Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/3kQj1-t1VT1PpkvmLI1MIEYSgU8.roa
File: 3kQj1-t1VT1PpkvmLI1MIEYSgU8.roa (raw, json)
Hash identifier: b8UuQWD0pjc44S4W/wgyVPYCG6ilNV/HNdCL/EOjX2w=
Subject key identifier: DE:44:23:D7:EB:75:55:3D:4F:A6:4B:E6:2C:8D:4C:20:46:12:81:4F
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422203134630C94593880010922C599B6
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/3kQj1-t1VT1PpkvmLI1MIEYSgU8.roa
Signing time: Wed 01 Jan 2025 13:48:42 +0000
ROA not before: Wed 01 Jan 2025 13:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204446
IP address blocks: 2a0e:8f02:1000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:31:34:63:0c:94:59:38:80:01:09:22:c5:99:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de4423d7eb75553d4fa64be62c8d4c204612814f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:72:79:0a:67:41:90:6a:79:44:be:6a:79:69:
bf:41:0a:71:3c:7c:3e:7b:e7:e5:0b:e3:93:a7:f4:
b7:66:cc:ce:0e:f9:b6:66:3b:5a:08:7b:ba:95:35:
1b:4d:18:af:6f:85:a4:d2:24:e9:7a:4d:29:b8:b9:
dc:ed:c1:34:88:e8:73:d0:4e:11:35:0d:31:45:77:
97:a7:28:b8:99:4f:cd:07:53:97:0a:7e:c6:04:c0:
e0:da:84:b3:b5:01:58:02:dc:76:c6:e4:05:9a:f7:
05:35:a3:eb:a0:bb:ff:ab:2d:57:20:d2:a2:b7:d1:
22:e6:69:1c:51:49:bd:76:6f:0c:b3:08:0f:aa:da:
e8:1b:94:a8:3f:9f:54:d6:87:92:9e:50:43:ed:d8:
fc:7a:04:64:76:93:44:10:1a:2d:4b:1d:cb:7b:00:
ae:b5:11:3c:ab:31:e3:31:fb:e3:8a:52:39:8f:be:
60:0b:bf:43:bd:ac:f4:93:20:a2:20:c8:57:91:69:
f5:eb:cb:c8:50:43:26:c5:9b:89:fa:e1:0f:3e:83:
61:de:22:cf:47:0a:46:04:5c:71:17:24:05:54:3c:
fd:76:d9:92:5e:2b:a8:91:28:25:41:1b:41:30:9e:
94:48:dc:41:55:ff:fd:f6:df:92:a6:dd:5a:ba:0a:
40:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:44:23:D7:EB:75:55:3D:4F:A6:4B:E6:2C:8D:4C:20:46:12:81:4F
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/3kQj1-t1VT1PpkvmLI1MIEYSgU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:9a:a0:9b:fb:c3:a4:c4:27:bb:08:8a:e2:51:0f:9e:2c:ed:
ed:1a:a5:90:21:2b:60:4e:d1:13:be:ea:32:23:e7:02:c3:55:
a2:3f:f9:0a:86:1a:0b:be:6e:2c:d9:11:8e:06:82:b1:c8:7c:
3e:c0:99:19:6d:d4:06:b7:73:dc:b0:7a:04:53:93:94:0d:d3:
7d:d0:a1:03:f5:6c:ee:6b:cd:fa:d1:4c:b3:5d:25:15:20:e0:
f8:5b:be:72:71:61:d0:6d:9f:4d:d7:e4:36:2d:89:78:ac:9b:
d0:4a:9c:d8:33:8b:58:71:4f:88:ac:b6:38:1b:4a:4b:a2:19:
9b:4e:5a:f4:f7:c8:8f:7b:db:1d:e6:09:4d:2b:4f:6f:05:0e:
bb:cd:54:dd:30:ce:90:a2:61:a9:ac:d1:91:53:cd:93:07:c8:
0b:6e:69:69:6b:1c:9e:db:8f:e4:5c:44:16:cd:63:cc:3f:3a:
f4:0b:0c:56:41:0b:9c:a4:e8:a4:85:b9:52:a9:ed:d1:08:3a:
6a:bd:a8:7d:fd:d7:94:26:f1:cf:34:78:df:53:fc:13:52:ca:
fa:84:e5:45:0a:62:7a:d6:fb:78:b0:2d:d5:2f:44:00:cb:94:
1a:f5:4e:93:93:4e:29:3e:b8:98:ad:0b:dd:e8:f5:95:72:d0:
63:cc:0a:13
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQiIDE0YwyUWTiAAQkixZm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTQ0MjNkN2ViNzU1NTNkNGZhNjRiZTYyYzhkNGMyMDQ2MTI4MTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHJ5CmdBkGp5RL5qeWm/QQpxPHw+
e+flC+OTp/S3ZszODvm2ZjtaCHu6lTUbTRivb4Wk0iTpek0puLnc7cE0iOhz0E4R
NQ0xRXeXpyi4mU/NB1OXCn7GBMDg2oSztQFYAtx2xuQFmvcFNaProLv/qy1XINKi
t9Ei5mkcUUm9dm8MswgPqtroG5SoP59U1oeSnlBD7dj8egRkdpNEEBotSx3LewCu
tRE8qzHjMfvjilI5j75gC79Dvaz0kyCiIMhXkWn168vIUEMmxZuJ+uEPPoNh3iLP
RwpGBFxxFyQFVDz9dtmSXiuokSglQRtBMJ6USNxBVf/99t+Spt1augpAJwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFN5EI9frdVU9T6ZL5iyNTCBGEoFPMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvM2tRajEtdDFWVDFQcGt2bUxJMU1JRVlTZ1U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6PAhAw
DQYJKoZIhvcNAQELBQADggEBAByaoJv7w6TEJ7sIiuJRD54s7e0apZAhK2BO0RO+
6jIj5wLDVaI/+QqGGgu+bizZEY4GgrHIfD7AmRlt1Aa3c9ywegRTk5QN033QoQP1
bO5rzfrRTLNdJRUg4PhbvnJxYdBtn03X5DYtiXism9BKnNgzi1hxT4istjgbSkui
GZtOWvT3yI972x3mCU0rT28FDrvNVN0wzpCiYams0ZFTzZMHyAtuaWlrHJ7bj+Rc
RBbNY8w/OvQLDFZBC5yk6KSFuVKp7dEIOmq9qH3915Qm8c80eN9T/BNSyvqE5UUK
YnrW+3iwLdUvRADLlBr1TpOTTik+uJitC93o9ZVy0GPMChM=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:07:53 2025 by rpki-client