Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/202a79-5bfe-4a48-a7f9-414196ac646e/1/40QNfW5uxL4jypZTwjAvEPXJ-ss.roa
File: 40QNfW5uxL4jypZTwjAvEPXJ-ss.roa (raw, json)
Hash identifier: scLT9GShE++kyEVNQ4Xr6VT4pmzB0wfzNMHjViw3ltA=
Subject key identifier: E3:44:0D:7D:6E:6E:C4:BE:23:CA:96:53:C2:30:2F:10:F5:C9:FA:CB
Certificate issuer: /CN=742b1b5c075c3d3bdfa3525d476b1b2867c2a2ca
Certificate serial: 019422FC02BA05328D959025B64ACB78FF17
Authority key identifier: 74:2B:1B:5C:07:5C:3D:3B:DF:A3:52:5D:47:6B:1B:28:67:C2:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCsbXAdcPTvfo1JdR2sbKGfCoso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/202a79-5bfe-4a48-a7f9-414196ac646e/1/40QNfW5uxL4jypZTwjAvEPXJ-ss.roa
Signing time: Wed 01 Jan 2025 17:48:48 +0000
ROA not before: Wed 01 Jan 2025 17:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a02:79a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:02:ba:05:32:8d:95:90:25:b6:4a:cb:78:ff:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=742b1b5c075c3d3bdfa3525d476b1b2867c2a2ca
Validity
Not Before: Jan 1 17:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3440d7d6e6ec4be23ca9653c2302f10f5c9facb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:88:bc:d8:a1:78:5f:ca:95:27:b6:e5:55:6b:
da:e1:c4:b9:f3:1d:35:09:e0:37:e8:72:d6:03:76:
7d:c6:ee:4d:5a:4b:47:0a:e1:d4:40:b0:6a:ea:50:
52:c6:79:12:0d:a0:6b:7b:d1:0f:10:dd:7c:84:48:
52:ce:09:ec:ea:43:15:77:3a:e3:5c:22:86:4a:03:
d8:a3:86:31:27:17:ea:d7:ca:18:f6:35:b2:70:e2:
ef:5b:9b:91:35:bd:24:82:08:cc:86:71:41:b6:5c:
b2:7b:99:5f:de:17:a7:f0:1c:90:3a:ee:dd:9e:eb:
40:14:14:88:95:88:62:32:8d:fd:1a:30:81:a1:f0:
e3:0a:50:96:f9:08:dd:c0:1c:a5:d1:88:b7:26:80:
f1:94:23:48:41:ab:61:1b:fa:40:cd:a0:37:8e:93:
b8:a6:67:6e:da:d6:c6:13:49:95:c3:fc:92:6c:ca:
0f:5d:84:ef:78:09:17:6d:74:d0:a0:67:b8:88:c8:
bf:57:95:f0:c6:94:f5:9f:2e:ea:b2:04:1f:8d:82:
e9:cc:1d:ca:89:e8:9f:96:7f:6b:77:d7:f4:90:f3:
04:d1:40:77:37:c4:12:f0:f6:95:61:d2:27:0a:36:
d2:0f:12:1a:ed:7c:af:52:1f:1c:b7:02:5d:72:d4:
c9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:44:0D:7D:6E:6E:C4:BE:23:CA:96:53:C2:30:2F:10:F5:C9:FA:CB
X509v3 Authority Key Identifier:
keyid:74:2B:1B:5C:07:5C:3D:3B:DF:A3:52:5D:47:6B:1B:28:67:C2:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCsbXAdcPTvfo1JdR2sbKGfCoso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/202a79-5bfe-4a48-a7f9-414196ac646e/1/40QNfW5uxL4jypZTwjAvEPXJ-ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/202a79-5bfe-4a48-a7f9-414196ac646e/1/dCsbXAdcPTvfo1JdR2sbKGfCoso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:79a0::/32
