Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/4Knn2Ld5egn1camg9bhppId4Qlo.roa
File: 4Knn2Ld5egn1camg9bhppId4Qlo.roa (raw, json)
Hash identifier: A8w1HB94c5M9H4eQOiI6lWSCTjnLMlfowVXvZM3dO6s=
Subject key identifier: E0:A9:E7:D8:B7:79:7A:09:F5:71:A9:A0:F5:B8:69:A4:87:78:42:5A
Certificate issuer: /CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Certificate serial: 019493D2164A769333FCC266873306E4166B
Authority key identifier: A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/4Knn2Ld5egn1camg9bhppId4Qlo.roa
Signing time: Thu 23 Jan 2025 15:40:06 +0000
ROA not before: Thu 23 Jan 2025 15:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60539
IP address blocks: 2a13:aac6:c300::/40 maxlen: 40
2a13:aac7::/32 maxlen: 48
2a13:aac7:50::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:93:d2:16:4a:76:93:33:fc:c2:66:87:33:06:e4:16:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a124ccdd70f3ec762cbd65e04dd6f76be236a8a7
Validity
Not Before: Jan 23 15:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0a9e7d8b7797a09f571a9a0f5b869a48778425a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:93:55:40:5b:5c:42:cb:72:02:f5:62:4b:e9:
c1:40:cb:0d:55:b8:4a:d9:d9:82:f9:9e:15:38:e1:
ab:f5:7c:89:bf:ea:49:6e:f3:04:28:b9:e0:d8:c6:
a6:42:19:72:24:71:32:25:43:db:95:ce:51:e5:e2:
e9:ca:0e:42:54:a5:6d:b3:3d:ba:5e:9d:fa:16:5e:
b0:24:5f:58:89:58:ab:3c:f5:9b:1b:70:6a:b7:5f:
b8:7d:38:f2:c8:60:f0:ad:e5:2c:01:1e:8f:82:4f:
3c:fc:6a:89:9a:0b:ce:93:4f:ed:98:5c:c4:5b:65:
81:90:a1:1e:c2:8c:fd:8a:a6:f8:1a:db:68:ee:07:
37:63:68:db:81:e7:89:98:72:42:aa:81:18:ec:1d:
39:53:c6:82:b9:69:e7:cc:35:54:86:0d:52:66:3f:
8d:9a:3b:bd:df:ed:56:c1:55:a7:94:08:07:c4:86:
68:56:9c:cf:9f:68:51:ff:7e:01:d6:c1:63:9f:07:
31:35:3c:b1:d7:1f:f8:5f:87:15:17:22:e8:3d:ed:
dc:8e:5a:bf:6f:0d:da:0c:a0:c4:12:e3:70:e5:e0:
f2:b3:85:5e:5f:78:aa:43:0d:e2:4e:3a:34:1e:1d:
57:02:44:bb:79:7e:42:42:11:16:9a:d4:4f:67:4a:
92:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A9:E7:D8:B7:79:7A:09:F5:71:A9:A0:F5:B8:69:A4:87:78:42:5A
X509v3 Authority Key Identifier:
keyid:A1:24:CC:DD:70:F3:EC:76:2C:BD:65:E0:4D:D6:F7:6B:E2:36:A8:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSTM3XDz7HYsvWXgTdb3a-I2qKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/4Knn2Ld5egn1camg9bhppId4Qlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b694b8-8211-4c06-9c81-7b35397af2f7/1/oSTM3XDz7HYsvWXgTdb3a-I2qKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:aac6:c300::/40
