Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/4NcSUJ4Kg8dewIwP8RGgWPLVsGw.roa
File: 4NcSUJ4Kg8dewIwP8RGgWPLVsGw.roa (raw, json)
Hash identifier: NfguGRutDpTl33g3TT2hnx9Rfi2f9fnIaQJYs24UAYQ=
Subject key identifier: E0:D7:12:50:9E:0A:83:C7:5E:C0:8C:0F:F1:11:A0:58:F2:D5:B0:6C
Certificate issuer: /CN=dd4748cd4714a5cc87cafb8430fb81248b094079
Certificate serial: 01942521999CC7B59FB9466B5E84696C91C4
Authority key identifier: DD:47:48:CD:47:14:A5:CC:87:CA:FB:84:30:FB:81:24:8B:09:40:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UdIzUcUpcyHyvuEMPuBJIsJQHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/4NcSUJ4Kg8dewIwP8RGgWPLVsGw.roa
Signing time: Thu 02 Jan 2025 03:49:06 +0000
ROA not before: Thu 02 Jan 2025 03:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31343
IP address blocks: 2a04:1d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:99:9c:c7:b5:9f:b9:46:6b:5e:84:69:6c:91:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4748cd4714a5cc87cafb8430fb81248b094079
Validity
Not Before: Jan 2 03:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0d712509e0a83c75ec08c0ff111a058f2d5b06c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:5c:ac:39:fb:87:76:6d:c5:d5:49:bd:ca:
e6:3b:dc:2a:3b:58:db:1b:87:53:22:34:66:a2:ae:
4c:38:51:d2:ee:ff:c2:44:a8:d9:34:30:47:4c:99:
c9:18:c2:9d:dd:ff:27:c6:d4:e1:49:96:14:30:10:
75:3d:99:b8:51:4d:74:ec:41:ff:c0:45:bf:29:8f:
8e:a6:1a:da:03:9b:da:c3:f6:6c:59:a2:7b:de:7f:
ba:a7:df:9b:34:bc:28:1a:ba:f2:26:32:a1:51:79:
1f:7a:b5:40:9b:a7:88:b1:33:a4:7f:4c:51:2e:1c:
5f:10:83:ca:36:d5:d9:e1:77:2f:90:05:c3:94:81:
b8:03:b8:e4:fa:36:c7:cb:49:43:e7:50:36:1f:19:
72:67:3e:5d:63:cf:86:34:b7:61:ce:df:0a:43:21:
16:58:7e:ec:53:bd:e5:ba:a9:a1:02:90:08:6d:ec:
38:66:46:6f:70:73:33:fa:ac:6a:12:43:76:94:87:
bf:ce:9a:41:a0:37:e7:41:f3:2a:db:65:83:3f:0d:
66:77:8d:ca:98:74:1d:b2:a7:4b:a3:29:3a:c9:70:
2d:b9:05:38:01:1a:9d:81:40:44:e7:a5:57:53:cc:
c1:7b:59:ec:3b:60:4d:90:f5:d4:ba:eb:62:50:44:
90:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D7:12:50:9E:0A:83:C7:5E:C0:8C:0F:F1:11:A0:58:F2:D5:B0:6C
X509v3 Authority Key Identifier:
keyid:DD:47:48:CD:47:14:A5:CC:87:CA:FB:84:30:FB:81:24:8B:09:40:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UdIzUcUpcyHyvuEMPuBJIsJQHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/4NcSUJ4Kg8dewIwP8RGgWPLVsGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/3UdIzUcUpcyHyvuEMPuBJIsJQHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
