Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/pTHe5z_UC5Rv2zAgyZz5PhBBbIc.roa
File: pTHe5z_UC5Rv2zAgyZz5PhBBbIc.roa (raw, json)
Hash identifier: LCSm3osyvHakBWxSlCUH1WcECMjCvAEncqaI0o/t+nY=
Subject key identifier: A5:31:DE:E7:3F:D4:0B:94:6F:DB:30:20:C9:9C:F9:3E:10:41:6C:87
Certificate issuer: /CN=ee31367df6d1861071c92bae726523326f45ba2a
Certificate serial: 019423D72636D6A20E6DC0F6213540525420
Authority key identifier: EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/pTHe5z_UC5Rv2zAgyZz5PhBBbIc.roa
Signing time: Wed 01 Jan 2025 21:48:10 +0000
ROA not before: Wed 01 Jan 2025 21:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200325
IP address blocks: 2a0e:1cc0:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:26:36:d6:a2:0e:6d:c0:f6:21:35:40:52:54:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee31367df6d1861071c92bae726523326f45ba2a
Validity
Not Before: Jan 1 21:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a531dee73fd40b946fdb3020c99cf93e10416c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:c6:2b:4b:f3:8a:cf:4d:ef:0c:f2:01:f3:
1e:82:f1:8e:4c:2f:fd:bc:b7:df:2c:e9:ae:ff:1e:
b5:e4:a7:f5:38:e6:45:86:3b:94:33:24:00:93:97:
5b:88:4c:75:3f:5b:76:22:03:be:43:4f:1d:b8:83:
24:21:0c:4f:55:ca:e6:cd:5d:c9:95:18:88:8d:66:
90:1a:46:16:53:73:8d:1f:d1:7d:fa:e1:a5:2a:d1:
f3:c7:de:ec:f5:f3:8d:9b:0e:a7:ed:02:f6:ea:d4:
19:92:2d:52:04:b1:22:b9:e8:91:ce:89:bd:77:b7:
e5:87:3c:0d:79:f8:7c:13:00:57:ec:41:ca:dc:61:
15:ae:b7:61:26:f5:78:6b:92:1a:a8:64:5a:83:aa:
f3:8b:62:fc:6c:ef:eb:32:79:5d:e2:08:41:49:bc:
ce:9e:1b:68:39:64:99:60:e0:fa:46:da:e7:4c:13:
b9:c0:ae:f0:05:5c:64:b5:4d:53:d3:af:2c:15:fb:
35:2d:27:18:bb:b8:b0:ad:6c:17:e0:7c:ad:6e:f0:
c7:46:59:5b:d5:50:c7:8e:d3:d8:fc:02:7b:73:2d:
72:90:61:d4:ea:92:59:25:1e:42:e5:98:35:8c:04:
79:cc:a4:70:8e:49:57:ec:ba:6e:25:54:49:66:20:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:31:DE:E7:3F:D4:0B:94:6F:DB:30:20:C9:9C:F9:3E:10:41:6C:87
X509v3 Authority Key Identifier:
keyid:EE:31:36:7D:F6:D1:86:10:71:C9:2B:AE:72:65:23:32:6F:45:BA:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jE2ffbRhhBxySuucmUjMm9Fuio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/pTHe5z_UC5Rv2zAgyZz5PhBBbIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/1bb4dd-e9c4-4d3d-9a3b-1159dbfbed54/1/7jE2ffbRhhBxySuucmUjMm9Fuio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1cc0:4::/48
Signature Algorithm: sha256WithRSAEncryption
