Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/ehxbQ-4P8JVXSWXFEnxtReDY-L0.roa
File: ehxbQ-4P8JVXSWXFEnxtReDY-L0.roa (raw, json)
Hash identifier: AWYbOf6f0Jt77Fy4eIQx8HUxIvxOsXc2FQSALmqhna0=
Subject key identifier: 7A:1C:5B:43:EE:0F:F0:95:57:49:65:C5:12:7C:6D:45:E0:D8:F8:BD
Certificate issuer: /CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Certificate serial: 01954412E1335862CFB3494F268F7327326F
Authority key identifier: BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/ehxbQ-4P8JVXSWXFEnxtReDY-L0.roa
Signing time: Wed 26 Feb 2025 21:04:02 +0000
ROA not before: Wed 26 Feb 2025 21:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215849
IP address blocks: 2a13:ccc5:f000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:44:12:e1:33:58:62:cf:b3:49:4f:26:8f:73:27:32:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Validity
Not Before: Feb 26 21:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a1c5b43ee0ff095574965c5127c6d45e0d8f8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:35:cd:85:7a:85:fb:88:3c:01:26:e5:a8:
8d:4c:87:aa:da:c0:e3:f3:d8:73:12:87:cc:2f:59:
b0:5c:1c:7e:db:31:22:c2:ea:32:0e:eb:74:1e:41:
6c:1b:e8:14:e8:e7:02:d2:9d:27:dc:f5:46:7d:35:
b3:f5:14:62:17:39:fc:36:08:dd:37:e4:e3:c3:c3:
11:bc:97:8c:b3:fd:0e:86:2f:d9:d4:92:a9:22:97:
a4:79:8c:1f:37:66:48:3f:ba:21:79:93:3d:ef:23:
d5:d3:21:15:b8:c7:e1:b7:c7:bc:30:4b:1f:17:f2:
b7:8a:e8:36:74:7b:e2:fd:a8:1a:58:6f:45:9f:8a:
14:0f:01:7b:70:81:b7:95:74:67:8e:78:cf:25:64:
bf:5a:f2:8e:6d:b6:7c:5c:12:6f:31:2a:d6:85:21:
2c:45:68:8e:af:22:76:82:c6:e3:13:93:18:f8:e5:
98:06:cb:a7:21:22:11:90:f9:42:f8:c2:5f:33:69:
48:a1:52:4c:6f:04:6a:3f:13:8f:dc:94:de:40:b5:
6d:23:86:e9:45:a0:aa:36:39:39:d1:15:be:3b:f4:
00:a4:ae:ed:95:9f:2e:77:3a:bd:ee:5f:9a:c2:ab:
fc:9a:87:f0:4c:81:fb:3d:8e:b6:79:bd:68:47:0f:
de:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:1C:5B:43:EE:0F:F0:95:57:49:65:C5:12:7C:6D:45:E0:D8:F8:BD
X509v3 Authority Key Identifier:
keyid:BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/ehxbQ-4P8JVXSWXFEnxtReDY-L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ccc5:f000::/36
Signature Algorithm: sha256WithRSAEncryption
04:ac:78:30:74:7a:6b:a6:3d:af:a7:67:fc:eb:cf:15:3b:e0:
14:0e:10:65:36:3f:9d:15:66:4b:46:a7:f0:3e:59:b7:ed:c0:
c7:60:64:1a:35:ff:3a:c0:11:31:bd:dc:01:c3:cd:07:97:06:
b8:c1:83:0f:58:69:5a:f2:95:4e:92:fa:69:81:61:a9:bc:14:
ea:d7:cb:b2:d4:53:7d:c1:ed:8c:73:0c:f7:84:23:d5:50:18:
b6:19:e3:26:76:fb:b0:50:6a:1a:09:85:f7:6b:50:fd:ad:fc:
b1:e9:49:29:62:bb:99:92:ad:64:c2:36:c9:a0:92:7f:c7:02:
6f:83:cf:96:0b:ed:4a:8e:66:8e:7f:15:f1:65:c3:d7:10:ec:
36:c1:4e:90:dd:af:5a:cb:f9:e8:3b:e4:2a:fa:c3:03:dd:a5:
a3:59:3b:be:38:fb:ad:90:04:b7:e7:e1:bb:b5:72:38:cf:21:
f6:8b:1c:a6:16:78:3a:bb:2f:55:a3:b0:c9:c3:ca:c5:cd:55:
5e:4a:cc:a6:db:10:06:38:70:2c:bd:f6:a3:eb:54:91:d3:50:
d3:6c:24:f2:bf:0b:d6:78:40:95:3f:eb:51:bf:81:7d:c8:02:
95:79:51:1c:e3:03:b4:52:23:6c:db:02:94:bf:ee:39:fb:aa:
b6:ca:c8:12
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZVEEuEzWGLPs0lPJo9zJzJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3NDhiYTE0YTc2ZTVkOGE2ZWRhY2I1NDI2MDgyYTU2
ZjVlM2QwHhcNMjUwMjI2MjEwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTFjNWI0M2VlMGZmMDk1NTc0OTY1YzUxMjdjNmQ0NWUwZDhmOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn41zYV6hfuIPAEm5aiNTIeq2sDj
89hzEofML1mwXBx+2zEiwuoyDut0HkFsG+gU6OcC0p0n3PVGfTWz9RRiFzn8Ngjd
N+Tjw8MRvJeMs/0Ohi/Z1JKpIpekeYwfN2ZIP7oheZM97yPV0yEVuMfht8e8MEsf
F/K3iug2dHvi/agaWG9Fn4oUDwF7cIG3lXRnjnjPJWS/WvKObbZ8XBJvMSrWhSEs
RWiOryJ2gsbjE5MY+OWYBsunISIRkPlC+MJfM2lIoVJMbwRqPxOP3JTeQLVtI4bp
RaCqNjk50RW+O/QApK7tlZ8udzq97l+awqv8mofwTIH7PY62eb1oRw/eSwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHocW0PuD/CVV0llxRJ8bUXg2Pi9MB8GA1UdIwQY
MBaAFLqqdIuhSnbl2KbtrLVCYIKlb149MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgt
YzUxOTUxNjJlM2JlLzEvZWh4YlEtNFA4SlZYU1dYRkVueHRSZURZLUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgtYzUxOTUxNjJlM2Jl
LzEvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhPMxfAw
DQYJKoZIhvcNAQELBQADggEBAASseDB0emumPa+nZ/zrzxU74BQOEGU2P50VZktG
p/A+WbftwMdgZBo1/zrAETG93AHDzQeXBrjBgw9YaVrylU6S+mmBYam8FOrXy7LU
U33B7YxzDPeEI9VQGLYZ4yZ2+7BQahoJhfdrUP2t/LHpSSliu5mSrWTCNsmgkn/H
Am+Dz5YL7UqOZo5/FfFlw9cQ7DbBTpDdr1rL+eg75Cr6wwPdpaNZO744+62QBLfn
4bu1cjjPIfaLHKYWeDq7L1WjsMnDysXNVV5KzKbbEAY4cCy99qPrVJHTUNNsJPK/
C9Z4QJU/61G/gX3IApV5URzjA7RSI2zbApS/7jn7qrbKyBI=
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:11:56 2025 by rpki-client