48:bf:a5:71:fd:21:27:2e:64:ef:1e:83:d6:29:b4:a7:8e:c7:
01:88:75:2e:b4:5d:1f:2c:e1:04:bc:f0:04:92:59:c1:77:95:
72:95:7a:70:d4:de:29:c5:f4:c5:a5:bb:7b:76:38:fb:21:a7:
be:61:b2:90:bf:d8:0a:91:4e:a9:a0:4b:96:21:91:9f:10:50:
03:c7:33:fe:07:13:ff:fd:1c:0c:cd:e8:17:9a:a2:90:40:a0:
be:e6:52:c0:38:f1:c8:87:b7:db:fc:24:01:79:76:92:24:f1:
ea:18:28:ad:05:b6:3b:51:cd:44:3f:68:80:c4:ce:e2:76:15:
e8:11:09:87:46:88:06:bf:3b:80:f8:96:c0:cc:95:73:4f:9f:
43:b2:95:fe:4a:50:88:98:93:ed:5d:6a:27:7a:4d:3e:16:46:
68:cb:b6:ff:23:23:6d:7d:27:b7:52:1f:58:c2:65:9f:e1:bd:
88:cd:82:a4:0c:fc:11:d2:fd:8a:fc:57:ea:7b:f5:9e:37:36:
c8:7e:6f:ca:ea:61:07:44:7b:77:8a:95:7d:d9:0e:6c:73:e9:
4e:86:b3:c9:96:96:60:6f:02:35:50:8d:3f:b5:53:28:0e:ed:
07:7b:a3:d6:86:b9:35:5e:ad:43:b7:0f:e1:b3:73:40:05:53:
c1:d7:d3:42
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIZmcx7WfuUZrXoRpbJHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDc0OGNkNDcxNGE1Y2M4N2NhZmI4NDMwZmI4MTI0OGIw
OTQwNzkwHhcNMjUwMTAyMDM0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ3MTI1MDllMGE4M2M3NWVjMDhjMGZmMTExYTA1OGYyZDViMDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQJcrDn7h3ZtxdVJvcrmO9wqO1jb
G4dTIjRmoq5MOFHS7v/CRKjZNDBHTJnJGMKd3f8nxtThSZYUMBB1PZm4UU107EH/
wEW/KY+OphraA5vaw/ZsWaJ73n+6p9+bNLwoGrryJjKhUXkferVAm6eIsTOkf0xR
LhxfEIPKNtXZ4XcvkAXDlIG4A7jk+jbHy0lD51A2HxlyZz5dY8+GNLdhzt8KQyEW
WH7sU73luqmhApAIbew4ZkZvcHMz+qxqEkN2lIe/zppBoDfnQfMq22WDPw1md43K
mHQdsqdLoyk6yXAtuQU4ARqdgUBE56VXU8zBe1nsO2BNkPXUuutiUESQNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFODXElCeCoPHXsCMD/ERoFjy1bBsMB8GA1UdIwQY
MBaAFN1HSM1HFKXMh8r7hDD7gSSLCUB5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1VkSXpVY1VwY3lIeXZ1RU1QdUJKSXNKUUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80YzU1YWYtNWU5Yi00MTk3LTg2ZmIt
Mzc1NDVkYTA1NmJkLzEvNE5jU1VKNEtnOGRld0l3UDhSR2dXUExWc0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80YzU1YWYtNWU5Yi00MTk3LTg2ZmItMzc1NDVkYTA1NmJk
LzEvM1VkSXpVY1VwY3lIeXZ1RU1QdUJKSXNKUUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgQdADAN
BgkqhkiG9w0BAQsFAAOCAQEASL+lcf0hJy5k7x6D1im0p47HAYh1LrRdHyzhBLzw
BJJZwXeVcpV6cNTeKcX0xaW7e3Y4+yGnvmGykL/YCpFOqaBLliGRnxBQA8cz/gcT
//0cDM3oF5qikECgvuZSwDjxyIe32/wkAXl2kiTx6hgorQW2O1HNRD9ogMTO4nYV
6BEJh0aIBr87gPiWwMyVc0+fQ7KV/kpQiJiT7V1qJ3pNPhZGaMu2/yMjbX0nt1If
WMJln+G9iM2CpAz8EdL9ivxX6nv1njc2yH5vyuphB0R7d4qVfdkObHPpToazyZaW
YG8CNVCNP7VTKA7tB3uj1oa5NV6tQ7cP4bNzQAVTwdfTQg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:42:39 2025 by rpki-client