Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/RNEIzNGbtOLDhiuIlbx5LtZxiHA.roa
File: RNEIzNGbtOLDhiuIlbx5LtZxiHA.roa (raw, json)
Hash identifier: YH3jUp9Z5jmgiTgvLayfiplIuhfqDKTG69/LcYMXnX0=
Subject key identifier: 44:D1:08:CC:D1:9B:B4:E2:C3:86:2B:88:95:BC:79:2E:D6:71:88:70
Certificate issuer: /CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
Certificate serial: 019426D8E0CBBCAA37493C34C19D98FC7921
Authority key identifier: 87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/RNEIzNGbtOLDhiuIlbx5LtZxiHA.roa
Signing time: Thu 02 Jan 2025 11:48:54 +0000
ROA not before: Thu 02 Jan 2025 11:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50304
IP address blocks: 2a05:a00::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:e0:cb:bc:aa:37:49:3c:34:c1:9d:98:fc:79:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87210b34ce002e30a0a54fabfa2bcac46dfa7228
Validity
Not Before: Jan 2 11:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44d108ccd19bb4e2c3862b8895bc792ed6718870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e0:97:43:bc:55:8a:64:9d:9b:2f:5a:9f:9e:
f7:ac:ac:51:1e:13:04:02:ea:f1:7c:0d:38:16:5e:
ff:8e:25:6d:d5:d1:5c:6a:bb:e8:94:13:6f:f7:be:
0f:5c:b8:c9:fe:47:1d:66:56:1c:6f:43:54:24:5e:
f5:b2:c1:a0:53:94:70:67:9f:b7:df:cd:c8:fd:f3:
10:27:dc:93:e6:99:b1:20:d6:29:08:d0:07:df:0a:
37:17:55:c8:eb:78:5e:7b:ff:22:bc:63:f5:d8:ec:
e9:83:d9:5d:dd:1b:19:32:f6:67:51:e3:bd:e8:21:
9c:1e:8b:e3:94:65:80:23:98:50:59:3e:2e:92:7b:
34:09:d7:3f:7f:cf:ac:67:5b:46:8c:fe:a5:eb:db:
30:69:d1:08:e4:11:58:55:a5:f7:39:41:fd:78:df:
3e:91:67:82:84:ff:fa:cf:3e:0d:09:fc:b9:40:45:
c0:fb:8e:5f:38:8a:1e:24:5a:d9:00:ae:a8:00:da:
4c:5d:7c:9e:22:ff:40:25:1e:40:89:c7:59:57:ca:
5d:eb:47:d8:f9:1d:91:2a:64:f4:32:48:f5:8f:d0:
fb:6d:c4:1d:20:86:91:59:4b:cc:17:0c:00:d1:86:
c9:b6:5e:9f:6f:9a:32:63:35:df:44:0e:e9:f3:46:
4c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D1:08:CC:D1:9B:B4:E2:C3:86:2B:88:95:BC:79:2E:D6:71:88:70
X509v3 Authority Key Identifier:
keyid:87:21:0B:34:CE:00:2E:30:A0:A5:4F:AB:FA:2B:CA:C4:6D:FA:72:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hyELNM4ALjCgpU-r-ivKxG36cig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/RNEIzNGbtOLDhiuIlbx5LtZxiHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/29a0dc-20af-437e-9870-3669d1b569d6/1/hyELNM4ALjCgpU-r-ivKxG36cig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:a00::/32
