Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/4EkSsDmoQioZqy5Nx3ZgwgNVKek.roa
File: 4EkSsDmoQioZqy5Nx3ZgwgNVKek.roa (raw, json)
Hash identifier: VGhbj0GwVploD/uygEp/n7MuApEtZ3hQmaUGbybY4XI=
Subject key identifier: E0:49:12:B0:39:A8:42:2A:19:AB:2E:4D:C7:76:60:C2:03:55:29:E9
Certificate issuer: /CN=b35a20a86939c8de8aedc305243b0fd4ad8654d0
Certificate serial: 01941FFA108AC1DAB727D6AF5DDB8D308D89
Authority key identifier: B3:5A:20:A8:69:39:C8:DE:8A:ED:C3:05:24:3B:0F:D4:AD:86:54:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s1ogqGk5yN6K7cMFJDsP1K2GVNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/4EkSsDmoQioZqy5Nx3ZgwgNVKek.roa
Signing time: Wed 01 Jan 2025 03:47:49 +0000
ROA not before: Wed 01 Jan 2025 03:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201814
IP address blocks: 2a12:a800:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:10:8a:c1:da:b7:27:d6:af:5d:db:8d:30:8d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b35a20a86939c8de8aedc305243b0fd4ad8654d0
Validity
Not Before: Jan 1 03:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e04912b039a8422a19ab2e4dc77660c2035529e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:15:e0:84:6e:f2:00:66:9f:db:5c:04:25:50:
19:b2:9c:ee:a8:d2:25:3b:5c:22:f8:bb:cc:f1:fe:
28:62:64:ad:d0:bd:3b:e0:2c:c5:ba:1a:14:04:7b:
62:9d:a1:cb:8b:31:2d:05:0f:55:00:82:38:41:49:
ab:56:9b:cb:22:03:ba:77:03:df:da:f8:f7:eb:22:
9f:6d:8d:2f:97:6f:eb:db:dd:fd:4e:4c:2f:b9:8a:
5a:5a:80:25:90:fc:fb:f8:8b:5d:b4:4f:a4:89:28:
dd:a2:73:07:89:dc:3d:43:fe:56:7c:ca:72:71:30:
23:d3:42:a3:d1:c8:c7:06:b6:31:9f:30:26:22:83:
68:da:59:9b:07:cf:c7:e1:cd:f9:0d:60:49:88:6f:
bc:62:6c:62:f4:ae:4a:e9:48:00:28:54:14:01:5c:
04:63:05:0f:d9:45:ca:56:d5:68:dd:4e:29:20:e1:
a9:36:84:d1:31:dd:9f:44:17:bc:05:82:51:6b:53:
9f:63:b5:62:cd:41:35:af:c2:44:76:32:c8:5d:ef:
88:af:8e:31:35:20:ff:ee:90:65:58:0c:54:b4:89:
3b:df:25:3e:54:2c:2a:98:52:aa:60:ac:2f:e1:01:
b2:70:b1:2a:15:71:09:68:50:a1:52:f3:23:ec:c9:
49:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:49:12:B0:39:A8:42:2A:19:AB:2E:4D:C7:76:60:C2:03:55:29:E9
X509v3 Authority Key Identifier:
keyid:B3:5A:20:A8:69:39:C8:DE:8A:ED:C3:05:24:3B:0F:D4:AD:86:54:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1ogqGk5yN6K7cMFJDsP1K2GVNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/4EkSsDmoQioZqy5Nx3ZgwgNVKek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/162186-50d1-4761-aaf0-a542589799bc/1/s1ogqGk5yN6K7cMFJDsP1K2GVNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a800:2::/48
