Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e521bf-f8fd-4e39-b6ea-c9738ce5baef/1/pW4NhKTVrfPynXbLPF5CI2MPfYk.roa
File: pW4NhKTVrfPynXbLPF5CI2MPfYk.roa (raw, json)
Hash identifier: WbDzY2pHEiq4FLUx3TIlRUMJrlB0Z859NRUEutTDHyI=
Subject key identifier: A5:6E:0D:84:A4:D5:AD:F3:F2:9D:76:CB:3C:5E:42:23:63:0F:7D:89
Certificate issuer: /CN=d70e0c4b475010a5b42adef333c39bdc1adb9611
Certificate serial: 019426D9106DA7537797AFD2DD8F80C513EF
Authority key identifier: D7:0E:0C:4B:47:50:10:A5:B4:2A:DE:F3:33:C3:9B:DC:1A:DB:96:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1w4MS0dQEKW0Kt7zM8Ob3BrblhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e521bf-f8fd-4e39-b6ea-c9738ce5baef/1/pW4NhKTVrfPynXbLPF5CI2MPfYk.roa
Signing time: Thu 02 Jan 2025 11:49:07 +0000
ROA not before: Thu 02 Jan 2025 11:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59645
IP address blocks: 2001:67c:a44::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:10:6d:a7:53:77:97:af:d2:dd:8f:80:c5:13:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d70e0c4b475010a5b42adef333c39bdc1adb9611
Validity
Not Before: Jan 2 11:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a56e0d84a4d5adf3f29d76cb3c5e4223630f7d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:7a:a0:06:52:f8:c8:51:52:f1:38:a3:64:
54:f6:1b:87:1a:a4:c6:47:04:db:66:1f:91:80:fa:
cb:b4:ef:ae:56:ea:f8:78:59:00:c3:f8:d2:6a:0e:
60:2b:ca:6b:a9:d8:57:b0:ba:69:06:1f:1a:c3:0e:
26:ba:b6:2c:85:11:9c:ee:7d:7b:31:23:36:e5:db:
d6:bf:89:79:7c:97:d4:2e:f2:75:1c:41:d2:e2:de:
57:96:e6:18:ec:87:94:68:3d:d8:71:d2:1e:1a:8f:
ce:e4:d2:d2:0c:3c:aa:dd:71:86:e6:55:ab:11:85:
67:88:d9:3b:fd:67:f4:ed:e2:bf:47:86:73:13:ee:
ae:80:aa:b8:19:f7:48:9f:b2:2f:8a:c3:bf:82:7c:
72:7e:4f:e4:ee:5a:73:a7:c3:a0:d0:d8:9e:fd:7d:
6e:50:91:a4:ed:88:08:b5:88:5c:01:ac:6c:17:fa:
88:fa:5d:23:e1:b9:ca:7a:47:67:a8:c0:99:99:7e:
bf:36:fe:d2:a1:f7:b8:25:51:f8:7d:8c:ab:36:9b:
0b:5f:c2:75:60:43:fd:7a:bb:c4:23:c8:07:2b:ea:
1a:61:b0:6d:a8:4c:0d:08:13:32:08:e3:25:2b:6b:
5d:b5:fd:7e:99:4b:bd:fd:15:88:fd:54:c1:a2:b5:
f8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6E:0D:84:A4:D5:AD:F3:F2:9D:76:CB:3C:5E:42:23:63:0F:7D:89
X509v3 Authority Key Identifier:
keyid:D7:0E:0C:4B:47:50:10:A5:B4:2A:DE:F3:33:C3:9B:DC:1A:DB:96:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1w4MS0dQEKW0Kt7zM8Ob3BrblhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e521bf-f8fd-4e39-b6ea-c9738ce5baef/1/pW4NhKTVrfPynXbLPF5CI2MPfYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e521bf-f8fd-4e39-b6ea-c9738ce5baef/1/1w4MS0dQEKW0Kt7zM8Ob3BrblhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:a44::/48
