Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/3AEqC5MBKsUSJPKumrvs8Im8c9o.roa
File: 3AEqC5MBKsUSJPKumrvs8Im8c9o.roa (raw, json)
Hash identifier: D78tSUGZBxIx3iz83nRMiDYhqRD43nH1bdGS66Ruaho=
Subject key identifier: DC:01:2A:0B:93:01:2A:C5:12:24:F2:AE:9A:BB:EC:F0:89:BC:73:DA
Certificate issuer: /CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Certificate serial: 01941FFAB5132DB1B43A22CD476FF53A8517
Authority key identifier: 53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/3AEqC5MBKsUSJPKumrvs8Im8c9o.roa
Signing time: Wed 01 Jan 2025 03:48:31 +0000
ROA not before: Wed 01 Jan 2025 03:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31490
IP address blocks: 2a14:44c0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b5:13:2d:b1:b4:3a:22:cd:47:6f:f5:3a:85:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Validity
Not Before: Jan 1 03:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc012a0b93012ac51224f2ae9abbecf089bc73da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:62:40:d7:8e:1c:cf:d7:68:9c:6b:3d:7d:c9:
a6:23:ca:ef:50:a7:95:5c:c8:0d:b8:80:74:71:07:
f3:2c:15:ec:32:4b:5e:c6:eb:5d:ca:cc:df:03:5a:
22:44:39:5f:cf:9f:10:c3:fd:fe:b6:bb:94:17:f5:
e1:44:a5:30:5a:31:cc:96:fb:d5:f0:3b:ed:40:7c:
61:63:4a:af:22:41:75:4e:93:06:aa:a6:50:5f:89:
62:43:1a:ac:88:45:12:66:42:00:f5:4d:00:1c:f9:
75:fa:bc:44:cf:59:65:f4:1b:25:eb:45:fa:f6:7a:
26:ad:fd:cb:05:93:e6:63:52:0c:0d:75:f4:ac:e9:
8c:6e:57:8d:45:95:97:8f:9a:2c:10:f1:a7:3e:d8:
f8:05:cd:d1:f2:a2:c0:92:36:b4:b9:c3:b7:17:0c:
d6:81:98:ee:e7:70:0f:54:2d:ea:4f:63:a3:48:59:
23:32:03:63:db:70:dc:8a:c5:11:d0:40:64:ee:31:
65:60:a1:d8:fe:b2:da:2b:65:8a:1a:0e:1a:e7:40:
e6:72:79:33:16:05:e1:ce:fb:b5:e3:40:fe:d0:79:
17:99:7b:15:7c:6f:3e:61:92:4c:9f:45:bc:33:9e:
98:ea:35:01:e9:4b:c1:08:a9:9d:f3:62:22:0f:6a:
4a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:01:2A:0B:93:01:2A:C5:12:24:F2:AE:9A:BB:EC:F0:89:BC:73:DA
X509v3 Authority Key Identifier:
keyid:53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/3AEqC5MBKsUSJPKumrvs8Im8c9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:44c0::/48
Signature Algorithm: sha256WithRSAEncryption
85:a2:9b:05:fd:65:2b:61:ba:ed:92:79:3f:fc:3f:98:e1:8c:
e6:0c:c2:b8:d8:67:a3:27:20:72:b4:44:dd:d6:9f:88:d7:0e:
d3:c4:52:db:75:4c:f4:e6:1b:3f:3c:3e:aa:53:8e:0f:5a:bd:
3b:06:bc:e3:6e:b7:f9:24:79:31:02:e8:87:ec:7f:53:ee:83:
74:2d:0b:71:f0:5a:27:68:e0:49:05:5f:09:d4:78:a3:d1:55:
ac:e3:7a:b6:05:4d:1f:30:93:25:65:60:b7:57:83:69:cf:60:
16:8a:c4:97:4f:f1:71:8d:ab:c8:87:4a:e2:d3:cc:b7:44:69:
31:6c:fb:80:77:a1:29:be:ea:6b:5b:c9:58:a1:0c:dc:3c:36:
05:63:22:61:df:b1:39:5f:86:5e:ea:c3:21:0d:bb:0a:b5:cf:
03:a2:1b:a1:f0:60:63:cc:9f:fe:40:20:9c:1e:63:78:14:13:
d0:06:f8:b2:82:c3:ef:13:ed:4b:5e:3f:92:aa:36:ea:40:31:
ec:29:c3:f6:9a:dd:93:5d:a3:9d:9c:dd:c9:e6:0e:37:13:e1:
81:c0:fe:dd:a4:95:c5:1b:87:33:1c:41:35:4e:c0:0d:6f:ef:
85:fb:28:57:a4:6f:e4:7b:c0:f0:32:7e:b7:77:12:8f:8d:5d:
b9:8c:b7:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+rUTLbG0OiLNR2/1OoUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2Y5YmY4NGI2OWEwOTA0MjQzMmRhZTgzNzdlZTBhYzhm
ZjFjNjEwHhcNMjUwMTAxMDM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzAxMmEwYjkzMDEyYWM1MTIyNGYyYWU5YWJiZWNmMDg5YmM3M2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GJA144cz9donGs9fcmmI8rvUKeV
XMgNuIB0cQfzLBXsMktexutdyszfA1oiRDlfz58Qw/3+truUF/XhRKUwWjHMlvvV
8DvtQHxhY0qvIkF1TpMGqqZQX4liQxqsiEUSZkIA9U0AHPl1+rxEz1ll9Bsl60X6
9nomrf3LBZPmY1IMDXX0rOmMbleNRZWXj5osEPGnPtj4Bc3R8qLAkja0ucO3FwzW
gZju53APVC3qT2OjSFkjMgNj23DcisUR0EBk7jFlYKHY/rLaK2WKGg4a50Dmcnkz
FgXhzvu140D+0HkXmXsVfG8+YZJMn0W8M56Y6jUB6UvBCKmd82IiD2pK5wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNwBKguTASrFEiTyrpq77PCJvHPaMB8GA1UdIwQY
MBaAFFN/m/hLaaCQQkMtroN37grI/xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTMtYi1FdHBvSkJDUXkydWczZnVDc2pfSEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYmM3NDYtNDE2Yi00ZGE5LTkyMjUt
ODkyZWM2ZmY0NzcxLzEvM0FFcUM1TUJLc1VTSlBLdW1ydnM4SW04YzlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYmM3NDYtNDE2Yi00ZGE5LTkyMjUtODkyZWM2ZmY0Nzcx
LzEvVTMtYi1FdHBvSkJDUXkydWczZnVDc2pfSEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhREwAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCFopsF/WUrYbrtknk//D+Y4YzmDMK42GejJyBy
tETd1p+I1w7TxFLbdUz05hs/PD6qU44PWr07Brzjbrf5JHkxAuiH7H9T7oN0LQtx
8FonaOBJBV8J1Hij0VWs43q2BU0fMJMlZWC3V4Npz2AWisSXT/FxjavIh0ri08y3
RGkxbPuAd6EpvuprW8lYoQzcPDYFYyJh37E5X4Ze6sMhDbsKtc8Dohuh8GBjzJ/+
QCCcHmN4FBPQBviygsPvE+1LXj+SqjbqQDHsKcP2mt2TXaOdnN3J5g43E+GBwP7d
pJXFG4czHEE1TsANb++F+yhXpG/ke8DwMn63dxKPjV25jLdn
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:52 2025 by rpki-client