Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/VX4ftyY4KZHbSmiCReLCvSah6K0.roa
File: VX4ftyY4KZHbSmiCReLCvSah6K0.roa (raw, json)
Hash identifier: Rn1JFaArfYotjjdUcRkdUwwvp5zW652Iz5Ayfo9Jabw=
Subject key identifier: 55:7E:1F:B7:26:38:29:91:DB:4A:68:82:45:E2:C2:BD:26:A1:E8:AD
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 01942747E0C9C7856C1A66F17E5F7A6C9955
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/VX4ftyY4KZHbSmiCReLCvSah6K0.roa
Signing time: Thu 02 Jan 2025 13:50:09 +0000
ROA not before: Thu 02 Jan 2025 13:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206607
IP address blocks: 2a04:ff00:500::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e0:c9:c7:85:6c:1a:66:f1:7e:5f:7a:6c:99:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 2 13:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=557e1fb726382991db4a688245e2c2bd26a1e8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3b:38:25:61:fb:44:6a:03:b1:87:99:ae:9b:
5e:29:86:96:0d:22:83:fb:a6:97:5c:d0:9a:9e:c0:
e6:fe:73:bc:e9:95:89:a7:b0:3a:46:4d:42:a3:a7:
2b:8f:df:b6:7d:06:02:d5:93:3f:9d:e6:dd:9e:98:
a5:4b:f9:b1:76:41:e9:f0:9a:f5:c3:f1:5f:fc:2b:
c7:32:a9:33:05:53:d2:15:36:e9:a9:16:5c:b9:26:
ba:f8:dc:b6:a7:a4:21:6f:7a:71:bd:fa:b9:9e:77:
9c:b4:53:90:2c:a8:b6:17:85:f2:e8:9e:30:cb:74:
8e:6b:ac:dd:b1:40:01:ea:49:ff:56:18:9f:1a:65:
d9:75:a6:14:e0:68:6c:d5:98:54:9b:dd:0e:f2:97:
56:7c:c9:b6:a9:ca:50:1a:df:0e:50:88:b9:72:d3:
11:75:9e:1a:04:96:88:16:ad:e2:99:0b:71:f6:47:
e0:1a:97:a2:fc:d8:a1:73:93:1e:54:d8:ad:9b:13:
02:74:3a:e0:7b:30:d0:1a:92:41:2b:76:22:54:da:
df:1f:06:6c:5b:68:bf:f5:f1:3e:80:ea:0a:6c:1a:
6a:e2:ae:69:c9:3c:7b:69:a1:3e:28:45:71:84:c9:
33:b9:7b:ca:8e:38:1e:cb:4f:4b:97:d7:21:25:11:
a5:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:7E:1F:B7:26:38:29:91:DB:4A:68:82:45:E2:C2:BD:26:A1:E8:AD
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/VX4ftyY4KZHbSmiCReLCvSah6K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:500::/40
Signature Algorithm: sha256WithRSAEncryption
7e:22:3e:1f:83:b2:24:cd:5d:49:14:3a:4c:32:ff:c4:56:ad:
23:ef:f3:70:8b:63:c3:4d:0f:81:62:1e:ff:a1:d4:ea:32:26:
8f:73:79:04:9d:a7:39:97:56:b4:0b:27:e9:ba:12:69:fd:9e:
ec:c4:92:9b:37:b8:95:c7:54:0a:94:eb:44:38:e6:cd:cb:10:
fe:ae:5e:bb:99:01:89:3e:d5:06:85:c2:38:db:0d:d1:2d:cb:
01:f1:90:4e:f3:7e:ed:65:83:80:b8:2e:e8:bb:91:82:0e:f5:
84:76:a5:68:0a:39:e0:02:83:09:d1:45:96:fa:23:00:71:f4:
2f:be:6f:39:22:f3:31:86:61:5c:39:b1:c9:73:77:6d:5d:97:
0c:57:16:31:ca:9a:e1:67:2e:b5:a5:11:e4:ea:2f:37:67:db:
d9:1d:23:17:c7:55:54:dd:2f:0b:ab:7f:13:d8:b1:ed:99:3f:
7a:a4:92:a0:02:be:7f:7f:fa:eb:5b:eb:56:fe:ed:77:50:a8:
94:4a:82:6d:f7:e8:57:a3:6c:cb:1e:5e:a3:b9:b4:a4:50:d8:
94:cb:c5:60:31:51:6d:df:63:10:20:74:11:ea:69:ed:6f:1a:
52:d5:89:db:25:db:a0:29:62:ee:4d:6c:e7:c4:62:35:2c:9d:
1a:1b:b7:ab
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQnR+DJx4VsGmbxfl96bJlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjUwMTAyMTM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTdlMWZiNzI2MzgyOTkxZGI0YTY4ODI0NWUyYzJiZDI2YTFlOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTs4JWH7RGoDsYeZrpteKYaWDSKD
+6aXXNCansDm/nO86ZWJp7A6Rk1Co6crj9+2fQYC1ZM/nebdnpilS/mxdkHp8Jr1
w/Ff/CvHMqkzBVPSFTbpqRZcuSa6+Ny2p6Qhb3pxvfq5nnectFOQLKi2F4Xy6J4w
y3SOa6zdsUAB6kn/VhifGmXZdaYU4Ghs1ZhUm90O8pdWfMm2qcpQGt8OUIi5ctMR
dZ4aBJaIFq3imQtx9kfgGpei/Nihc5MeVNitmxMCdDrgezDQGpJBK3YiVNrfHwZs
W2i/9fE+gOoKbBpq4q5pyTx7aaE+KEVxhMkzuXvKjjgey09Ll9chJRGlfwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFV+H7cmOCmR20pogkXiwr0moeitMB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvVlg0ZnR5WTRLWkhiU21pQ1JlTEN2U2FoNkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgT/AAUw
DQYJKoZIhvcNAQELBQADggEBAH4iPh+DsiTNXUkUOkwy/8RWrSPv83CLY8NND4Fi
Hv+h1OoyJo9zeQSdpzmXVrQLJ+m6Emn9nuzEkps3uJXHVAqU60Q45s3LEP6uXruZ
AYk+1QaFwjjbDdEtywHxkE7zfu1lg4C4Lui7kYIO9YR2pWgKOeACgwnRRZb6IwBx
9C++bzki8zGGYVw5sclzd21dlwxXFjHKmuFnLrWlEeTqLzdn29kdIxfHVVTdLwur
fxPYse2ZP3qkkqACvn9/+utb61b+7XdQqJRKgm336FejbMseXqO5tKRQ2JTLxWAx
UW3fYxAgdBHqae1vGlLVidsl26ApYu5NbOfEYjUsnRobt6s=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:09 2025 by rpki-client