Signature Algorithm: sha256WithRSAEncryption
62:2c:17:c9:ba:52:b7:38:be:fd:0a:1e:3e:0f:e9:68:65:30:
ae:0a:9b:62:fe:d2:f1:7f:5c:9a:f3:5d:03:4a:c8:6d:67:8a:
23:6f:3e:29:01:bf:69:45:16:e4:7c:c2:77:94:7c:ff:e1:62:
9f:f7:54:b1:48:aa:04:0b:71:af:18:11:93:26:70:45:43:f8:
b8:b7:1f:2f:36:be:e6:7e:77:de:6b:a5:24:aa:27:4c:47:05:
8a:2d:f4:cb:4c:c0:6f:ea:55:71:a6:47:16:08:1a:fc:19:10:
f1:95:a1:b5:3d:48:86:e1:79:4e:81:49:87:05:43:35:57:f1:
a2:b2:a9:c3:85:d2:bd:56:ae:ea:9d:e5:3f:8a:0c:8f:54:f3:
5f:c7:84:31:da:bd:fd:de:22:c2:2f:d6:b7:51:4a:13:11:93:
86:53:52:a1:4f:b6:67:f9:d2:12:7a:39:62:f6:7e:83:bb:83:
b8:b7:4a:4a:b1:89:d0:7a:4f:98:c1:14:f3:e3:2f:d9:9d:a1:
76:af:ea:c9:0e:85:65:19:c1:c6:59:9a:5c:16:d1:de:0f:03:
8b:bb:e8:cc:6e:dd:c1:23:04:b0:68:8f:d6:1f:cd:d3:22:69:
fe:57:cc:cc:6b:2c:2c:cf:b3:2a:25:3c:7b:86:1d:e6:2e:a1:
2d:96:0e:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2RBtp1N3l6/S3Y+AxRPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MGUwYzRiNDc1MDEwYTViNDJhZGVmMzMzYzM5YmRjMWFk
Yjk2MTEwHhcNMjUwMTAyMTE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTZlMGQ4NGE0ZDVhZGYzZjI5ZDc2Y2IzYzVlNDIyMzYzMGY3ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs456oAZS+MhRUvE4o2RU9huHGqTG
RwTbZh+RgPrLtO+uVur4eFkAw/jSag5gK8prqdhXsLppBh8aww4murYshRGc7n17
MSM25dvWv4l5fJfULvJ1HEHS4t5XluYY7IeUaD3YcdIeGo/O5NLSDDyq3XGG5lWr
EYVniNk7/Wf07eK/R4ZzE+6ugKq4GfdIn7IvisO/gnxyfk/k7lpzp8Og0Nie/X1u
UJGk7YgItYhcAaxsF/qI+l0j4bnKekdnqMCZmX6/Nv7Sofe4JVH4fYyrNpsLX8J1
YEP9ervEI8gHK+oaYbBtqEwNCBMyCOMlK2tdtf1+mUu9/RWI/VTBorX4HwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKVuDYSk1a3z8p12yzxeQiNjD32JMB8GA1UdIwQY
MBaAFNcODEtHUBCltCre8zPDm9wa25YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXc0TVMwZFFFS1cwS3Q3ek04T2IzQnJibGhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNTIxYmYtZjhmZC00ZTM5LWI2ZWEt
Yzk3MzhjZTViYWVmLzEvcFc0TmhLVFZyZlB5blhiTFBGNUNJMk1QZllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNTIxYmYtZjhmZC00ZTM5LWI2ZWEtYzk3MzhjZTViYWVm
LzEvMXc0TVMwZFFFS1cwS3Q3ek04T2IzQnJibGhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfApE
MA0GCSqGSIb3DQEBCwUAA4IBAQBiLBfJulK3OL79Ch4+D+loZTCuCpti/tLxf1ya
810DSshtZ4ojbz4pAb9pRRbkfMJ3lHz/4WKf91SxSKoEC3GvGBGTJnBFQ/i4tx8v
Nr7mfnfea6UkqidMRwWKLfTLTMBv6lVxpkcWCBr8GRDxlaG1PUiG4XlOgUmHBUM1
V/GisqnDhdK9Vq7qneU/igyPVPNfx4Qx2r393iLCL9a3UUoTEZOGU1KhT7Zn+dIS
ejli9n6Du4O4t0pKsYnQek+YwRTz4y/ZnaF2r+rJDoVlGcHGWZpcFtHeDwOLu+jM
bt3BIwSwaI/WH83TImn+V8zMaywsz7MqJTx7hh3mLqEtlg6l
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:33:24 2025 by rpki-client