Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/ge72rIVKenfFe0v5asZR_PaxIp4.roa
File: ge72rIVKenfFe0v5asZR_PaxIp4.roa (raw, json)
Hash identifier: o9engqettqOIJ9n8PYQ/SXW11G8NZE3fZOewqKwRqSE=
Subject key identifier: 81:EE:F6:AC:85:4A:7A:77:C5:7B:4B:F9:6A:C6:51:FC:F6:B1:22:9E
Certificate issuer: /CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Certificate serial: 0194222018A4394E83A1E9F83C7560A4F75E
Authority key identifier: 35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/ge72rIVKenfFe0v5asZR_PaxIp4.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12337
IP address blocks: 2001:67c:1933::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:18:a4:39:4e:83:a1:e9:f8:3c:75:60:a4:f7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35ac308c94f57b11cee1ba84ef1278447c6785eb
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81eef6ac854a7a77c57b4bf96ac651fcf6b1229e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:6c:96:8c:c7:4b:4c:6b:2c:00:8e:bd:8e:
57:68:80:bb:cb:fd:e0:ea:ce:d8:8b:7f:87:0d:94:
80:17:be:da:17:c3:07:ed:9d:86:18:f1:40:cb:8b:
1a:36:86:7b:e7:90:b3:b3:e6:fa:dd:50:a3:0f:9b:
e8:bd:a0:1f:9f:8b:0a:f3:99:ea:4c:4a:2b:2f:e2:
f0:4a:bc:b5:02:53:d2:37:f9:79:a5:33:2c:3c:03:
df:2c:d8:43:9c:c6:ac:cc:5a:8e:95:b4:3c:aa:bf:
cc:74:3b:75:1b:57:22:ce:dd:f2:a7:fb:a4:c6:39:
cc:06:46:30:77:eb:c1:80:e5:de:6e:c9:5e:57:4a:
cf:c7:bf:64:6c:fa:c5:38:5c:b1:43:af:3a:f5:35:
ef:a8:d4:32:52:b4:c1:90:e7:86:10:54:24:2b:01:
39:0e:b8:01:db:09:c1:7a:60:06:10:4d:24:28:f1:
a2:d2:9b:e5:30:1d:2a:f1:24:cd:43:a7:ba:1d:a0:
2d:8d:e4:31:03:09:95:b5:46:2a:97:85:ae:5e:b6:
ae:1d:5e:57:72:b7:ac:a4:c6:37:e7:a3:e1:65:a4:
ad:bc:ea:03:f3:be:e4:8b:5b:88:58:09:4d:c2:0d:
bd:1a:8a:4f:60:f6:19:d8:80:80:9e:8e:32:21:c4:
ee:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EE:F6:AC:85:4A:7A:77:C5:7B:4B:F9:6A:C6:51:FC:F6:B1:22:9E
X509v3 Authority Key Identifier:
keyid:35:AC:30:8C:94:F5:7B:11:CE:E1:BA:84:EF:12:78:44:7C:67:85:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NawwjJT1exHO4bqE7xJ4RHxnhes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/ge72rIVKenfFe0v5asZR_PaxIp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/2b3218-542c-4d95-ac07-60d35554ce64/1/NawwjJT1exHO4bqE7xJ4RHxnhes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1933::/48
Signature Algorithm: sha256WithRSAEncryption
32:81:ac:a7:fc:49:ea:e1:34:e5:ee:10:67:35:56:3f:ed:48:
80:a0:c3:b7:cb:45:9c:25:ed:2d:1f:cb:1f:1b:c7:2e:f3:45:
3c:af:1d:90:e0:19:13:e1:06:c7:0a:d2:5f:44:e1:90:93:0b:
ce:86:68:d8:9e:95:1d:d1:0e:05:af:b6:9c:f5:63:c3:05:68:
df:bd:3b:8c:fa:94:59:ba:6b:77:ac:e9:05:62:3c:cd:e4:40:
44:2a:06:fd:d7:52:da:ad:0c:76:e7:c9:e3:48:88:9b:e1:28:
19:a3:f0:e3:66:dc:61:de:32:d4:95:76:ef:a4:40:b7:a1:34:
64:b9:25:65:48:1e:58:52:be:6a:c6:57:c6:b3:e7:81:23:05:
65:c0:7d:07:65:e7:71:b8:82:26:94:1b:d6:b6:dd:ce:d3:92:
3a:97:16:3d:d1:03:db:ad:2e:26:5b:17:e7:07:7d:a8:4b:52:
94:cd:62:55:0e:82:f2:00:1d:ec:b3:d1:37:39:eb:4b:a0:5e:
2a:87:4c:92:b1:ff:61:b2:b7:5b:af:f9:9c:09:f4:4c:9b:66:
17:c8:f3:ff:10:41:71:fc:cb:6a:48:be:a4:5d:3c:82:6d:31:
4d:a5:42:34:6e:13:65:f3:0e:2f:8e:a1:82:e1:ac:4c:3b:31:
59:41:16:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIBikOU6Doen4PHVgpPdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YWMzMDhjOTRmNTdiMTFjZWUxYmE4NGVmMTI3ODQ0N2M2
Nzg1ZWIwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVlZjZhYzg1NGE3YTc3YzU3YjRiZjk2YWM2NTFmY2Y2YjEyMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CZslozHS0xrLACOvY5XaIC7y/3g
6s7Yi3+HDZSAF77aF8MH7Z2GGPFAy4saNoZ755Czs+b63VCjD5vovaAfn4sK85nq
TEorL+LwSry1AlPSN/l5pTMsPAPfLNhDnMaszFqOlbQ8qr/MdDt1G1cizt3yp/uk
xjnMBkYwd+vBgOXebsleV0rPx79kbPrFOFyxQ6869TXvqNQyUrTBkOeGEFQkKwE5
DrgB2wnBemAGEE0kKPGi0pvlMB0q8STNQ6e6HaAtjeQxAwmVtUYql4WuXrauHV5X
crespMY356PhZaStvOoD877ki1uIWAlNwg29GopPYPYZ2ICAno4yIcTuowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIHu9qyFSnp3xXtL+WrGUfz2sSKeMB8GA1UdIwQY
MBaAFDWsMIyU9XsRzuG6hO8SeER8Z4XrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDct
NjBkMzU1NTRjZTY0LzEvZ2U3MnJJVktlbmZGZTB2NWFzWlJfUGF4SXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8yYjMyMTgtNTQyYy00ZDk1LWFjMDctNjBkMzU1NTRjZTY0
LzEvTmF3d2pKVDFleEhPNGJxRTd4SjRSSHhuaGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBkz
MA0GCSqGSIb3DQEBCwUAA4IBAQAygayn/Enq4TTl7hBnNVY/7UiAoMO3y0WcJe0t
H8sfG8cu80U8rx2Q4BkT4QbHCtJfROGQkwvOhmjYnpUd0Q4Fr7ac9WPDBWjfvTuM
+pRZumt3rOkFYjzN5EBEKgb911LarQx258njSIib4SgZo/DjZtxh3jLUlXbvpEC3
oTRkuSVlSB5YUr5qxlfGs+eBIwVlwH0HZedxuIImlBvWtt3O05I6lxY90QPbrS4m
WxfnB32oS1KUzWJVDoLyAB3ss9E3OetLoF4qh0ySsf9hsrdbr/mcCfRMm2YXyPP/
EEFx/MtqSL6kXTyCbTFNpUI0bhNl8w4vjqGC4axMOzFZQRZn
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:03:05 2025 by rpki-client