Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/IPdBRl0ekj3fZtV-aqYG0wF3csc.roa
File: IPdBRl0ekj3fZtV-aqYG0wF3csc.roa (raw, json)
Hash identifier: YdT5DEuAY9nQ03V75nwU5Qvhsos7OjQYU5mlCXpV4eo=
Subject key identifier: 20:F7:41:46:5D:1E:92:3D:DF:66:D5:7E:6A:A6:06:D3:01:77:72:C7
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0194266BE076BA40F8C7373E3556FF2FE26A
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/IPdBRl0ekj3fZtV-aqYG0wF3csc.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38846
IP address blocks: 2a0f:5707:ab00::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e0:76:ba:40:f8:c7:37:3e:35:56:ff:2f:e2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20f741465d1e923ddf66d57e6aa606d3017772c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0e:c5:0f:df:95:b1:93:2e:c6:30:a2:4a:25:
e4:95:02:30:32:c6:b0:a0:ab:f1:97:6e:bf:06:30:
9c:75:32:0a:1c:40:41:0f:8e:cc:19:32:3e:ce:38:
9c:16:49:04:02:cc:0c:68:b6:94:f4:8c:57:8e:7d:
fb:39:5a:e6:3d:98:0f:51:67:c1:4c:d9:2b:4e:24:
ff:67:af:a8:2d:0f:b0:31:ba:28:12:6f:61:e3:cb:
6c:ac:0f:24:86:3d:2f:65:95:51:59:db:f4:5b:a6:
cc:23:c2:10:9e:c6:e8:81:12:9a:8a:df:9d:82:62:
45:7b:1d:cd:59:34:00:1f:2f:c8:93:bb:df:c1:58:
f7:0a:5c:10:61:ee:db:72:04:6f:fa:b6:78:25:e5:
bd:67:33:d5:df:90:5e:cb:77:83:03:15:81:ec:6f:
8d:14:db:26:7d:47:c1:3a:2f:28:2f:5c:6c:84:62:
0a:11:3a:f0:1d:66:6d:9f:d5:bc:ad:98:26:14:0d:
fd:63:87:16:02:37:6a:b1:6b:6e:d0:47:c8:9d:88:
36:b9:6e:1d:6f:8d:2e:67:26:52:ec:3d:3b:4f:01:
56:1b:7d:51:b7:5a:6e:05:84:41:c7:d1:fc:ca:e1:
31:7c:af:fc:ba:fa:50:05:ed:29:4d:fc:f1:d6:47:
e3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F7:41:46:5D:1E:92:3D:DF:66:D5:7E:6A:A6:06:D3:01:77:72:C7
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/IPdBRl0ekj3fZtV-aqYG0wF3csc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ab00::/44
Signature Algorithm: sha256WithRSAEncryption
6e:11:6b:7f:e3:a6:d3:4e:06:d7:4a:b7:fb:8a:1b:9c:9d:37:
7d:f2:36:27:63:5c:46:6b:e6:d3:65:7f:99:0d:66:64:dd:27:
e3:d8:73:77:5b:8a:05:50:44:04:b0:89:a5:a1:67:7a:df:4d:
40:82:8f:6d:a4:41:d7:10:1a:80:cf:dc:6d:11:29:09:1a:9c:
de:46:9d:00:18:9d:71:78:8a:ce:b4:34:27:ca:1c:09:c6:aa:
64:d7:d6:fa:aa:31:25:7a:4b:67:db:4d:3c:3f:0a:bf:f4:4a:
4c:75:9e:27:8c:5e:e5:bb:a4:05:60:88:fe:29:5d:d5:2b:f1:
b7:e0:62:1c:70:13:6a:e5:85:63:a5:ed:24:50:37:2b:ed:d4:
1a:c8:a8:65:3b:99:77:72:db:0c:38:26:d0:93:47:39:92:b9:
ca:24:58:54:c9:61:21:51:ee:38:6b:ae:c5:c9:80:95:84:ee:
a1:8b:a1:f6:34:77:10:84:82:e7:e1:58:fe:08:b8:3c:29:98:
3b:c1:0a:4d:aa:c5:ae:9e:2c:01:8f:d6:4c:9c:7b:02:64:f1:
29:e4:b1:f9:1a:67:ac:5e:ea:f4:a9:3f:0b:78:a3:d2:28:ec:
b1:9b:97:d7:76:36:3b:1f:50:d0:c1:7d:f6:de:fe:3f:49:7e:
87:72:8e:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQma+B2ukD4xzc+NVb/L+JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY3NDE0NjVkMWU5MjNkZGY2NmQ1N2U2YWE2MDZkMzAxNzc3MmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxw7FD9+VsZMuxjCiSiXklQIwMsaw
oKvxl26/BjCcdTIKHEBBD47MGTI+zjicFkkEAswMaLaU9IxXjn37OVrmPZgPUWfB
TNkrTiT/Z6+oLQ+wMbooEm9h48tsrA8khj0vZZVRWdv0W6bMI8IQnsbogRKait+d
gmJFex3NWTQAHy/Ik7vfwVj3ClwQYe7bcgRv+rZ4JeW9ZzPV35Bey3eDAxWB7G+N
FNsmfUfBOi8oL1xshGIKETrwHWZtn9W8rZgmFA39Y4cWAjdqsWtu0EfInYg2uW4d
b40uZyZS7D07TwFWG31Rt1puBYRBx9H8yuExfK/8uvpQBe0pTfzx1kfj4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCD3QUZdHpI932bVfmqmBtMBd3LHMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvSVBkQlJsMGVrajNmWnRWLWFxWUcwd0YzY3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6sA
MA0GCSqGSIb3DQEBCwUAA4IBAQBuEWt/46bTTgbXSrf7ihucnTd98jYnY1xGa+bT
ZX+ZDWZk3Sfj2HN3W4oFUEQEsImloWd6301Ago9tpEHXEBqAz9xtESkJGpzeRp0A
GJ1xeIrOtDQnyhwJxqpk19b6qjElektn2008Pwq/9EpMdZ4njF7lu6QFYIj+KV3V
K/G34GIccBNq5YVjpe0kUDcr7dQayKhlO5l3ctsMOCbQk0c5krnKJFhUyWEhUe44
a67FyYCVhO6hi6H2NHcQhILn4Vj+CLg8KZg7wQpNqsWuniwBj9ZMnHsCZPEp5LH5
GmesXur0qT8LeKPSKOyxm5fXdjY7H1DQwX323v4/SX6Hco6R
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:59:49 2025 by rpki-client