Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/kL4zPBMybJxQYl9_8Kt5EkZ8aFg.roa
File: kL4zPBMybJxQYl9_8Kt5EkZ8aFg.roa (raw, json)
Hash identifier: MYkciW/HAYtdagBM93kAsR9eBHWWpyUXvGcFUS0gkdI=
Subject key identifier: 90:BE:33:3C:13:32:6C:9C:50:62:5F:7F:F0:AB:79:12:46:7C:68:58
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0194266BEDE6F0A0F95B7820784C850D504D
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/kL4zPBMybJxQYl9_8Kt5EkZ8aFg.roa
Signing time: Thu 02 Jan 2025 09:49:54 +0000
ROA not before: Thu 02 Jan 2025 09:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208814
IP address blocks: 2a0f:5707:aa10::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ed:e6:f0:a0:f9:5b:78:20:78:4c:85:0d:50:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 09:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90be333c13326c9c50625f7ff0ab7912467c6858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:d4:ba:93:0c:26:11:32:06:e9:ba:cf:57:
1f:20:38:5f:5a:7e:fb:d1:97:91:09:39:70:92:cb:
bb:c5:eb:b5:1e:1b:0a:05:74:46:22:48:0d:bb:12:
52:36:23:b1:2b:1e:23:f1:dc:33:3c:61:62:ee:66:
c1:27:ac:8f:4d:4e:3f:4c:1f:9b:7c:7c:c4:ca:eb:
9b:cb:7f:3c:4b:38:14:da:3d:7b:1d:24:85:49:e0:
bc:89:23:09:31:6b:63:81:d2:2b:e3:8a:e4:65:62:
87:10:a4:a6:a8:0d:8e:2a:1c:33:f2:38:e5:5b:87:
da:7f:df:f7:f4:22:a0:ee:50:59:2a:50:8b:87:ba:
44:50:45:cf:52:46:a5:03:74:a4:c1:26:ee:7f:8e:
ae:95:d5:07:e6:c3:20:3e:68:49:16:45:7d:60:85:
a2:70:eb:67:8d:54:ee:91:c5:64:57:78:23:be:2a:
cd:cb:79:b7:d4:22:05:ed:70:e3:50:e5:01:0b:6c:
fa:6f:44:28:da:1d:40:4a:f1:43:3b:af:42:88:97:
73:0b:01:12:c0:0c:ec:c4:55:69:a3:fd:bb:47:9f:
bb:82:c6:27:ed:d6:fe:6b:be:15:cb:f0:d4:32:f6:
bc:eb:f0:50:d3:6a:b5:50:81:32:37:3f:3f:67:01:
a4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BE:33:3C:13:32:6C:9C:50:62:5F:7F:F0:AB:79:12:46:7C:68:58
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/kL4zPBMybJxQYl9_8Kt5EkZ8aFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:aa10::/44
Signature Algorithm: sha256WithRSAEncryption
45:98:2c:12:86:4f:b3:74:61:40:26:17:9c:5a:e1:1b:ae:12:
dd:5f:b4:a8:7b:3e:13:ba:a4:9c:81:ea:dd:6c:3e:69:41:4b:
0a:22:4b:b3:d3:e5:ab:b4:db:a3:cf:c0:c5:45:1b:7c:21:77:
0c:dd:a0:13:9b:77:27:4c:68:dc:5c:e5:f5:37:c3:09:27:8b:
53:96:c8:82:e8:c8:17:cd:ba:43:1a:49:4a:97:c6:01:8e:93:
5e:d3:77:25:f2:d1:88:e2:9a:2f:ba:ce:31:28:9d:ee:17:4d:
21:90:74:28:70:25:d8:56:bd:04:12:1d:44:6a:de:13:c0:5c:
7b:92:51:5b:34:2d:a2:a0:c4:6a:97:c9:a9:fc:99:b7:2b:52:
f4:54:7a:a4:1a:b8:d4:d9:bf:8a:e6:92:34:2a:1b:2f:f8:a0:
79:3e:f8:89:4d:30:00:b9:3c:df:b8:30:2d:ea:21:f0:52:3a:
38:1a:11:2f:d5:d2:fc:69:1e:27:ad:57:9f:0d:1b:45:05:55:
80:a8:2b:f1:f0:8e:19:71:94:93:09:a8:cd:5d:19:1a:58:52:
e5:ce:92:5b:dd:e7:f1:e9:84:5d:a8:6e:49:6e:89:10:9a:69:
b0:67:c2:1a:2b:ee:7b:91:47:38:b2:4b:bc:d0:80:c0:20:7a:
97:1a:be:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQma+3m8KD5W3ggeEyFDVBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjUwMTAyMDk0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJlMzMzYzEzMzI2YzljNTA2MjVmN2ZmMGFiNzkxMjQ2N2M2ODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotLUupMMJhEyBum6z1cfIDhfWn77
0ZeRCTlwksu7xeu1HhsKBXRGIkgNuxJSNiOxKx4j8dwzPGFi7mbBJ6yPTU4/TB+b
fHzEyuuby388SzgU2j17HSSFSeC8iSMJMWtjgdIr44rkZWKHEKSmqA2OKhwz8jjl
W4faf9/39CKg7lBZKlCLh7pEUEXPUkalA3SkwSbuf46uldUH5sMgPmhJFkV9YIWi
cOtnjVTukcVkV3gjvirNy3m31CIF7XDjUOUBC2z6b0Qo2h1ASvFDO69CiJdzCwES
wAzsxFVpo/27R5+7gsYn7db+a74Vy/DUMva86/BQ02q1UIEyNz8/ZwGkswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJC+MzwTMmycUGJff/CreRJGfGhYMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEva0w0elBCTXliSnhRWWw5XzhLdDVFa1o4YUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6oQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBFmCwShk+zdGFAJhecWuEbrhLdX7Soez4TuqSc
gerdbD5pQUsKIkuz0+WrtNujz8DFRRt8IXcM3aATm3cnTGjcXOX1N8MJJ4tTlsiC
6MgXzbpDGklKl8YBjpNe03cl8tGI4povus4xKJ3uF00hkHQocCXYVr0EEh1Eat4T
wFx7klFbNC2ioMRql8mp/Jm3K1L0VHqkGrjU2b+K5pI0Khsv+KB5PviJTTAAuTzf
uDAt6iHwUjo4GhEv1dL8aR4nrVefDRtFBVWAqCvx8I4ZcZSTCajNXRkaWFLlzpJb
3efx6YRdqG5JbokQmmmwZ8IaK+57kUc4sku80IDAIHqXGr7v
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:32:48 2025 by rpki-client