2a13:aac7::/32
Signature Algorithm: sha256WithRSAEncryption
51:2d:7c:78:77:68:65:2d:bb:92:df:40:6c:df:3a:ac:e2:ce:
9c:bd:b9:22:b9:cf:31:38:1a:fb:16:da:6f:61:36:2d:f2:33:
66:d6:02:11:64:3a:b4:af:a5:fa:be:3e:70:ac:f5:6e:e0:7e:
7b:7d:ce:58:5f:e1:a2:71:c0:b1:a5:44:65:cd:35:8f:e0:19:
ad:17:ad:74:41:e8:a4:b7:8e:7f:83:16:c7:7d:5c:2e:8c:01:
8f:8d:67:0d:32:66:4c:a2:a0:4b:cb:85:58:d0:c4:62:ca:f0:
88:68:bd:8b:df:2a:78:dc:18:c3:2c:e5:60:54:81:f2:2a:39:
ae:e7:c0:cd:ff:f5:d3:8a:5e:8b:01:d6:bd:3e:93:48:a7:5c:
a4:ca:5c:35:57:70:64:59:c2:91:cf:57:2e:8b:5b:00:30:c7:
a2:be:50:47:a1:33:56:4e:4c:b8:3f:fe:fb:e1:61:2b:c0:ed:
5a:11:41:4b:12:6f:3f:aa:8b:be:4d:ff:28:3e:8a:ab:25:a0:
54:63:73:e9:d0:e8:9e:88:07:ef:49:17:11:98:8c:4e:e5:e3:
1e:67:68:81:14:10:99:56:be:2b:f7:6a:6b:5c:ad:3b:1b:0e:
6a:f8:79:20:ea:1f:56:f3:d2:64:1e:b0:75:dc:b3:35:b6:aa:
09:eb:02:db
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZST0hZKdpMz/MJmhzMG5BZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjRjY2RkNzBmM2VjNzYyY2JkNjVlMDRkZDZmNzZiZTIz
NmE4YTcwHhcNMjUwMTIzMTU0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGE5ZTdkOGI3Nzk3YTA5ZjU3MWE5YTBmNWI4NjlhNDg3Nzg0MjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05NVQFtcQstyAvViS+nBQMsNVbhK
2dmC+Z4VOOGr9XyJv+pJbvMEKLng2MamQhlyJHEyJUPblc5R5eLpyg5CVKVtsz26
Xp36Fl6wJF9YiVirPPWbG3Bqt1+4fTjyyGDwreUsAR6Pgk88/GqJmgvOk0/tmFzE
W2WBkKEewoz9iqb4Gtto7gc3Y2jbgeeJmHJCqoEY7B05U8aCuWnnzDVUhg1SZj+N
mju93+1WwVWnlAgHxIZoVpzPn2hR/34B1sFjnwcxNTyx1x/4X4cVFyLoPe3cjlq/
bw3aDKDEEuNw5eDys4VeX3iqQw3iTjo0Hh1XAkS7eX5CQhEWmtRPZ0qSewIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFOCp59i3eXoJ9XGpoPW4aaSHeEJaMB8GA1UdIwQY
MBaAFKEkzN1w8+x2LL1l4E3W92viNqinMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEt
N2IzNTM5N2FmMmY3LzEvNEtubjJMZDVlZ24xY2FtZzliaHBwSWQ0UWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iNjk0YjgtODIxMS00YzA2LTljODEtN2IzNTM5N2FmMmY3
LzEvb1NUTTNYRHo3SFlzdldYZ1RkYjNhLUkycUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYAKhOqxsMD
BQAqE6rHMA0GCSqGSIb3DQEBCwUAA4IBAQBRLXx4d2hlLbuS30Bs3zqs4s6cvbki
uc8xOBr7FtpvYTYt8jNm1gIRZDq0r6X6vj5wrPVu4H57fc5YX+GiccCxpURlzTWP
4BmtF610Qeikt45/gxbHfVwujAGPjWcNMmZMoqBLy4VY0MRiyvCIaL2L3yp43BjD
LOVgVIHyKjmu58DN//XTil6LAda9PpNIp1ykylw1V3BkWcKRz1cui1sAMMeivlBH
oTNWTky4P/774WErwO1aEUFLEm8/qou+Tf8oPoqrJaBUY3Pp0OieiAfvSRcRmIxO
5eMeZ2iBFBCZVr4r92prXK07Gw5q+Hkg6h9W89JkHrB13LM1tqoJ6wLb
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:51:12 2025 by rpki-client