Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/1-j_NENm5-sNQNRhoG12DGhts2RA.roa
File: 1-j_NENm5-sNQNRhoG12DGhts2RA.roa (raw, json)
Hash identifier: rxMl58Hpd8I9+Opcjq2WXGHyT2V7qNJ/2GgS8YODf/c=
Subject key identifier: FA:3F:CD:10:D9:B9:FA:C3:50:35:18:68:1B:5D:83:1A:1B:6C:D9:10
Certificate issuer: /CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Certificate serial: 019427B612BD3B454727F9104BAB9F435ACA
Authority key identifier: 42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/1-j_NENm5-sNQNRhoG12DGhts2RA.roa
Signing time: Thu 02 Jan 2025 15:50:31 +0000
ROA not before: Thu 02 Jan 2025 15:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208266
IP address blocks: 2a0e:800:ff20::/48 maxlen: 48
2a0e:800:ff21::/48 maxlen: 48
2a0e:800:ff40::/42 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:12:bd:3b:45:47:27:f9:10:4b:ab:9f:43:5a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Validity
Not Before: Jan 2 15:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa3fcd10d9b9fac3503518681b5d831a1b6cd910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9c:5b:8e:96:24:e1:00:1a:ed:39:21:be:1e:
1d:78:a2:e0:22:b5:22:16:52:5d:27:f2:b4:25:f3:
00:e0:13:19:38:8f:e6:6e:86:0c:1a:99:44:2f:c7:
25:83:98:6c:78:29:ac:da:bf:a4:45:ed:a4:b7:60:
cc:f1:c7:06:04:fd:41:82:27:e0:12:f4:6f:fc:25:
e2:fe:18:63:be:fb:fe:69:5e:d4:dc:57:c0:4f:a4:
ae:ca:2e:10:10:2c:68:5d:83:78:a5:ed:ca:01:7f:
c6:09:a5:06:5a:e9:d5:e8:5b:23:76:54:b3:03:52:
80:3a:60:73:75:40:7f:4f:7b:b2:36:bc:85:39:6d:
b5:07:76:f5:94:32:88:10:39:bb:64:b3:2c:fd:ea:
a2:b1:26:a5:c9:b5:c9:b9:49:f0:d0:36:3d:5c:8c:
89:5e:33:ad:a2:b6:ab:07:b8:a7:db:f1:a6:5f:e4:
49:a6:4e:8a:97:bb:24:c9:f1:d4:ba:28:58:e4:ba:
e7:f4:79:8a:85:6c:44:a8:95:b4:5a:09:dc:ef:1a:
9e:d4:03:f5:b4:8b:72:71:7a:4d:fb:8c:c3:94:6d:
88:71:b5:8d:f8:b9:6b:f5:68:fc:4d:ae:fb:67:cf:
f3:3c:b6:a7:13:0c:ab:af:04:85:ea:ac:4a:66:b9:
2b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3F:CD:10:D9:B9:FA:C3:50:35:18:68:1B:5D:83:1A:1B:6C:D9:10
X509v3 Authority Key Identifier:
keyid:42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/1-j_NENm5-sNQNRhoG12DGhts2RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:800:ff20::/47
2a0e:800:ff40::/42
Signature Algorithm: sha256WithRSAEncryption
21:be:0a:66:3f:c4:1d:ec:37:d3:03:43:60:90:9a:dc:74:b0:
5f:4c:53:c0:fb:c2:7d:29:e3:9a:36:95:d2:d2:dd:d9:65:d2:
48:8e:16:f5:89:01:99:b5:d8:58:6e:9e:f7:7c:8c:ea:ae:e2:
e0:ea:fd:95:0b:1c:87:7b:31:9d:2a:46:6d:2a:76:d8:90:de:
4a:0c:9e:5c:4f:22:bf:63:4c:c9:10:63:54:7a:67:43:49:55:
45:2a:9c:7b:03:0f:e0:fd:7a:08:f5:22:9d:4f:74:71:70:44:
28:e0:dc:7e:da:fe:52:06:c1:9d:c4:f8:7f:34:24:42:3d:3c:
fb:df:1d:bf:74:d4:50:67:83:8c:80:77:69:eb:9a:18:39:5b:
37:c0:6d:75:ef:53:11:35:38:53:fe:32:65:12:b5:72:b5:8f:
7b:30:68:9a:dd:6e:48:57:4b:8a:9f:af:0b:a8:a3:1c:1e:5f:
dc:2e:5b:5d:2e:43:ac:d3:b9:9e:8e:8d:3f:33:cd:7a:35:00:
54:13:6d:24:2d:30:99:fa:76:f7:4f:7a:36:32:cd:41:52:d1:
76:e4:8a:03:82:ff:a0:69:e4:f7:c8:da:64:69:2e:ea:d8:a7:
a7:68:b8:f4:f3:14:89:d5:19:7b:67:33:7d:0d:12:fd:6a:7d:
c9:78:88:fa
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQnthK9O0VHJ/kQS6ufQ1rKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2U3NTkzMjAxOTViOWNjMThjY2ZjYjFiNTMyYWVhOTQ5
MjU4ZjEwHhcNMjUwMTAyMTU1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTNmY2QxMGQ5YjlmYWMzNTAzNTE4NjgxYjVkODMxYTFiNmNkOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5xbjpYk4QAa7Tkhvh4deKLgIrUi
FlJdJ/K0JfMA4BMZOI/mboYMGplEL8clg5hseCms2r+kRe2kt2DM8ccGBP1Bgifg
EvRv/CXi/hhjvvv+aV7U3FfAT6Suyi4QECxoXYN4pe3KAX/GCaUGWunV6FsjdlSz
A1KAOmBzdUB/T3uyNryFOW21B3b1lDKIEDm7ZLMs/eqisSalybXJuUnw0DY9XIyJ
XjOtorarB7in2/GmX+RJpk6Kl7skyfHUuihY5Lrn9HmKhWxEqJW0Wgnc7xqe1AP1
tItycXpN+4zDlG2IcbWN+Llr9Wj8Ta77Z8/zPLanEwyrrwSF6qxKZrkr4QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPo/zRDZufrDUDUYaBtdgxobbNkQMB8GA1UdIwQY
MBaAFELOdZMgGVucwYzPyxtTKuqUkljxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUt
Njk3OTQ4ZWE3MWY1LzEvMS1qX05FTm01LXNOUU5SaG9HMTJER2h0czJSQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvYTUyMDQ4LTEyY2EtNGEwMy05NWJlLTY5Nzk0OGVhNzFm
NS8xL1FzNTFreUFaVzV6QmpNX0xHMU1xNnBTU1dQRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHASoOCAD/
IAMHBioOCAD/QDANBgkqhkiG9w0BAQsFAAOCAQEAIb4KZj/EHew30wNDYJCa3HSw
X0xTwPvCfSnjmjaV0tLd2WXSSI4W9YkBmbXYWG6e93yM6q7i4Or9lQsch3sxnSpG
bSp22JDeSgyeXE8iv2NMyRBjVHpnQ0lVRSqcewMP4P16CPUinU90cXBEKODcftr+
UgbBncT4fzQkQj08+98dv3TUUGeDjIB3aeuaGDlbN8Btde9TETU4U/4yZRK1crWP
ezBomt1uSFdLip+vC6ijHB5f3C5bXS5DrNO5no6NPzPNejUAVBNtJC0wmfp29096
NjLNQVLRduSKA4L/oGnk98jaZGku6tinp2i49PMUidUZe2czfQ0S/Wp9yXiI+g==
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:05:03 2025 by rpki-client