Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ehged3mZieiEQPKX6YV4LMY94IA.roa
File: ehged3mZieiEQPKX6YV4LMY94IA.roa (raw, json)
Hash identifier: 7eCOyiKG9ZW1g+yYlD3ivpQA1oY2V4uQMAsWpNV5czU=
Subject key identifier: 7A:18:1E:77:79:99:89:E8:84:40:F2:97:E9:85:78:2C:C6:3D:E0:80
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 019427B3C408EF5D6C240339CF5F297041C0
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ehged3mZieiEQPKX6YV4LMY94IA.roa
Signing time: Thu 02 Jan 2025 15:48:00 +0000
ROA not before: Thu 02 Jan 2025 15:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204508
IP address blocks: 2a04:f280::/40 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:c4:08:ef:5d:6c:24:03:39:cf:5f:29:70:41:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 2 15:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a181e77799989e88440f297e985782cc63de080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:92:ee:1d:8c:c4:98:9d:05:cd:cf:8c:d8:e8:
6f:08:bd:7f:fd:c7:f6:ec:15:05:62:e7:2f:98:43:
9c:d3:1b:19:bd:cd:bf:4d:0b:8d:ae:03:46:bf:1b:
e0:90:e7:23:2e:67:7f:fc:27:99:e7:be:db:d7:af:
eb:3a:31:72:5d:e7:5e:98:d6:48:32:ea:92:50:19:
84:75:71:01:ab:5e:b0:30:84:4f:db:57:62:09:a8:
7f:a7:a4:e1:9f:8e:8e:d1:38:37:6e:27:92:27:6c:
c5:73:7a:e9:21:f3:a1:ca:81:83:5c:57:87:7e:a8:
3b:c7:0a:2c:2c:fa:50:0b:1b:68:da:ec:fd:25:3d:
0d:47:c2:55:c5:7a:c1:8b:21:03:c1:aa:96:53:e0:
69:5f:94:51:83:7f:ea:54:90:87:87:05:44:62:a8:
c0:6f:fb:80:ee:d4:53:c7:68:be:16:b6:98:85:87:
67:14:6a:87:31:41:87:b2:cc:92:7d:c4:3e:e5:01:
fa:c7:1c:98:3a:65:d7:4d:f5:3b:d3:f4:62:e2:28:
53:e9:be:17:b4:26:84:13:b3:09:c7:a5:f2:75:d3:
8c:0e:51:9a:13:4f:d4:af:65:0f:0a:f5:9f:aa:e3:
12:af:7c:d5:bf:55:96:4d:42:72:98:90:a8:0c:17:
ad:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:18:1E:77:79:99:89:E8:84:40:F2:97:E9:85:78:2C:C6:3D:E0:80
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/ehged3mZieiEQPKX6YV4LMY94IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:f280::/40
Signature Algorithm: sha256WithRSAEncryption
97:f9:93:57:a6:9a:01:b5:25:49:e9:df:19:6d:22:f5:1b:95:
b8:fc:82:9a:ab:48:10:57:34:df:2b:0b:7a:69:24:17:07:52:
35:2a:e0:79:d0:73:da:2e:53:7d:fc:30:ce:03:35:29:ff:8a:
8e:4e:58:88:60:bd:91:ad:da:17:15:12:bd:a8:c9:5e:8b:9b:
e2:ce:a7:35:a5:9f:a3:9f:6b:47:be:3a:9e:97:41:50:e7:f4:
bb:b8:ff:8c:6c:f2:34:6b:c7:d1:8b:c0:18:28:0a:3b:9d:3a:
c3:e7:4a:78:50:a5:30:eb:32:b0:31:59:44:d3:2b:f2:25:98:
f3:cf:fc:99:46:e3:67:11:e8:be:a3:3e:c6:f6:0e:5d:55:88:
15:84:e2:81:fa:88:31:2e:7f:39:ae:1d:16:86:58:e3:30:b4:
49:57:f1:3c:f7:5f:41:f0:d5:a5:ce:25:aa:29:16:52:fa:65:
5a:b2:1e:9d:0d:93:1a:c2:30:9f:48:c6:72:d4:93:36:f2:f4:
90:dd:d1:fd:ee:eb:17:64:6e:9b:ae:8a:79:31:2b:8f:0f:45:
30:d8:4d:b2:97:f9:f7:fa:12:84:48:00:d7:b2:23:ca:7d:6e:
27:90:da:cb:10:60:89:09:2d:e9:7e:96:f8:16:b1:ac:5a:c1:
ed:55:4f:da
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQns8QI711sJAM5z18pcEHAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjUwMTAyMTU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE4MWU3Nzc5OTk4OWU4ODQ0MGYyOTdlOTg1NzgyY2M2M2RlMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopLuHYzEmJ0Fzc+M2OhvCL1//cf2
7BUFYucvmEOc0xsZvc2/TQuNrgNGvxvgkOcjLmd//CeZ577b16/rOjFyXedemNZI
MuqSUBmEdXEBq16wMIRP21diCah/p6Thn46O0Tg3bieSJ2zFc3rpIfOhyoGDXFeH
fqg7xwosLPpQCxto2uz9JT0NR8JVxXrBiyEDwaqWU+BpX5RRg3/qVJCHhwVEYqjA
b/uA7tRTx2i+FraYhYdnFGqHMUGHssySfcQ+5QH6xxyYOmXXTfU70/Ri4ihT6b4X
tCaEE7MJx6XyddOMDlGaE0/Ur2UPCvWfquMSr3zVv1WWTUJymJCoDBetpQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHoYHnd5mYnohEDyl+mFeCzGPeCAMB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvZWhnZWQzbVppZWlFUVBLWDZZVjRMTVk5NElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgTygAAw
DQYJKoZIhvcNAQELBQADggEBAJf5k1emmgG1JUnp3xltIvUblbj8gpqrSBBXNN8r
C3ppJBcHUjUq4HnQc9ouU338MM4DNSn/io5OWIhgvZGt2hcVEr2oyV6Lm+LOpzWl
n6Ofa0e+Op6XQVDn9Lu4/4xs8jRrx9GLwBgoCjudOsPnSnhQpTDrMrAxWUTTK/Il
mPPP/JlG42cR6L6jPsb2Dl1ViBWE4oH6iDEufzmuHRaGWOMwtElX8Tz3X0Hw1aXO
JaopFlL6ZVqyHp0NkxrCMJ9IxnLUkzby9JDd0f3u6xdkbpuuinkxK48PRTDYTbKX
+ff6EoRIANeyI8p9bieQ2ssQYIkJLel+lvgWsaxawe1VT9o=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:12 2025 by rpki-client