Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/84de8a-7e05-4069-a523-c3b6345a0d05/1/3kr8jiGy7HT0Z986eqHHTqrUADA.roa
File: 3kr8jiGy7HT0Z986eqHHTqrUADA.roa (raw, json)
Hash identifier: MLirpl2z9NyzltBKgB+dkcH7YYTRCJswwoZsSxn21Jw=
Subject key identifier: DE:4A:FC:8E:21:B2:EC:74:F4:67:DF:3A:7A:A1:C7:4E:AA:D4:00:30
Certificate issuer: /CN=55121e5b92fde64889f6aab2cc5ce86fc0e5a07e
Certificate serial: 0194258F52343C9B126CF04E8F6186C36868
Authority key identifier: 55:12:1E:5B:92:FD:E6:48:89:F6:AA:B2:CC:5C:E8:6F:C0:E5:A0:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VRIeW5L95kiJ9qqyzFzob8DloH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/84de8a-7e05-4069-a523-c3b6345a0d05/1/3kr8jiGy7HT0Z986eqHHTqrUADA.roa
Signing time: Thu 02 Jan 2025 05:48:57 +0000
ROA not before: Thu 02 Jan 2025 05:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 2a14:27c0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:52:34:3c:9b:12:6c:f0:4e:8f:61:86:c3:68:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55121e5b92fde64889f6aab2cc5ce86fc0e5a07e
Validity
Not Before: Jan 2 05:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de4afc8e21b2ec74f467df3a7aa1c74eaad40030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a4:d1:17:a3:1a:6d:18:ee:a3:38:22:4b:e9:
f3:55:e8:99:6d:ac:08:c3:87:8c:2a:78:2a:30:e1:
e4:ec:0b:f6:ec:d3:11:c2:f8:86:61:c6:70:ff:6a:
02:5e:90:80:0e:7a:6e:38:96:03:2b:9c:6c:d3:7f:
70:e8:74:91:7f:29:29:80:ef:24:d8:88:3a:fd:c7:
7c:4e:ec:3c:92:8b:c1:9a:b1:03:dd:fa:1e:7b:e7:
be:d8:84:cb:48:a5:30:a9:20:88:89:f5:5e:cf:06:
1b:4c:a0:47:57:5e:93:a0:43:7e:6d:6d:1b:71:b6:
59:7c:43:f2:ef:67:fa:80:fd:89:d1:27:fe:4e:dd:
b5:3b:25:73:ac:d0:eb:5d:e7:61:6c:61:4f:23:73:
46:21:8c:1c:aa:a7:3d:f6:3d:8f:6f:bf:a1:65:94:
46:6f:a8:21:a4:21:75:68:9c:e4:2f:85:6f:7b:fc:
82:8f:77:28:57:fe:d7:70:88:d6:00:c3:91:77:90:
17:c2:5f:f3:b2:ad:2d:12:96:fd:e4:42:7e:5b:85:
ca:46:8b:75:18:1c:9a:f8:80:d5:51:96:cf:d1:75:
31:83:27:77:17:f4:7f:ff:92:17:66:17:8d:a7:b4:
87:37:89:4f:1e:ba:43:9d:0f:77:a5:6b:bd:be:de:
db:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4A:FC:8E:21:B2:EC:74:F4:67:DF:3A:7A:A1:C7:4E:AA:D4:00:30
X509v3 Authority Key Identifier:
keyid:55:12:1E:5B:92:FD:E6:48:89:F6:AA:B2:CC:5C:E8:6F:C0:E5:A0:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRIeW5L95kiJ9qqyzFzob8DloH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/84de8a-7e05-4069-a523-c3b6345a0d05/1/3kr8jiGy7HT0Z986eqHHTqrUADA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/84de8a-7e05-4069-a523-c3b6345a0d05/1/VRIeW5L95kiJ9qqyzFzob8DloH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:27c0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:9d:d8:c5:53:35:45:ed:09:93:fe:05:95:3a:76:47:45:b4:
dc:d9:17:fe:c4:a0:23:bc:4c:47:0d:f1:6d:eb:16:79:e3:b8:
59:01:f4:bf:0c:fc:43:fd:fa:79:48:72:e3:3d:4b:38:73:3a:
94:42:65:2f:5a:08:c1:ab:5b:eb:ab:f4:cd:47:c3:55:27:8c:
bf:ba:a4:b5:20:68:5a:fa:a0:cd:9e:0c:e6:19:e0:66:8e:9a:
63:9c:d0:44:db:eb:3c:b8:6d:5b:bd:4f:09:13:bc:0c:ef:27:
ca:3f:fd:f4:68:cf:34:2f:fa:e0:9b:39:dc:7b:91:75:2b:bc:
01:0f:ba:09:c4:cb:92:67:16:90:1a:02:87:93:02:a1:73:a9:
c9:24:1c:61:b8:bb:81:9e:ad:c7:d7:e4:4b:44:51:77:fb:8f:
2a:bb:1a:ae:c6:7b:d1:57:32:5b:00:97:42:4b:f9:2a:2c:db:
a7:74:a4:09:23:b1:14:4b:ee:e4:08:85:d4:f7:c9:9d:66:af:
e5:22:0e:ca:64:9c:be:2b:cc:1e:9e:52:3c:0c:bb:09:93:4c:
b2:5e:48:15:b6:57:28:6b:c3:71:22:59:82:7c:79:90:15:fc:
51:13:4f:14:01:b6:45:9d:b1:c1:93:89:42:2b:b9:f3:0e:8e:
54:14:4f:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlj1I0PJsSbPBOj2GGw2hoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MTIxZTViOTJmZGU2NDg4OWY2YWFiMmNjNWNlODZmYzBl
NWEwN2UwHhcNMjUwMTAyMDU0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRhZmM4ZTIxYjJlYzc0ZjQ2N2RmM2E3YWExYzc0ZWFhZDQwMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqTRF6MabRjuozgiS+nzVeiZbawI
w4eMKngqMOHk7Av27NMRwviGYcZw/2oCXpCADnpuOJYDK5xs039w6HSRfykpgO8k
2Ig6/cd8Tuw8kovBmrED3foee+e+2ITLSKUwqSCIifVezwYbTKBHV16ToEN+bW0b
cbZZfEPy72f6gP2J0Sf+Tt21OyVzrNDrXedhbGFPI3NGIYwcqqc99j2Pb7+hZZRG
b6ghpCF1aJzkL4Vve/yCj3coV/7XcIjWAMORd5AXwl/zsq0tEpb95EJ+W4XKRot1
GBya+IDVUZbP0XUxgyd3F/R//5IXZheNp7SHN4lPHrpDnQ93pWu9vt7bFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN5K/I4hsux09GffOnqhx06q1AAwMB8GA1UdIwQY
MBaAFFUSHluS/eZIifaqssxc6G/A5aB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlJJZVc1TDk1a2lKOXFxeXpGem9iOERsb0g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy84NGRlOGEtN2UwNS00MDY5LWE1MjMt
YzNiNjM0NWEwZDA1LzEvM2tyOGppR3k3SFQwWjk4NmVxSEhUcXJVQURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy84NGRlOGEtN2UwNS00MDY5LWE1MjMtYzNiNjM0NWEwZDA1
LzEvVlJJZVc1TDk1a2lKOXFxeXpGem9iOERsb0g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQnwDAN
BgkqhkiG9w0BAQsFAAOCAQEAH53YxVM1Re0Jk/4FlTp2R0W03NkX/sSgI7xMRw3x
besWeeO4WQH0vwz8Q/36eUhy4z1LOHM6lEJlL1oIwatb66v0zUfDVSeMv7qktSBo
WvqgzZ4M5hngZo6aY5zQRNvrPLhtW71PCRO8DO8nyj/99GjPNC/64Js53HuRdSu8
AQ+6CcTLkmcWkBoCh5MCoXOpySQcYbi7gZ6tx9fkS0RRd/uPKrsarsZ70VcyWwCX
Qkv5Kizbp3SkCSOxFEvu5AiF1PfJnWav5SIOymScvivMHp5SPAy7CZNMsl5IFbZX
KGvDcSJZgnx5kBX8URNPFAG2RZ2xwZOJQiu58w6OVBRPwg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:50:04 2025 by rpki-client