Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/1c1a49-4285-48be-a10e-ed1600f872bb/1/SlIgtDyTd5cpyZ5qiIfHEefhUu8.roa
File: SlIgtDyTd5cpyZ5qiIfHEefhUu8.roa (raw, json)
Hash identifier: cWooIQqAZCDw8Hk2WoTdEVBzSQhgQYC7c4wf4oYDYYU=
Subject key identifier: 4A:52:20:B4:3C:93:77:97:29:C9:9E:6A:88:87:C7:11:E7:E1:52:EF
Certificate issuer: /CN=849e3adff03aab62d5db223ac3b35e2a9baa4ea3
Certificate serial: 01941F8C118AB7E26DEBF905A10629C02319
Authority key identifier: 84:9E:3A:DF:F0:3A:AB:62:D5:DB:22:3A:C3:B3:5E:2A:9B:AA:4E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hJ463_A6q2LV2yI6w7NeKpuqTqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/1c1a49-4285-48be-a10e-ed1600f872bb/1/SlIgtDyTd5cpyZ5qiIfHEefhUu8.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20712
IP address blocks: 2001:67c:2058::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:11:8a:b7:e2:6d:eb:f9:05:a1:06:29:c0:23:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=849e3adff03aab62d5db223ac3b35e2a9baa4ea3
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a5220b43c93779729c99e6a8887c711e7e152ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:25:14:24:c5:7f:37:8b:a0:25:d9:1f:a0:d3:
a0:dd:bb:ff:01:26:35:8b:8b:7b:60:98:93:0d:5d:
71:2e:12:d5:24:f3:10:47:c6:24:f8:96:bf:c5:76:
67:f6:00:bf:3d:c7:a4:33:c7:f0:db:3c:c6:a0:66:
08:00:14:1a:80:52:e2:38:21:8e:5f:cf:83:74:5a:
3a:49:f8:f1:bb:e8:6a:13:30:00:76:44:4d:dc:02:
7a:ba:8f:e5:11:30:4b:ad:90:d6:df:43:e7:2e:7e:
4f:a5:c7:40:57:e8:f9:9f:31:6e:64:70:db:f0:cd:
a2:0b:99:c5:9f:99:5b:e9:df:cf:1d:2f:9b:57:32:
a0:42:79:ec:26:8b:d2:81:21:a9:dd:79:a1:03:9d:
12:49:60:06:c2:ab:d7:fa:98:3a:f1:c4:6a:d9:8e:
5f:81:a3:a5:64:db:10:46:4c:ea:81:3b:0a:b8:a1:
8e:7e:f1:3e:41:e7:ee:ef:19:0e:91:aa:9c:50:90:
c7:cb:65:c7:ea:09:a0:65:e6:fd:9d:87:21:fa:fd:
6e:27:3c:bf:b0:90:d2:51:be:11:f9:e8:13:89:d5:
38:1f:c5:1f:71:3b:63:ac:46:6a:da:ec:16:d6:df:
e7:f8:02:74:14:55:08:f7:5b:a5:d8:e0:8a:90:b3:
3b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:52:20:B4:3C:93:77:97:29:C9:9E:6A:88:87:C7:11:E7:E1:52:EF
X509v3 Authority Key Identifier:
keyid:84:9E:3A:DF:F0:3A:AB:62:D5:DB:22:3A:C3:B3:5E:2A:9B:AA:4E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hJ463_A6q2LV2yI6w7NeKpuqTqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1c1a49-4285-48be-a10e-ed1600f872bb/1/SlIgtDyTd5cpyZ5qiIfHEefhUu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/1c1a49-4285-48be-a10e-ed1600f872bb/1/hJ463_A6q2LV2yI6w7NeKpuqTqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2058::/48
