Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/4_hN70Gn93YtNqyU6RsNlMbDtXc.roa
File: 4_hN70Gn93YtNqyU6RsNlMbDtXc.roa (raw, json)
Hash identifier: peVwC9DiY5O5MpDM5td7h9VpXZKdL2e2Hkif7cNRbJM=
Subject key identifier: E3:F8:4D:EF:41:A7:F7:76:2D:36:AC:94:E9:1B:0D:94:C6:C3:B5:77
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 0194236A324EBA1F4CC751B5CB5682A1D8FB
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/4_hN70Gn93YtNqyU6RsNlMbDtXc.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210266
IP address blocks: 2a01:b960:2307::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:32:4e:ba:1f:4c:c7:51:b5:cb:56:82:a1:d8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3f84def41a7f7762d36ac94e91b0d94c6c3b577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:47:36:23:d4:5c:1b:df:eb:0c:5c:3e:54:ab:
1f:2a:94:f2:06:bf:d7:c7:62:79:b6:37:0c:e9:6a:
61:22:8c:aa:3e:c4:ac:f8:23:9e:07:c9:32:da:56:
cd:29:ac:5a:e8:c5:54:31:ae:6c:b2:0c:c0:2e:b1:
29:04:69:23:ec:86:9d:40:58:22:56:39:88:cb:fa:
97:7f:72:13:3f:2d:3c:8c:37:3c:f4:fb:01:c3:49:
84:8c:15:be:84:db:2c:58:8c:4e:64:93:9d:88:6a:
02:df:5f:04:dd:2d:ea:c7:1e:9d:1b:c8:bf:35:b1:
85:e0:bb:3e:1b:59:32:39:7b:19:81:a9:c3:1f:fb:
67:bd:8f:54:c3:5b:ed:e5:97:99:a1:39:70:56:5c:
b1:14:3e:ad:8a:12:56:5f:97:9b:00:72:e1:0e:9c:
c6:38:7d:59:65:46:8e:0e:ef:94:7c:f5:78:18:f3:
d5:b8:af:69:dc:ee:00:5d:18:60:59:04:ab:79:a0:
10:ca:a7:52:73:cc:bc:28:23:c4:d0:00:c6:89:f2:
ac:3a:c4:dd:2a:86:cb:c8:0d:66:a5:1c:e9:ab:3c:
b7:0b:09:8e:d1:d6:a6:bc:1d:15:61:ed:bb:c0:9c:
99:99:09:bf:a0:a9:77:40:ea:0e:68:9e:99:a2:b3:
1c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F8:4D:EF:41:A7:F7:76:2D:36:AC:94:E9:1B:0D:94:C6:C3:B5:77
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/4_hN70Gn93YtNqyU6RsNlMbDtXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2307::/48
Signature Algorithm: sha256WithRSAEncryption
6e:2f:f8:09:51:f6:7a:2e:46:67:13:6f:62:34:95:2b:9c:95:
97:1c:53:d7:8f:95:08:b3:e5:76:6b:ce:6e:14:a4:4d:f1:bb:
9d:3c:8b:e4:97:65:7f:d4:6f:5b:c2:46:16:44:24:a3:e1:1e:
30:77:e8:5f:ed:dc:27:41:ff:97:04:88:a5:93:60:85:46:68:
1d:32:28:e8:3b:44:fc:7e:d7:bc:44:d5:4d:cd:82:91:a8:50:
af:2f:e7:5c:be:b8:51:52:c2:54:23:a7:af:7a:af:cc:9e:bc:
3c:79:e2:cf:a4:2c:08:eb:1a:24:1e:a8:a2:40:75:7b:d5:b5:
88:c5:31:d2:2e:b4:30:19:44:a6:e4:66:ed:b8:c4:ba:c4:13:
cc:7f:fa:b3:bb:de:65:4b:9d:0e:b5:7d:18:fa:9e:82:c6:8c:
d4:9a:4d:85:d0:f3:32:20:a0:a3:68:28:01:7e:b1:98:01:c8:
b1:3f:1e:4b:2b:e1:ac:01:16:a2:5c:87:54:bb:09:41:2c:53:
46:a4:4a:b3:40:c9:b2:9c:cf:78:4e:59:c4:58:a4:92:70:b4:
c5:97:e8:94:49:08:df:a7:67:40:d1:89:fe:a3:64:a5:6a:4f:
fd:25:f7:e1:78:6a:51:84:38:65:e5:1e:97:47:8f:a8:d4:3b:
12:55:7e:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjajJOuh9Mx1G1y1aCodj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Y4NGRlZjQxYTdmNzc2MmQzNmFjOTRlOTFiMGQ5NGM2YzNiNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ec2I9RcG9/rDFw+VKsfKpTyBr/X
x2J5tjcM6WphIoyqPsSs+COeB8ky2lbNKaxa6MVUMa5ssgzALrEpBGkj7IadQFgi
VjmIy/qXf3ITPy08jDc89PsBw0mEjBW+hNssWIxOZJOdiGoC318E3S3qxx6dG8i/
NbGF4Ls+G1kyOXsZganDH/tnvY9Uw1vt5ZeZoTlwVlyxFD6tihJWX5ebAHLhDpzG
OH1ZZUaODu+UfPV4GPPVuK9p3O4AXRhgWQSreaAQyqdSc8y8KCPE0ADGifKsOsTd
KobLyA1mpRzpqzy3CwmO0damvB0VYe27wJyZmQm/oKl3QOoOaJ6ZorMcrwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOP4Te9Bp/d2LTaslOkbDZTGw7V3MB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvNF9oTjcwR245M1l0TnF5VTZSc05sTWJEdFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMH
MA0GCSqGSIb3DQEBCwUAA4IBAQBuL/gJUfZ6LkZnE29iNJUrnJWXHFPXj5UIs+V2
a85uFKRN8budPIvkl2V/1G9bwkYWRCSj4R4wd+hf7dwnQf+XBIilk2CFRmgdMijo
O0T8fte8RNVNzYKRqFCvL+dcvrhRUsJUI6eveq/Mnrw8eeLPpCwI6xokHqiiQHV7
1bWIxTHSLrQwGUSm5GbtuMS6xBPMf/qzu95lS50OtX0Y+p6CxozUmk2F0PMyIKCj
aCgBfrGYAcixPx5LK+GsARaiXIdUuwlBLFNGpEqzQMmynM94TlnEWKSScLTFl+iU
SQjfp2dA0Yn+o2Slak/9JffheGpRhDhl5R6XR4+o1DsSVX63
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:45 2025 by rpki-client