Signature Algorithm: sha256WithRSAEncryption
3b:b9:03:7c:2c:a4:f3:92:d3:1f:9c:ea:3d:e2:31:ff:ca:ed:
8e:bc:e0:84:b0:96:11:8c:45:98:ce:da:9f:10:2d:c2:74:da:
51:94:09:6f:5b:a8:14:4b:5f:c7:bd:8c:6f:8f:6b:d3:31:96:
66:2f:36:3d:9a:52:ff:25:d4:27:d7:6f:ba:25:17:55:88:95:
be:8f:2a:00:54:8a:1a:11:cc:a3:37:1c:53:8f:ef:0a:1c:57:
33:c2:57:87:ad:30:bb:9d:74:f1:9e:81:e0:a5:cd:ac:e3:f8:
5f:cf:d1:d5:22:01:9b:c0:54:e1:63:a1:cc:83:ca:b9:df:cc:
52:2f:d9:56:1b:f0:90:25:a1:b4:a5:80:d7:b3:f0:4a:bc:8e:
50:98:27:6d:d2:c2:a6:ec:53:12:a0:4e:d2:36:f8:0c:dc:fc:
a6:df:60:3d:ad:4c:e6:89:71:36:58:40:9d:fd:3a:99:89:c2:
55:3c:d5:35:ca:5d:9a:14:90:e8:f4:b8:ce:d7:5f:d1:c2:6f:
db:62:f4:65:01:91:54:bf:84:17:90:08:21:fe:2b:f6:92:6b:
88:75:e4:72:ac:bd:f0:99:69:9c:25:b2:a8:09:62:61:c7:ed:
3e:43:e2:d6:fb:10:39:bf:16:90:97:5b:fc:7e:00:c3:97:1b:
4d:51:f9:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+hCKwdq3J9avXduNMI2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNWEyMGE4NjkzOWM4ZGU4YWVkYzMwNTI0M2IwZmQ0YWQ4
NjU0ZDAwHhcNMjUwMTAxMDM0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDQ5MTJiMDM5YTg0MjJhMTlhYjJlNGRjNzc2NjBjMjAzNTUyOWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxXghG7yAGaf21wEJVAZspzuqNIl
O1wi+LvM8f4oYmSt0L074CzFuhoUBHtinaHLizEtBQ9VAII4QUmrVpvLIgO6dwPf
2vj36yKfbY0vl2/r2939TkwvuYpaWoAlkPz7+ItdtE+kiSjdonMHidw9Q/5WfMpy
cTAj00Kj0cjHBrYxnzAmIoNo2lmbB8/H4c35DWBJiG+8Ymxi9K5K6UgAKFQUAVwE
YwUP2UXKVtVo3U4pIOGpNoTRMd2fRBe8BYJRa1OfY7VizUE1r8JEdjLIXe+Ir44x
NSD/7pBlWAxUtIk73yU+VCwqmFKqYKwv4QGycLEqFXEJaFChUvMj7MlJ/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOBJErA5qEIqGasuTcd2YMIDVSnpMB8GA1UdIwQY
MBaAFLNaIKhpOcjeiu3DBSQ7D9SthlTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFvZ3FHazV5TjZLN2NNRkpEc1AxSzJHVk5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8xNjIxODYtNTBkMS00NzYxLWFhZjAt
YTU0MjU4OTc5OWJjLzEvNEVrU3NEbW9RaW9acXk1TngzWmd3Z05WS2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8xNjIxODYtNTBkMS00NzYxLWFhZjAtYTU0MjU4OTc5OWJj
LzEvczFvZ3FHazV5TjZLN2NNRkpEc1AxSzJHVk5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKoAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQA7uQN8LKTzktMfnOo94jH/yu2OvOCEsJYRjEWY
ztqfEC3CdNpRlAlvW6gUS1/HvYxvj2vTMZZmLzY9mlL/JdQn12+6JRdViJW+jyoA
VIoaEcyjNxxTj+8KHFczwleHrTC7nXTxnoHgpc2s4/hfz9HVIgGbwFThY6HMg8q5
38xSL9lWG/CQJaG0pYDXs/BKvI5QmCdt0sKm7FMSoE7SNvgM3Pym32A9rUzmiXE2
WECd/TqZicJVPNU1yl2aFJDo9LjO11/Rwm/bYvRlAZFUv4QXkAgh/iv2kmuIdeRy
rL3wmWmcJbKoCWJhx+0+Q+LW+xA5vxaQl1v8fgDDlxtNUfmF
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:19:13 2025 by rpki-client