96:64:fc:36:f9:fe:95:54:86:e9:ba:89:36:3b:45:f6:13:9b:
98:d1:bf:23:12:24:93:6b:0e:7a:85:f4:0e:85:04:01:6d:01:
6d:a0:dd:66:00:0d:b1:e2:ba:a6:ab:e8:bb:42:bd:60:05:ee:
7b:ac:94:a6:46:42:f9:6b:b0:91:e5:22:11:6e:a6:23:14:96:
95:d4:d5:05:59:41:2a:3b:6d:81:c2:b5:85:51:e6:52:6f:28:
c8:ad:b0:a9:9a:f1:35:80:f0:a1:06:40:3b:61:1c:6c:94:5b:
54:05:be:dd:a0:99:83:c0:01:8c:f5:a5:74:05:3b:47:a7:e0:
7f:60:a6:60:b3:c7:f5:b2:42:08:2d:92:34:a0:aa:64:c2:81:
3c:62:e6:34:fb:bd:f9:9e:d4:cc:8b:14:4a:71:2b:0a:6f:26:
aa:a9:13:6c:0e:77:9d:d2:70:07:29:3f:f0:55:c3:da:80:fd:
c6:15:c3:81:68:9d:05:5d:f7:4e:a3:28:ca:d3:03:6f:96:3a:
ca:9f:6c:6d:c6:19:34:67:65:81:57:72:bc:57:24:e1:33:3a:
57:92:09:a0:73:99:be:50:68:66:80:57:7b:76:e9:c8:2f:8b:
bd:44:36:a5:2e:f5:55:29:18:34:2d:77:9f:7c:8d:25:16:63:
86:c8:02:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1yY21qIObcD2ITVAUlQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzEzNjdkZjZkMTg2MTA3MWM5MmJhZTcyNjUyMzMyNmY0
NWJhMmEwHhcNMjUwMTAxMjE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTMxZGVlNzNmZDQwYjk0NmZkYjMwMjBjOTljZjkzZTEwNDE2Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlrGK0vzis9N7wzyAfMegvGOTC/9
vLffLOmu/x615Kf1OOZFhjuUMyQAk5dbiEx1P1t2IgO+Q08duIMkIQxPVcrmzV3J
lRiIjWaQGkYWU3ONH9F9+uGlKtHzx97s9fONmw6n7QL26tQZki1SBLEiueiRzom9
d7flhzwNefh8EwBX7EHK3GEVrrdhJvV4a5IaqGRag6rzi2L8bO/rMnld4ghBSbzO
nhtoOWSZYOD6RtrnTBO5wK7wBVxktU1T068sFfs1LScYu7iwrWwX4HytbvDHRllb
1VDHjtPY/AJ7cy1ykGHU6pJZJR5C5Zg1jAR5zKRwjklX7LpuJVRJZiDRgwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKUx3uc/1AuUb9swIMmc+T4QQWyHMB8GA1UdIwQY
MBaAFO4xNn320YYQcckrrnJlIzJvRboqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2It
MTE1OWRiZmJlZDU0LzEvcFRIZTV6X1VDNVJ2MnpBZ3laejVQaEJCYkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xYmI0ZGQtZTljNC00ZDNkLTlhM2ItMTE1OWRiZmJlZDU0
LzEvN2pFMmZmYlJoaEJ4eVN1dWNtVWpNbTlGdWlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cwAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQCWZPw2+f6VVIbpuok2O0X2E5uY0b8jEiSTaw56
hfQOhQQBbQFtoN1mAA2x4rqmq+i7Qr1gBe57rJSmRkL5a7CR5SIRbqYjFJaV1NUF
WUEqO22BwrWFUeZSbyjIrbCpmvE1gPChBkA7YRxslFtUBb7doJmDwAGM9aV0BTtH
p+B/YKZgs8f1skIILZI0oKpkwoE8YuY0+735ntTMixRKcSsKbyaqqRNsDned0nAH
KT/wVcPagP3GFcOBaJ0FXfdOoyjK0wNvljrKn2xtxhk0Z2WBV3K8VyThMzpXkgmg
c5m+UGhmgFd7dunIL4u9RDalLvVVKRg0LXeffI0lFmOGyALa
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:40:58 2025 by rpki-client