Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/eRE1hc1OAUXn9B2yIqa6q1KtEng.roa
File: eRE1hc1OAUXn9B2yIqa6q1KtEng.roa (raw, json)
Hash identifier: 2kkOJHVByX9Ad1TRTPwMrwhabgTLNmB9YR0YC04Cis4=
Subject key identifier: 79:11:35:85:CD:4E:01:45:E7:F4:1D:B2:22:A6:BA:AB:52:AD:12:78
Certificate issuer: /CN=b360f0097be481c21bb1d51c85d44f6574158aa9
Certificate serial: 019420D63ABBDE3BCB48F3688CE190852ADF
Authority key identifier: B3:60:F0:09:7B:E4:81:C2:1B:B1:D5:1C:85:D4:4F:65:74:15:8A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s2DwCXvkgcIbsdUchdRPZXQViqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/eRE1hc1OAUXn9B2yIqa6q1KtEng.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a14:2a00:100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3a:bb:de:3b:cb:48:f3:68:8c:e1:90:85:2a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b360f0097be481c21bb1d51c85d44f6574158aa9
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79113585cd4e0145e7f41db222a6baab52ad1278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:38:03:4b:4a:98:5e:c3:24:c5:76:11:f4:b0:
48:0d:f5:f0:b7:be:55:e3:8a:10:05:be:79:6c:ef:
29:9c:43:4a:92:89:7c:a9:9a:ea:5f:7b:f5:ce:5b:
c5:97:ff:e0:56:af:b5:ba:52:c1:02:8a:38:7c:f4:
4c:04:07:5c:e0:de:26:68:d7:87:09:ef:32:d6:ab:
50:46:13:90:31:18:64:cd:73:63:d6:06:62:7f:97:
30:21:97:5c:45:51:08:0f:cf:4e:fe:89:cc:c3:56:
46:70:57:bf:ad:88:44:b8:ad:2b:5e:72:c3:0a:a1:
47:a9:85:e3:50:bb:29:3f:18:d1:7b:68:dc:22:a1:
f2:67:6f:48:12:4b:47:0e:b8:e7:c3:a2:35:43:7d:
ff:13:ad:3d:ba:5e:9c:7d:5c:89:2a:77:01:bc:e8:
bb:9f:ef:7c:41:4b:82:17:c1:bf:aa:f4:b5:42:af:
d1:9a:7a:e1:8f:32:a3:8b:40:0e:e9:01:a2:dc:34:
f0:ab:f7:50:c0:b5:42:d1:bc:d7:7c:56:72:7a:11:
41:c8:68:fa:2a:5c:b9:0d:1c:bd:70:5b:4d:f4:4c:
10:57:cb:f9:c5:41:a0:88:c6:1c:5a:fe:64:cd:f7:
a8:4c:aa:2c:9a:55:a2:8d:e0:6d:a6:28:87:dd:a3:
d0:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:11:35:85:CD:4E:01:45:E7:F4:1D:B2:22:A6:BA:AB:52:AD:12:78
X509v3 Authority Key Identifier:
keyid:B3:60:F0:09:7B:E4:81:C2:1B:B1:D5:1C:85:D4:4F:65:74:15:8A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s2DwCXvkgcIbsdUchdRPZXQViqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/eRE1hc1OAUXn9B2yIqa6q1KtEng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/s2DwCXvkgcIbsdUchdRPZXQViqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:2a00:100::/40
Signature Algorithm: sha256WithRSAEncryption
3e:6b:7d:57:5b:1a:81:5d:13:1a:b0:0e:dd:96:a0:05:bc:01:
ed:9c:b4:ab:c7:e8:85:4b:c0:90:64:18:49:6c:12:46:b7:14:
ef:b4:cf:80:43:cf:1d:c9:d4:07:c0:4f:cd:83:fc:ef:0f:5a:
99:71:1e:7a:81:04:5a:31:39:4e:44:67:70:3d:11:f7:14:32:
30:97:dd:c8:42:38:f3:1b:d7:0c:0b:a3:6d:53:bd:84:7e:ae:
8a:55:60:c7:82:67:20:a7:30:83:9d:5e:da:e0:7f:07:f7:44:
b3:c6:72:26:0e:cf:86:8a:52:3f:61:1f:9f:f6:52:ee:94:c4:
2f:2b:01:c6:01:c2:33:36:5f:74:cf:11:af:b6:7d:d9:1c:0e:
8f:9a:11:55:31:ce:ef:36:3a:ec:2d:ce:9b:6f:39:26:cd:64:
56:9d:01:0d:c2:d1:de:80:95:4a:0e:d9:62:cf:bf:5a:71:24:
8e:9b:e1:5d:aa:08:94:e8:5b:dc:19:b8:1e:f2:bd:78:33:e7:
e5:4b:9e:6c:55:0c:08:31:f2:b8:3b:86:a8:2d:ec:3a:81:94:
75:bb:a1:02:9d:82:28:4f:02:a7:a8:f6:0a:ea:39:bb:f1:2e:
52:3c:c2:7d:db:42:67:b6:11:8d:e1:58:9b:14:18:4c:bc:5b:
7f:4a:1e:47
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQg1jq73jvLSPNojOGQhSrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNjBmMDA5N2JlNDgxYzIxYmIxZDUxYzg1ZDQ0ZjY1NzQx
NThhYTkwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTExMzU4NWNkNGUwMTQ1ZTdmNDFkYjIyMmE2YmFhYjUyYWQxMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTgDS0qYXsMkxXYR9LBIDfXwt75V
44oQBb55bO8pnENKkol8qZrqX3v1zlvFl//gVq+1ulLBAoo4fPRMBAdc4N4maNeH
Ce8y1qtQRhOQMRhkzXNj1gZif5cwIZdcRVEID89O/onMw1ZGcFe/rYhEuK0rXnLD
CqFHqYXjULspPxjRe2jcIqHyZ29IEktHDrjnw6I1Q33/E609ul6cfVyJKncBvOi7
n+98QUuCF8G/qvS1Qq/RmnrhjzKji0AO6QGi3DTwq/dQwLVC0bzXfFZyehFByGj6
Kly5DRy9cFtN9EwQV8v5xUGgiMYcWv5kzfeoTKosmlWijeBtpiiH3aPQFQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHkRNYXNTgFF5/QdsiKmuqtSrRJ4MB8GA1UdIwQY
MBaAFLNg8Al75IHCG7HVHIXUT2V0FYqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczJEd0NYdmtnY0lic2RVY2hkUlBaWFFWaXFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80YWE1YTctOGJlYy00MjQ3LWExNWYt
NWEzNjEyMzUyYjM3LzEvZVJFMWhjMU9BVVhuOUIyeUlxYTZxMUt0RW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80YWE1YTctOGJlYy00MjQ3LWExNWYtNWEzNjEyMzUyYjM3
LzEvczJEd0NYdmtnY0lic2RVY2hkUlBaWFFWaXFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhQqAAEw
DQYJKoZIhvcNAQELBQADggEBAD5rfVdbGoFdExqwDt2WoAW8Ae2ctKvH6IVLwJBk
GElsEka3FO+0z4BDzx3J1AfAT82D/O8PWplxHnqBBFoxOU5EZ3A9EfcUMjCX3chC
OPMb1wwLo21TvYR+ropVYMeCZyCnMIOdXtrgfwf3RLPGciYOz4aKUj9hH5/2Uu6U
xC8rAcYBwjM2X3TPEa+2fdkcDo+aEVUxzu82OuwtzptvOSbNZFadAQ3C0d6AlUoO
2WLPv1pxJI6b4V2qCJToW9wZuB7yvXgz5+VLnmxVDAgx8rg7hqgt7DqBlHW7oQKd
gihPAqeo9grqObvxLlI8wn3bQme2EY3hWJsUGEy8W39KHkc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:52:43 2025 by rpki-client