Signature Algorithm: sha256WithRSAEncryption
3a:aa:f2:d8:bc:0a:0d:db:c3:86:8b:a0:a6:d4:e5:69:a6:2d:
cc:87:26:0d:de:8e:de:ac:9a:45:b1:60:3c:47:40:14:4a:e6:
5c:b6:28:a1:da:ed:70:2d:ec:58:4d:6f:31:ea:9e:75:2f:bf:
a5:d0:bc:38:d6:da:56:ba:9e:cd:5a:b5:31:17:2f:f3:1c:f4:
bc:9e:90:50:96:d3:0d:0b:2e:c1:b5:fd:8a:d1:52:66:17:ed:
10:32:4b:76:28:55:e9:81:92:f8:8b:07:0a:7d:87:aa:fa:8e:
0b:06:59:d5:c7:e4:a6:98:34:8c:44:ce:4d:98:3f:88:4b:84:
f9:43:22:92:77:f0:9c:89:30:0f:91:1c:67:f8:25:30:6d:30:
ae:c4:6c:c3:ca:3c:d1:c4:c1:66:91:e9:f3:38:79:19:b3:b3:
d4:f3:bf:e8:fb:9c:07:47:90:62:65:0b:97:c7:5a:ba:3a:a6:
e8:14:f7:33:cc:9f:af:8a:d7:13:92:7d:37:1b:02:c3:e7:8f:
91:19:45:21:2b:e1:90:d0:d1:9f:de:41:b0:e4:7d:82:7a:46:
c9:20:8b:c3:c6:7d:46:57:dc:e5:a4:a2:5e:6c:4b:da:fb:49:
92:17:3d:6e:20:40:aa:e3:c0:51:cf:20:08:26:f4:98:db:66:
78:c2:0a:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjBGKt+Jt6/kFoQYpwCMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0OWUzYWRmZjAzYWFiNjJkNWRiMjIzYWMzYjM1ZTJhOWJh
YTRlYTMwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTUyMjBiNDNjOTM3Nzk3MjljOTllNmE4ODg3YzcxMWU3ZTE1MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCUUJMV/N4ugJdkfoNOg3bv/ASY1
i4t7YJiTDV1xLhLVJPMQR8Yk+Ja/xXZn9gC/PcekM8fw2zzGoGYIABQagFLiOCGO
X8+DdFo6Sfjxu+hqEzAAdkRN3AJ6uo/lETBLrZDW30PnLn5PpcdAV+j5nzFuZHDb
8M2iC5nFn5lb6d/PHS+bVzKgQnnsJovSgSGp3XmhA50SSWAGwqvX+pg68cRq2Y5f
gaOlZNsQRkzqgTsKuKGOfvE+Qefu7xkOkaqcUJDHy2XH6gmgZeb9nYch+v1uJzy/
sJDSUb4R+egTidU4H8UfcTtjrEZq2uwW1t/n+AJ0FFUI91ul2OCKkLM7GQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEpSILQ8k3eXKcmeaoiHxxHn4VLvMB8GA1UdIwQY
MBaAFISeOt/wOqti1dsiOsOzXiqbqk6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEo0NjNfQTZxMkxWMnlJNnc3TmVLcHVxVHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8xYzFhNDktNDI4NS00OGJlLWExMGUt
ZWQxNjAwZjg3MmJiLzEvU2xJZ3REeVRkNWNweVo1cWlJZkhFZWZoVXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8xYzFhNDktNDI4NS00OGJlLWExMGUtZWQxNjAwZjg3MmJi
LzEvaEo0NjNfQTZxMkxWMnlJNnc3TmVLcHVxVHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCBY
MA0GCSqGSIb3DQEBCwUAA4IBAQA6qvLYvAoN28OGi6Cm1OVppi3MhyYN3o7erJpF
sWA8R0AUSuZctiih2u1wLexYTW8x6p51L7+l0Lw41tpWup7NWrUxFy/zHPS8npBQ
ltMNCy7Btf2K0VJmF+0QMkt2KFXpgZL4iwcKfYeq+o4LBlnVx+SmmDSMRM5NmD+I
S4T5QyKSd/CciTAPkRxn+CUwbTCuxGzDyjzRxMFmkenzOHkZs7PU87/o+5wHR5Bi
ZQuXx1q6OqboFPczzJ+vitcTkn03GwLD54+RGUUhK+GQ0NGf3kGw5H2CekbJIIvD
xn1GV9zlpKJebEva+0mSFz1uIECq48BRzyAIJvSY22Z4wgp0
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:09:58 2025 by rpki-client