Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/SuZNhQV6D0doixiGUYQTNbRw3TY.roa
File: SuZNhQV6D0doixiGUYQTNbRw3TY.roa (raw, json)
Hash identifier: pd7jK518w5CklxrE1QbhN79FwzQi1oC1/31ruLLxsSs=
Subject key identifier: 4A:E6:4D:85:05:7A:0F:47:68:8B:18:86:51:84:13:35:B4:70:DD:36
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369B3A5FAA36492FD56013944E45861
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/SuZNhQV6D0doixiGUYQTNbRw3TY.roa
Signing time: Wed 01 Jan 2025 19:48:37 +0000
ROA not before: Wed 01 Jan 2025 19:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62034
IP address blocks: 128.0.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:b3:a5:fa:a3:64:92:fd:56:01:39:44:e4:58:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ae64d85057a0f47688b188651841335b470dd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:35:f9:32:f7:3d:df:3f:b6:89:cb:15:ad:29:
6c:57:da:e2:2e:2c:3c:0d:70:b4:d2:7c:d3:de:dd:
7d:86:9d:ef:74:96:7f:58:83:54:d0:f0:6f:ad:ca:
6a:fd:d9:2c:66:fc:67:e8:5e:96:f5:1a:e7:d1:b9:
08:2e:1e:c1:a1:31:93:63:c0:97:04:34:2d:cc:92:
fb:34:6e:61:94:c8:1e:83:dd:d6:3f:03:45:5c:54:
b6:c3:37:2a:ba:24:92:95:d1:9d:96:9a:4b:15:8b:
25:4f:80:92:7a:46:7b:b7:38:98:ec:30:07:8c:9e:
5d:ca:b9:cd:90:94:66:44:91:53:d2:f8:d4:9b:f2:
3c:fd:ba:76:a5:65:13:38:09:97:92:fc:dc:0c:b7:
91:7d:a0:66:ad:c9:eb:48:ea:2c:eb:f8:ea:55:d7:
4c:ba:4f:52:06:29:ae:eb:ca:59:3f:30:8b:3c:ac:
6d:3a:8f:29:57:2f:01:cf:1d:90:f9:7a:17:38:ea:
8f:49:5c:9a:d9:f7:c4:97:7f:6e:52:2f:1b:69:d1:
d6:62:99:d8:41:0f:43:2a:26:4e:23:94:d7:73:38:
84:e1:76:16:71:45:f6:25:15:f6:56:02:d5:39:4d:
5f:52:9b:b0:2d:3d:b2:db:03:16:df:86:d9:ac:f6:
5d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E6:4D:85:05:7A:0F:47:68:8B:18:86:51:84:13:35:B4:70:DD:36
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/SuZNhQV6D0doixiGUYQTNbRw3TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.3.0/24
Signature Algorithm: sha256WithRSAEncryption
13:ac:38:07:b2:6e:43:77:87:5a:c3:ad:ef:87:3f:47:7f:b9:
83:89:3c:6b:2e:3d:25:fb:0c:90:83:c3:46:83:4c:69:fa:51:
42:79:6d:13:fe:29:4d:00:d7:e3:17:f9:aa:df:5f:32:22:64:
76:44:ff:cb:71:48:c4:04:fc:a5:d4:53:5e:d6:ef:10:ab:2e:
54:8a:eb:9e:d4:9b:27:b4:02:fa:04:ab:39:dd:6a:10:80:26:
de:13:79:b3:e1:d4:a0:f5:ef:e5:5f:74:de:8c:a9:a4:d7:ed:
f5:aa:c0:02:60:c5:56:ec:cc:01:6a:8f:92:78:66:f7:c2:dd:
0e:de:53:f0:f9:5c:86:cc:82:50:84:27:3e:85:6b:8b:84:ac:
ae:78:26:e7:c0:6f:74:94:0e:6e:03:11:0e:cf:f1:89:45:a8:
3d:a1:67:ff:c3:78:9c:96:c0:31:f9:b4:5f:46:77:1d:0b:16:
77:70:a9:b0:cd:b2:2d:2d:9f:86:b4:fc:91:44:3c:52:14:db:
e2:d7:d9:1a:df:9a:7b:34:c1:53:a5:04:74:99:02:4c:41:e8:
e5:a0:62:d0:2d:85:72:2c:d9:15:97:9c:01:8d:9b:0a:22:a9:
f0:97:6d:4b:48:94:36:24:19:ed:0b:e6:e6:f4:a0:17:0b:11:
df:fc:43:fe
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjabOl+qNkkv1WATlE5FhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU2NGQ4NTA1N2EwZjQ3Njg4YjE4ODY1MTg0MTMzNWI0NzBkZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzX5Mvc93z+2icsVrSlsV9riLiw8
DXC00nzT3t19hp3vdJZ/WINU0PBvrcpq/dksZvxn6F6W9Rrn0bkILh7BoTGTY8CX
BDQtzJL7NG5hlMgeg93WPwNFXFS2wzcquiSSldGdlppLFYslT4CSekZ7tziY7DAH
jJ5dyrnNkJRmRJFT0vjUm/I8/bp2pWUTOAmXkvzcDLeRfaBmrcnrSOos6/jqVddM
uk9SBimu68pZPzCLPKxtOo8pVy8Bzx2Q+XoXOOqPSVya2ffEl39uUi8badHWYpnY
QQ9DKiZOI5TXcziE4XYWcUX2JRX2VgLVOU1fUpuwLT2y2wMW34bZrPZdfQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFErmTYUFeg9HaIsYhlGEEzW0cN02MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1N1Wk5oUVY2RDBkb2l4aUdVWVFUTmJSdzNUWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACAAAMw
DQYJKoZIhvcNAQELBQADggEBABOsOAeybkN3h1rDre+HP0d/uYOJPGsuPSX7DJCD
w0aDTGn6UUJ5bRP+KU0A1+MX+arfXzIiZHZE/8txSMQE/KXUU17W7xCrLlSK657U
mye0AvoEqzndahCAJt4TebPh1KD17+VfdN6MqaTX7fWqwAJgxVbszAFqj5J4ZvfC
3Q7eU/D5XIbMglCEJz6Fa4uErK54JufAb3SUDm4DEQ7P8YlFqD2hZ//DeJyWwDH5
tF9Gdx0LFndwqbDNsi0tn4a0/JFEPFIU2+LX2Rrfmns0wVOlBHSZAkxB6OWgYtAt
hXIs2RWXnAGNmwoiqfCXbUtIlDYkGe0L5ub0oBcLEd/8Q/4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:47 2025 by rpki-client