Signature Algorithm: sha256WithRSAEncryption
a0:5b:80:46:27:0c:93:f3:29:29:9a:47:71:b2:b6:e0:2a:4b:
19:e8:08:82:a5:e9:c1:d4:b2:14:83:19:46:13:68:3d:39:dc:
ea:24:25:62:29:d9:1d:88:c9:17:c1:bb:82:aa:1c:f7:a8:30:
5b:aa:0b:e5:c3:d3:47:9d:04:6d:71:02:81:b6:56:ff:61:aa:
44:bb:95:e4:45:a4:09:c1:5c:10:90:73:b1:6c:11:be:7a:75:
30:14:41:e6:35:5f:87:26:22:2f:04:01:cc:4c:64:d2:49:98:
b6:f3:18:e8:a6:fb:60:b3:31:6a:c8:51:08:0e:3e:dc:27:02:
bc:21:42:05:d9:6b:69:3d:0e:1a:91:2f:5c:59:c2:87:58:43:
eb:f0:2c:ba:17:dd:5a:4c:0b:ec:a5:e3:db:2c:63:f2:92:fb:
a9:6b:b9:15:93:a9:67:44:bb:b3:71:e4:11:37:1e:cc:21:ef:
59:25:18:48:8e:f7:20:8a:e9:2e:1b:86:ee:d0:24:c9:bd:9b:
7e:89:f5:cc:18:1f:5d:37:16:c1:76:c7:d1:06:dc:43:d2:7b:
4e:09:d7:56:18:c8:92:77:b9:34:2c:87:9a:20:ff:c7:dd:f4:
2a:4d:79:a1:da:f6:de:08:65:b8:63:e3:36:1d:91:c1:51:91:
8d:01:ae:48
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2ODLvKo3STw0wZ2Y/HkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MjEwYjM0Y2UwMDJlMzBhMGE1NGZhYmZhMmJjYWM0NmRm
YTcyMjgwHhcNMjUwMTAyMTE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQxMDhjY2QxOWJiNGUyYzM4NjJiODg5NWJjNzkyZWQ2NzE4ODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OCXQ7xVimSdmy9an573rKxRHhME
AurxfA04Fl7/jiVt1dFcarvolBNv974PXLjJ/kcdZlYcb0NUJF71ssGgU5RwZ5+3
383I/fMQJ9yT5pmxINYpCNAH3wo3F1XI63hee/8ivGP12Ozpg9ld3RsZMvZnUeO9
6CGcHovjlGWAI5hQWT4ukns0Cdc/f8+sZ1tGjP6l69swadEI5BFYVaX3OUH9eN8+
kWeChP/6zz4NCfy5QEXA+45fOIoeJFrZAK6oANpMXXyeIv9AJR5AicdZV8pd60fY
+R2RKmT0Mkj1j9D7bcQdIIaRWUvMFwwA0YbJtl6fb5oyYzXfRA7p80ZM0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFETRCMzRm7Tiw4YriJW8eS7WcYhwMB8GA1UdIwQY
MBaAFIchCzTOAC4woKVPq/orysRt+nIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAt
MzY2OWQxYjU2OWQ2LzEvUk5FSXpOR2J0T0xEaGl1SWxieDVMdFp4aUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yOWEwZGMtMjBhZi00MzdlLTk4NzAtMzY2OWQxYjU2OWQ2
LzEvaHlFTE5NNEFMakNncFUtci1pdkt4RzM2Y2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgUKADAN
BgkqhkiG9w0BAQsFAAOCAQEAoFuARicMk/MpKZpHcbK24CpLGegIgqXpwdSyFIMZ
RhNoPTnc6iQlYinZHYjJF8G7gqoc96gwW6oL5cPTR50EbXECgbZW/2GqRLuV5EWk
CcFcEJBzsWwRvnp1MBRB5jVfhyYiLwQBzExk0kmYtvMY6Kb7YLMxashRCA4+3CcC
vCFCBdlraT0OGpEvXFnCh1hD6/AsuhfdWkwL7KXj2yxj8pL7qWu5FZOpZ0S7s3Hk
ETcezCHvWSUYSI73IIrpLhuG7tAkyb2bfon1zBgfXTcWwXbH0QbcQ9J7TgnXVhjI
kne5NCyHmiD/x930Kk15odr23ghluGPjNh2RwVGRjQGuSA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:58 2025 by rpki-client