Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/A19KF2VhmqgRITxahuDcRts8KJs.roa
File: A19KF2VhmqgRITxahuDcRts8KJs.roa (raw, json)
Hash identifier: YirbVHhxW1CKNUwQAz3dz5QapLv5A3zZT5MHBNEVZ34=
Subject key identifier: 03:5F:4A:17:65:61:9A:A8:11:21:3C:5A:86:E0:DC:46:DB:3C:28:9B
Certificate issuer: /CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Certificate serial: 019427B5382E78A9992997AE017B2CA7A472
Authority key identifier: B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/A19KF2VhmqgRITxahuDcRts8KJs.roa
Signing time: Thu 02 Jan 2025 15:49:35 +0000
ROA not before: Thu 02 Jan 2025 15:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3170
IP address blocks: 2001:67c:3e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:38:2e:78:a9:99:29:97:ae:01:7b:2c:a7:a4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5f0f838afbc1322680544ed1c9c5a2b09965d9f
Validity
Not Before: Jan 2 15:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=035f4a1765619aa811213c5a86e0dc46db3c289b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:eb:a6:6d:9f:45:60:a2:3a:b3:71:d7:25:f1:
8c:d4:1c:be:9d:bc:6a:23:3c:e1:1d:95:ea:7d:1d:
7e:13:df:41:90:15:b5:1f:15:d4:e7:b8:9f:b0:80:
23:52:63:37:fd:f8:82:b9:df:80:ab:a6:5a:5e:4f:
f7:b3:b3:82:f8:dc:f3:ee:e2:70:2a:64:69:00:77:
4c:4a:2b:28:dc:b9:0f:06:9d:a4:2f:f1:eb:49:86:
9b:55:25:ab:70:a0:c4:7d:a9:04:d1:53:28:15:b2:
2f:6f:51:c1:d6:c5:9d:be:3c:66:ae:13:03:92:99:
f0:c3:9c:c2:a3:e2:c7:4f:66:ac:97:24:44:4a:62:
b1:43:45:9c:cb:17:b7:9c:38:3e:ed:af:14:c0:d0:
fa:75:6e:f1:43:d1:18:59:1e:84:49:5b:3b:b1:fa:
ba:4c:4e:a7:07:d7:2c:bf:92:b1:23:24:0e:8d:71:
b4:7d:95:e4:f4:15:d1:c7:a3:43:be:69:d4:28:ee:
ef:05:d6:7f:5c:0e:e0:c5:ef:18:92:a3:28:5f:fa:
72:2e:61:b3:3d:9e:e5:5b:ae:38:5d:42:f6:42:0b:
6d:5a:33:81:24:ff:01:22:0f:b9:e6:c7:c2:36:5b:
c2:b3:c1:b6:e9:0f:ae:31:4a:4e:1c:22:4a:cc:c0:
12:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:5F:4A:17:65:61:9A:A8:11:21:3C:5A:86:E0:DC:46:DB:3C:28:9B
X509v3 Authority Key Identifier:
keyid:B5:F0:F8:38:AF:BC:13:22:68:05:44:ED:1C:9C:5A:2B:09:96:5D:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/A19KF2VhmqgRITxahuDcRts8KJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/320512-91cb-4383-9761-a52dc9c2207c/1/tfD4OK-8EyJoBUTtHJxaKwmWXZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:3e0::/48
Signature Algorithm: sha256WithRSAEncryption