Signature Algorithm: sha256WithRSAEncryption
90:57:cf:c9:62:f3:6d:17:72:9c:f5:2e:58:6b:a8:68:34:d3:
4d:1e:6a:2e:2d:27:00:31:b0:59:fc:ce:ae:65:6a:e9:cb:9a:
c0:e2:31:84:83:7a:ce:e9:8a:3e:36:c4:c9:df:82:29:1c:2b:
2d:46:a0:12:31:67:b0:93:90:90:83:be:ea:19:57:42:2b:c6:
af:25:a4:e8:df:f7:5b:ed:78:10:2e:4e:fa:60:c8:c7:88:4f:
c3:a6:61:2c:ca:f7:6c:93:66:e0:d8:7a:76:59:4b:cf:24:ad:
0a:e5:ed:af:a4:c2:fa:f6:d1:ad:ac:82:fa:3b:99:77:66:c6:
87:05:ca:5a:08:11:b8:43:19:20:6a:59:da:3c:8b:d3:ee:91:
bf:7a:f7:6b:43:ab:21:bf:79:8f:49:7e:d3:9e:e0:27:e0:9a:
3e:da:d3:4e:58:99:12:27:1f:80:a9:5f:0c:0d:b5:e0:d4:4f:
0e:2f:fa:ff:fa:32:24:c9:ac:6b:a9:8a:27:3f:13:c7:16:ef:
ec:af:fa:c8:7e:a3:fd:f3:ad:3c:60:7a:09:da:21:56:ad:a9:
f3:86:aa:5d:ae:6c:66:26:15:bd:0c:47:4b:67:63:5b:09:bf:
52:68:8a:06:de:6e:d6:f6:ce:ef:0e:b3:67:d1:c0:90:a8:69:
46:b6:3e:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi/AK6BTKNlZAltkrLeP8XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MmIxYjVjMDc1YzNkM2JkZmEzNTI1ZDQ3NmIxYjI4Njdj
MmEyY2EwHhcNMjUwMTAxMTc0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQ0MGQ3ZDZlNmVjNGJlMjNjYTk2NTNjMjMwMmYxMGY1YzlmYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoi82KF4X8qVJ7blVWva4cS58x01
CeA36HLWA3Z9xu5NWktHCuHUQLBq6lBSxnkSDaBre9EPEN18hEhSzgns6kMVdzrj
XCKGSgPYo4YxJxfq18oY9jWycOLvW5uRNb0kggjMhnFBtlyye5lf3hen8ByQOu7d
nutAFBSIlYhiMo39GjCBofDjClCW+QjdwByl0Yi3JoDxlCNIQathG/pAzaA3jpO4
pmdu2tbGE0mVw/ySbMoPXYTveAkXbXTQoGe4iMi/V5XwxpT1ny7qsgQfjYLpzB3K
ieifln9rd9f0kPME0UB3N8QS8PaVYdInCjbSDxIa7XyvUh8ctwJdctTJLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFONEDX1ubsS+I8qWU8IwLxD1yfrLMB8GA1UdIwQY
MBaAFHQrG1wHXD0736NSXUdrGyhnwqLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENzYlhBZGNQVHZmbzFKZFIyc2JLR2ZDb3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8yMDJhNzktNWJmZS00YTQ4LWE3Zjkt
NDE0MTk2YWM2NDZlLzEvNDBRTmZXNXV4TDRqeXBaVHdqQXZFUFhKLXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8yMDJhNzktNWJmZS00YTQ4LWE3ZjktNDE0MTk2YWM2NDZl
LzEvZENzYlhBZGNQVHZmbzFKZFIyc2JLR2ZDb3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgJ5oDAN
BgkqhkiG9w0BAQsFAAOCAQEAkFfPyWLzbRdynPUuWGuoaDTTTR5qLi0nADGwWfzO
rmVq6cuawOIxhIN6zumKPjbEyd+CKRwrLUagEjFnsJOQkIO+6hlXQivGryWk6N/3
W+14EC5O+mDIx4hPw6ZhLMr3bJNm4Nh6dllLzyStCuXtr6TC+vbRrayC+juZd2bG
hwXKWggRuEMZIGpZ2jyL0+6Rv3r3a0OrIb95j0l+057gJ+CaPtrTTliZEicfgKlf
DA214NRPDi/6//oyJMmsa6mKJz8Txxbv7K/6yH6j/fOtPGB6CdohVq2p84aqXa5s
ZiYVvQxHS2djWwm/UmiKBt5u1vbO7w6zZ9HAkKhpRrY+4w==
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:26:48 2025 by rpki-client