1a:8f:6d:82:91:c9:4e:4c:35:35:7b:21:f6:ac:
36:5d:56:d9:7e:71:c7:c8:60:f0:81:ad:60:49:e2:
9f:9c:5f:bc:d8:a2:92:d2:4f:db:e8:2f:e9:5e:95:
d6:b0:94:a4:c9:ec:d2:d2:7f:b2:49:82:19:66:09:
c0:f4:ec:c4:e6:17:75:87:73:4d:7d:25:37:04:ee:
ed:c0:52:7f:70:60:6e:eb:dc:f2:69:d2:30:e7:1a:
db:f9:40:15:2d:58:35:43:fb:c9:2d:62:af:9f:5f:
36:c6:49:0d:df:35:11:19:a8:34:39:83:39:54:e6:
5c:fb:11:f2:98:15:e5:6b:42:38:83:c8:07:13:ac:
91:71:ea:36:92:a9:e4:f5:98:e8:a6:18:48:d7:2d:
59:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CA:88:80:40:38:47:46:13:25:5F:8D:25:0D:CF:CA:58:90:C5:98
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/esqIgEA4R0YTJV-NJQ3PyliQxZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b81::/46
Signature Algorithm: sha256WithRSAEncryption
4c:98:e1:8e:73:9b:04:28:d6:6e:27:28:82:b5:dd:6b:aa:e4:
b4:57:39:82:4d:f9:1b:e7:b9:01:05:df:fd:94:d1:6e:a9:1a:
d4:4d:ef:6e:f1:c4:55:64:d3:a5:69:e2:3e:ae:d6:88:66:bd:
8b:43:a1:d6:4f:fc:09:61:13:52:14:57:24:52:ce:a1:9f:f5:
c4:26:e8:01:fd:96:dd:c9:2e:37:80:a2:dd:6b:ec:c6:e1:c6:
3a:52:08:66:16:e6:7c:79:e4:c1:a3:a3:1d:30:35:6e:cc:13:
7e:76:76:e9:74:1e:4e:ff:c4:6d:43:d3:72:46:46:7d:65:ec:
42:34:ba:36:be:c1:42:1d:c7:c9:84:e6:ab:2a:6e:75:00:3a:
89:2f:50:0d:54:53:3e:ed:6d:33:9e:61:68:ed:89:07:3a:67:
d3:d2:2b:67:57:60:49:63:56:f7:af:4a:9a:1e:22:7f:a7:50:
3e:c7:98:0a:64:7f:ab:7d:43:52:76:d9:76:74:ba:c7:79:b0:
62:eb:7b:fc:ac:64:e6:41:55:d3:a8:35:ed:1a:b9:22:c2:75:
02:11:f3:d1:8f:0a:71:52:73:4f:36:6f:a1:d3:9b:32:20:eb:
d5:92:48:be:97:ca:60:d1:c2:0e:51:e4:fc:61:6e:6d:4b:51:
1e:13:89:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR+yXfRAIUKLix6P33ooNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWNhODg4MDQwMzg0NzQ2MTMyNTVmOGQyNTBkY2ZjYTU4OTBjNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf2VJc5sU9SnMZpTm5fnPqUGsse/
eNU4YZF6Us2uOK/tbShm0QKyBn0TCTgC+KmCHHSLoleh+eB/SMDy6Xl4pPlkbRjW
l4HoRspx7CkyRi/cw/NgO/I4v8qnXb99xIbPhxvRV6IYv2qyGo9tgpHJTkw1NXsh
9qw2XVbZfnHHyGDwga1gSeKfnF+82KKS0k/b6C/pXpXWsJSkyezS0n+ySYIZZgnA
9OzE5hd1h3NNfSU3BO7twFJ/cGBu69zyadIw5xrb+UAVLVg1Q/vJLWKvn182xkkN
3zURGag0OYM5VOZc+xHymBXla0I4g8gHE6yRceo2kqnk9ZjophhI1y1Z7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHrKiIBAOEdGEyVfjSUNz8pYkMWYMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZXNxSWdFQTRSMFlUSlYtTkpRM1B5bGlReFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgsLgQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBMmOGOc5sEKNZuJyiCtd1rquS0VzmCTfkb57kB
Bd/9lNFuqRrUTe9u8cRVZNOlaeI+rtaIZr2LQ6HWT/wJYRNSFFckUs6hn/XEJugB
/ZbdyS43gKLda+zG4cY6UghmFuZ8eeTBo6MdMDVuzBN+dnbpdB5O/8RtQ9NyRkZ9
ZexCNLo2vsFCHcfJhOarKm51ADqJL1ANVFM+7W0znmFo7YkHOmfT0itnV2BJY1b3
r0qaHiJ/p1A+x5gKZH+rfUNSdtl2dLrHebBi63v8rGTmQVXTqDXtGrkiwnUCEfPR
jwpxUnNPNm+h05syIOvVkki+l8pg0cIOUeT8YW5tS1EeE4ma
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:54:01 2025 by rpki-client