Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/sQcj_duo5Cg8Xfz-ES3oPTUOi28.roa
File: sQcj_duo5Cg8Xfz-ES3oPTUOi28.roa (raw, json)
Hash identifier: UBRg0OFo+PF18+ZgKxelM+L0bmaiqfhjolhWTmBXih0=
Subject key identifier: B1:07:23:FD:DB:A8:E4:28:3C:5D:FC:FE:11:2D:E8:3D:35:0E:8B:6F
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 0194266BE4F05118098560FE571FF2677DDD
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/sQcj_duo5Cg8Xfz-ES3oPTUOi28.roa
Signing time: Thu 02 Jan 2025 09:49:52 +0000
ROA not before: Thu 02 Jan 2025 09:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56876
IP address blocks: 2a0f:5707:aab0::/44 maxlen: 44
2a0f:5707:aab0::/48 maxlen: 48
2a0f:5707:aab1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e4:f0:51:18:09:85:60:fe:57:1f:f2:67:7d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 09:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b10723fddba8e4283c5dfcfe112de83d350e8b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d7:a4:41:4e:ac:d4:e3:57:80:32:18:e0:1e:
a2:0b:e8:5e:66:fb:5a:95:35:59:82:ca:b8:e4:e1:
aa:37:dc:01:0f:c2:b3:fc:87:64:d6:fe:ac:ed:40:
87:77:8e:86:fd:25:24:f0:13:c8:ca:7f:c4:28:d3:
de:43:65:6b:30:b0:77:62:8b:74:87:90:de:37:e3:
12:55:aa:49:62:4e:66:f6:f4:6e:c7:e0:5a:ea:d5:
05:34:b6:4f:12:e3:c0:d9:bd:1f:29:be:29:5b:96:
dd:8a:7f:61:16:33:52:e8:07:aa:eb:b1:58:4f:6a:
bc:2a:9c:ae:26:c4:e1:31:0c:01:24:d8:dd:14:3e:
f7:46:c6:f1:c6:57:9f:2c:32:5b:26:e5:ea:ee:09:
f3:0b:eb:62:2c:06:5b:18:f1:6a:56:dd:b9:74:f8:
a4:be:e9:87:22:98:79:0a:b3:35:2f:c0:0d:6c:c4:
7f:20:b8:9b:13:8c:a4:7e:df:73:fc:ed:e4:86:6b:
bb:62:fe:94:d7:dc:aa:30:33:1e:8e:43:bb:5e:e2:
02:af:58:a7:32:97:09:dd:57:8c:b4:29:98:69:a9:
05:04:e4:b9:2b:cb:25:1c:27:99:db:f3:51:93:70:
dc:38:97:87:2c:18:19:39:5a:51:72:51:16:67:f1:
4c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:07:23:FD:DB:A8:E4:28:3C:5D:FC:FE:11:2D:E8:3D:35:0E:8B:6F
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/sQcj_duo5Cg8Xfz-ES3oPTUOi28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:aab0::/44
Signature Algorithm: sha256WithRSAEncryption
b7:73:2e:44:df:59:a9:c5:b8:75:92:13:25:4c:b9:62:f0:d6:
5c:ea:ba:ec:fa:6f:63:6e:6b:27:c1:0c:07:25:02:76:5b:6f:
68:01:18:3c:88:02:dc:58:33:ac:0a:80:60:df:dc:f3:c1:20:
5a:4c:6b:bf:91:26:2f:64:9b:96:12:af:b0:ae:89:ce:80:5a:
c9:b0:78:b5:c8:20:3d:dd:f6:82:62:a9:0a:a7:62:55:57:d1:
50:73:cb:93:c0:a8:73:94:bc:19:7f:5b:96:89:71:74:78:3a:
cf:5c:76:fd:98:25:41:a4:a5:9e:74:38:a2:8d:65:37:81:c3:
3b:75:1a:64:10:47:0b:e5:26:e9:54:7d:0b:f8:4c:91:50:50:
dd:69:31:32:2a:70:4a:c9:63:ca:c5:b9:dc:fe:81:da:20:f5:
ce:f6:ba:6a:39:6f:3a:ca:74:42:6b:69:b1:d6:8c:1c:fd:db:
28:53:ba:21:38:62:bd:8a:80:a6:53:2b:66:95:b1:cb:b4:f6:
7d:70:7e:20:0a:90:d7:5c:c5:94:68:5c:9c:f5:b8:11:76:35:
53:c4:d6:5c:be:90:cf:d4:f8:73:0f:da:b6:16:67:41:97:3b:
74:ea:03:9b:b3:56:da:b1:cf:37:ab:cc:b8:f7:f3:4e:10:44:
7b:d8:a0:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQma+TwURgJhWD+Vx/yZ33dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjUwMTAyMDk0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA3MjNmZGRiYThlNDI4M2M1ZGZjZmUxMTJkZTgzZDM1MGU4YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttekQU6s1ONXgDIY4B6iC+heZvta
lTVZgsq45OGqN9wBD8Kz/Idk1v6s7UCHd46G/SUk8BPIyn/EKNPeQ2VrMLB3Yot0
h5DeN+MSVapJYk5m9vRux+Ba6tUFNLZPEuPA2b0fKb4pW5bdin9hFjNS6Aeq67FY
T2q8KpyuJsThMQwBJNjdFD73RsbxxlefLDJbJuXq7gnzC+tiLAZbGPFqVt25dPik
vumHIph5CrM1L8ANbMR/ILibE4ykft9z/O3khmu7Yv6U19yqMDMejkO7XuICr1in
MpcJ3VeMtCmYaakFBOS5K8slHCeZ2/NRk3DcOJeHLBgZOVpRclEWZ/FMVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLEHI/3bqOQoPF38/hEt6D01DotvMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvc1Fjal9kdW81Q2c4WGZ6LUVTM29QVFVPaTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6qw
MA0GCSqGSIb3DQEBCwUAA4IBAQC3cy5E31mpxbh1khMlTLli8NZc6rrs+m9jbmsn
wQwHJQJ2W29oARg8iALcWDOsCoBg39zzwSBaTGu/kSYvZJuWEq+wronOgFrJsHi1
yCA93faCYqkKp2JVV9FQc8uTwKhzlLwZf1uWiXF0eDrPXHb9mCVBpKWedDiijWU3
gcM7dRpkEEcL5SbpVH0L+EyRUFDdaTEyKnBKyWPKxbnc/oHaIPXO9rpqOW86ynRC
a2mx1owc/dsoU7ohOGK9ioCmUytmlbHLtPZ9cH4gCpDXXMWUaFyc9bgRdjVTxNZc
vpDP1PhzD9q2FmdBlzt06gObs1basc83q8y49/NOEER72KC8
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:20:35 2025 by rpki-client