74:88:73:32:df:94:dc:bf:2a:48:55:f9:a0:77:97:37:7b:79:
0b:b4:45:9b:36:b7:45:e2:2d:8e:44:21:c0:2b:4c:df:5c:4f:
6e:3c:7f:d4:f9:1b:73:d2:94:bd:bd:ad:d8:94:0e:5d:9c:ee:
f8:b5:04:02:4e:e8:1c:bc:d1:6d:53:e3:6d:1a:82:78:1f:29:
e6:ba:94:8c:1c:82:5f:56:b9:bf:c0:e3:47:f3:1a:07:54:0e:
c3:bf:d7:10:bb:3e:f0:15:ec:32:ad:9b:8e:84:bf:43:4b:6e:
12:98:47:55:f1:6f:7b:4f:3d:e5:db:ee:67:ea:21:3f:51:01:
10:73:1c:89:a2:e8:f9:22:0e:b0:92:96:fe:3c:09:57:2e:f3:
88:c2:f9:7f:d9:dc:4a:b8:30:64:9f:2f:56:49:ff:97:9a:0e:
5e:62:6e:bc:17:b5:1a:9e:3e:3d:23:cf:94:7a:c4:b8:2e:9e:
e7:20:d5:76:f3:3d:5e:a8:e9:5a:ae:2c:a1:e2:d9:a8:49:15:
f3:91:93:ad:50:e8:8f:54:1a:90:bc:55:7e:39:b3:1c:e3:45:
48:a0:70:0c:f2:c0:cb:a0:c9:dc:d2:d0:74:10:22:91:98:18:
88:c1:86:11:74:b6:46:90:d7:97:6a:6e:5a:55:6c:1b:ae:db:
5f:d3:5f:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntTgueKmZKZeuAXssp6RyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZjBmODM4YWZiYzEzMjI2ODA1NDRlZDFjOWM1YTJiMDk5
NjVkOWYwHhcNMjUwMTAyMTU0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzVmNGExNzY1NjE5YWE4MTEyMTNjNWE4NmUwZGM0NmRiM2MyODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OumbZ9FYKI6s3HXJfGM1By+nbxq
IzzhHZXqfR1+E99BkBW1HxXU57ifsIAjUmM3/fiCud+Aq6ZaXk/3s7OC+Nzz7uJw
KmRpAHdMSiso3LkPBp2kL/HrSYabVSWrcKDEfakE0VMoFbIvb1HB1sWdvjxmrhMD
kpnww5zCo+LHT2aslyRESmKxQ0Wcyxe3nDg+7a8UwND6dW7xQ9EYWR6ESVs7sfq6
TE6nB9csv5KxIyQOjXG0fZXk9BXRx6NDvmnUKO7vBdZ/XA7gxe8YkqMoX/pyLmGz
PZ7lW644XUL2QgttWjOBJP8BIg+55sfCNlvCs8G26Q+uMUpOHCJKzMAS3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFANfShdlYZqoESE8Wobg3EbbPCibMB8GA1UdIwQY
MBaAFLXw+DivvBMiaAVE7RycWisJll2fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEt
YTUyZGM5YzIyMDdjLzEvQTE5S0YyVmhtcWdSSVR4YWh1RGNSdHM4S0pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8zMjA1MTItOTFjYi00MzgzLTk3NjEtYTUyZGM5YzIyMDdj
LzEvdGZENE9LLThFeUpvQlVUdEhKeGFLd21XWFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAPg
MA0GCSqGSIb3DQEBCwUAA4IBAQB0iHMy35TcvypIVfmgd5c3e3kLtEWbNrdF4i2O
RCHAK0zfXE9uPH/U+Rtz0pS9va3YlA5dnO74tQQCTugcvNFtU+NtGoJ4HynmupSM
HIJfVrm/wONH8xoHVA7Dv9cQuz7wFewyrZuOhL9DS24SmEdV8W97Tz3l2+5n6iE/
UQEQcxyJouj5Ig6wkpb+PAlXLvOIwvl/2dxKuDBkny9WSf+Xmg5eYm68F7Uanj49
I8+UesS4Lp7nINV28z1eqOlariyh4tmoSRXzkZOtUOiPVBqQvFV+ObMc40VIoHAM
8sDLoMnc0tB0ECKRmBiIwYYRdLZGkNeXam5aVWwbrttf01/H
-----END CERTIFICATE-----
Generated at Thu Apr 10 23:54:18 2025 by rpki-client