Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/pQAmrx6o4CI4reP0N_Rh_MJDpX0.roa
File: pQAmrx6o4CI4reP0N_Rh_MJDpX0.roa (raw, json)
Hash identifier: stB5xPGCbCcePFe21J8b8Kvsf/3aDbBAYH2/WR02NM0=
Subject key identifier: A5:00:26:AF:1E:A8:E0:22:38:AD:E3:F4:37:F4:61:FC:C2:43:A5:7D
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 0194282714F9900E4FE7F3593AAF429FBDE4
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/pQAmrx6o4CI4reP0N_Rh_MJDpX0.roa
Signing time: Thu 02 Jan 2025 17:53:57 +0000
ROA not before: Thu 02 Jan 2025 17:53:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137490
IP address blocks: 2a0e:46c4:101::/48 maxlen: 48
2a0e:46c4:110::/48 maxlen: 48
2a0e:46c4:200::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:14:f9:90:0e:4f:e7:f3:59:3a:af:42:9f:bd:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 2 17:53:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a50026af1ea8e02238ade3f437f461fcc243a57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:19:55:6c:a0:66:c8:2f:90:00:ec:e8:ec:e8:
9b:82:2a:c1:6b:cd:1e:94:c0:b0:89:25:91:f2:92:
96:00:3a:3e:98:0f:a9:0c:14:ad:64:35:95:82:01:
20:4c:90:07:ec:f4:05:26:27:00:2b:fd:51:20:42:
40:80:a0:78:88:30:84:39:6c:2d:d2:76:31:1f:87:
73:b8:d4:3f:b2:1d:ee:ac:a6:1e:2b:5e:c5:8d:ca:
ce:34:96:60:36:83:ac:a0:58:73:7e:d7:0a:1b:a1:
81:00:3e:94:c8:2a:3c:93:cb:a0:b2:ae:7d:8f:90:
ab:04:78:43:80:8a:aa:99:28:4b:e4:a9:be:0b:3d:
2d:f0:5d:65:0b:9b:f1:ee:41:3c:07:5a:e5:76:96:
b9:58:e5:04:07:47:b0:d1:17:d4:27:48:a8:f9:9b:
4f:05:8b:8d:bc:3d:98:1f:32:6b:7d:92:eb:6f:ea:
f5:02:b1:53:c6:c0:11:fe:56:75:2e:58:0b:29:da:
f4:23:e2:bf:ce:30:30:18:03:38:e9:ac:34:6c:6b:
43:e3:2c:1a:36:18:d7:3d:4c:67:30:8c:a4:15:05:
07:16:8f:d1:06:dc:be:51:93:da:1f:15:41:54:dc:
31:f8:b5:4b:43:a9:9b:aa:54:05:43:5c:70:40:9f:
c3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:00:26:AF:1E:A8:E0:22:38:AD:E3:F4:37:F4:61:FC:C2:43:A5:7D
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/pQAmrx6o4CI4reP0N_Rh_MJDpX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c4:101::/48
2a0e:46c4:110::/48
2a0e:46c4:200::/48
Signature Algorithm: sha256WithRSAEncryption
37:17:39:02:b2:63:fc:86:4f:11:45:39:c6:6b:12:3d:ef:72:
f8:ee:75:34:0b:85:93:d7:8e:3a:84:80:b3:dc:19:91:fd:1f:
53:f4:20:49:f1:3d:ff:bc:ff:ed:c5:a5:32:4f:d4:0d:d9:33:
63:cc:e8:3f:65:1f:c7:d6:f7:9c:64:8d:1f:c8:4d:84:78:c8:
ce:d2:61:3a:3a:a3:34:a3:98:67:7b:e4:e1:2b:9a:b7:b8:c1:
c4:c0:09:f2:f0:83:b7:34:06:f3:5f:22:de:6f:1a:6c:18:a1:
14:c2:be:98:1a:99:2b:a3:d1:6b:30:96:29:e7:5b:bc:48:7c:
15:36:49:5f:fd:ca:0f:b0:7b:a6:c4:90:9e:a7:77:3d:f9:d3:
df:b6:ad:ae:a5:ea:74:d4:aa:a4:60:76:a5:72:c1:43:2c:20:
09:11:93:ce:ae:1e:3f:30:4d:9d:f6:1d:0c:07:4f:d3:a1:00:
89:83:a4:53:12:23:b8:02:24:a7:20:81:47:30:79:76:e6:be:
95:f4:1f:19:94:d6:98:20:9e:73:46:93:9e:1e:52:b6:df:d5:
f9:f0:76:7c:6e:35:86:e4:7d:5f:49:a5:6f:5e:2e:e1:dc:9a:
89:71:bc:31:dc:63:b9:4e:06:9b:cc:94:96:7d:d6:ef:06:46:
22:10:d6:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQoJxT5kA5P5/NZOq9Cn73kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjUwMTAyMTc1MzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAwMjZhZjFlYThlMDIyMzhhZGUzZjQzN2Y0NjFmY2MyNDNhNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxlVbKBmyC+QAOzo7OibgirBa80e
lMCwiSWR8pKWADo+mA+pDBStZDWVggEgTJAH7PQFJicAK/1RIEJAgKB4iDCEOWwt
0nYxH4dzuNQ/sh3urKYeK17FjcrONJZgNoOsoFhzftcKG6GBAD6UyCo8k8ugsq59
j5CrBHhDgIqqmShL5Km+Cz0t8F1lC5vx7kE8B1rldpa5WOUEB0ew0RfUJ0io+ZtP
BYuNvD2YHzJrfZLrb+r1ArFTxsAR/lZ1LlgLKdr0I+K/zjAwGAM46aw0bGtD4ywa
NhjXPUxnMIykFQUHFo/RBty+UZPaHxVBVNwx+LVLQ6mbqlQFQ1xwQJ/DIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKUAJq8eqOAiOK3j9Df0YfzCQ6V9MB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvcFFBbXJ4Nm80Q0k0cmVQME5fUmhfTUpEcFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg5GxAEB
AwcAKg5GxAEQAwcAKg5GxAIAMA0GCSqGSIb3DQEBCwUAA4IBAQA3FzkCsmP8hk8R
RTnGaxI973L47nU0C4WT1446hICz3BmR/R9T9CBJ8T3/vP/txaUyT9QN2TNjzOg/
ZR/H1vecZI0fyE2EeMjO0mE6OqM0o5hne+ThK5q3uMHEwAny8IO3NAbzXyLebxps
GKEUwr6YGpkro9FrMJYp51u8SHwVNklf/coPsHumxJCep3c9+dPftq2upep01Kqk
YHalcsFDLCAJEZPOrh4/ME2d9h0MB0/ToQCJg6RTEiO4AiSnIIFHMHl25r6V9B8Z
lNaYIJ5zRpOeHlK239X58HZ8bjWG5H1fSaVvXi7h3JqJcbwx3GO5TgabzJSWfdbv
BkYiENb3
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:09 2025 by rpki-client