Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/04xbmxPg5zfRYQBHunO7L4AHr3w.roa
File: 04xbmxPg5zfRYQBHunO7L4AHr3w.roa (raw, json)
Hash identifier: g6gcnlBlZ5kTafJvSpoN500JU9+5sUdKeNJOpAYcTvM=
Subject key identifier: D3:8C:5B:9B:13:E0:E7:37:D1:61:00:47:BA:73:BB:2F:80:07:AF:7C
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258EC0FAFD46B0CE869D37A7E754AF1C
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/04xbmxPg5zfRYQBHunO7L4AHr3w.roa
Signing time: Thu 02 Jan 2025 05:48:19 +0000
ROA not before: Thu 02 Jan 2025 05:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7480
IP address blocks: 2a0e:aa02::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:c0:fa:fd:46:b0:ce:86:9d:37:a7:e7:54:af:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d38c5b9b13e0e737d1610047ba73bb2f8007af7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:60:86:2d:35:89:35:e7:ba:ba:f3:0a:9e:d9:
0e:01:8c:23:4a:fe:cc:4f:36:71:9a:2f:02:cb:73:
5e:10:b3:9d:2e:1a:6e:ba:64:1e:bc:17:05:6c:81:
3f:8b:d6:6c:b7:e0:4e:34:67:8f:93:15:7a:a8:c7:
22:50:ed:03:b3:cd:44:54:f8:dd:ae:e4:4d:09:c4:
72:1e:c0:46:fd:55:21:b8:76:0d:8d:b3:46:39:99:
bb:36:86:ce:8b:41:4f:d2:77:78:f9:4d:a3:a1:b7:
8e:66:27:84:4a:21:05:a3:ea:1d:db:ae:b8:da:e7:
d0:4c:94:b6:f8:63:72:75:1e:7b:21:5c:52:8f:b7:
f6:4f:a9:0a:7a:ec:9e:1d:90:86:dd:9f:f3:23:4d:
79:d7:df:b6:e7:6b:75:50:1f:a5:52:36:d3:0b:e6:
26:f3:38:82:1f:ce:3a:ad:7b:e5:2f:67:cf:09:46:
dc:29:ca:fd:f8:37:c0:eb:91:4e:4a:69:e6:3d:e0:
7d:8e:a9:70:47:4c:0a:2f:e8:24:c3:e0:8c:c2:2e:
70:01:66:ee:f3:f7:c6:ef:b7:98:59:6c:2c:b5:77:
1e:37:6d:e6:1b:4c:9b:12:b7:b1:5c:ce:bf:05:be:
b7:df:ec:d0:20:bc:80:d6:88:46:2f:0d:f5:31:2b:
44:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8C:5B:9B:13:E0:E7:37:D1:61:00:47:BA:73:BB:2F:80:07:AF:7C
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/04xbmxPg5zfRYQBHunO7L4AHr3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa02::/32
Signature Algorithm: sha256WithRSAEncryption
1f:e3:08:9d:45:43:ea:37:a4:ca:c4:be:eb:5f:c9:7a:82:e0:
be:80:f7:6d:a1:1d:f0:f4:a7:70:b8:85:0f:b8:e4:57:f5:7a:
cc:0d:f0:46:f1:27:dd:12:0d:27:c9:cd:4f:0b:b8:19:b9:09:
3d:14:28:1c:86:77:c9:77:ba:2a:d0:73:33:e8:0e:52:dd:31:
cd:ca:91:ce:a1:92:7e:e4:e7:89:e1:60:5f:32:73:95:27:53:
da:f3:c7:95:73:3f:1f:e3:6a:ec:8f:a3:a9:af:03:21:1c:3c:
3e:93:58:db:41:84:19:49:c9:0b:a1:72:be:08:eb:9c:7d:09:
75:4d:fc:73:10:5e:1c:6c:68:f9:2c:f6:5a:df:bb:c7:f9:86:
e8:3b:0a:80:0b:25:9d:eb:65:d4:9c:b8:b5:22:bb:76:b9:eb:
b6:00:c8:93:07:fc:1b:f3:19:fc:1a:2f:79:13:c8:c6:57:0b:
a7:a6:3d:56:cc:4e:04:b3:c9:85:5b:e3:93:89:13:ea:b3:61:
f1:cc:cc:16:19:9c:44:74:40:04:32:97:bf:48:b2:66:b6:a9:
06:1d:dd:9e:00:85:40:b9:5f:2f:90:7e:23:ca:1d:11:97:51:
1c:57:a4:19:7c:d7:b6:ae:d7:a7:ef:cb:f6:09:4b:25:78:1e:
95:f5:dc:d4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQljsD6/UawzoadN6fnVK8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzhjNWI5YjEzZTBlNzM3ZDE2MTAwNDdiYTczYmIyZjgwMDdhZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2CGLTWJNee6uvMKntkOAYwjSv7M
TzZxmi8Cy3NeELOdLhpuumQevBcFbIE/i9Zst+BONGePkxV6qMciUO0Ds81EVPjd
ruRNCcRyHsBG/VUhuHYNjbNGOZm7NobOi0FP0nd4+U2jobeOZieESiEFo+od2664
2ufQTJS2+GNydR57IVxSj7f2T6kKeuyeHZCG3Z/zI01519+252t1UB+lUjbTC+Ym
8ziCH846rXvlL2fPCUbcKcr9+DfA65FOSmnmPeB9jqlwR0wKL+gkw+CMwi5wAWbu
8/fG77eYWWwstXceN23mG0ybErexXM6/Bb633+zQILyA1ohGLw31MStEEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNOMW5sT4Oc30WEAR7pzuy+AB698MB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvMDR4Ym14UGc1emZSWVFCSHVuTzdMNEFIcjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg6qAjAN
BgkqhkiG9w0BAQsFAAOCAQEAH+MInUVD6jekysS+61/JeoLgvoD3baEd8PSncLiF
D7jkV/V6zA3wRvEn3RINJ8nNTwu4GbkJPRQoHIZ3yXe6KtBzM+gOUt0xzcqRzqGS
fuTnieFgXzJzlSdT2vPHlXM/H+Nq7I+jqa8DIRw8PpNY20GEGUnJC6FyvgjrnH0J
dU38cxBeHGxo+Sz2Wt+7x/mG6DsKgAslnetl1Jy4tSK7drnrtgDIkwf8G/MZ/Bov
eRPIxlcLp6Y9VsxOBLPJhVvjk4kT6rNh8czMFhmcRHRABDKXv0iyZrapBh3dngCF
QLlfL5B+I8odEZdRHFekGXzXtq7Xp+/L9glLJXgelfXc1A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:35 2025 by rpki-client