Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/IWmCzk6cq45EnYSJ96MKtN3JC8I.roa
File: IWmCzk6cq45EnYSJ96MKtN3JC8I.roa (raw, json)
Hash identifier: XoBuI/JfFprw14YCMqakYs9R02jMXW/1dfsiuGeuG6E=
Subject key identifier: 21:69:82:CE:4E:9C:AB:8E:44:9D:84:89:F7:A3:0A:B4:DD:C9:0B:C2
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019424B264EF53E49C6783AB39998DA90398
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/IWmCzk6cq45EnYSJ96MKtN3JC8I.roa
Signing time: Thu 02 Jan 2025 01:47:38 +0000
ROA not before: Thu 02 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55720
IP address blocks: 2a11:840:26::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:64:ef:53:e4:9c:67:83:ab:39:99:8d:a9:03:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=216982ce4e9cab8e449d8489f7a30ab4ddc90bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:82:7b:00:c5:99:77:20:15:22:2f:b8:97:
5f:0d:35:c0:1a:c9:ca:3f:a5:55:95:d2:45:88:b3:
76:e3:05:f9:30:32:17:53:f1:55:33:e8:16:14:b3:
27:e1:0d:5b:54:9b:06:18:f6:d1:91:2b:40:47:25:
3f:12:d9:07:84:7b:0d:80:7f:33:e6:b8:14:fd:62:
ca:0c:54:e6:35:b1:b5:30:62:c7:45:e8:ef:ad:54:
c9:23:5f:69:4e:aa:de:e1:ba:b9:db:4e:56:b6:35:
19:75:eb:f6:88:8d:05:f6:b3:b3:86:f0:5f:bb:1c:
2d:53:49:08:54:77:68:8f:5c:46:93:de:17:f9:c6:
e6:66:16:c8:75:7f:1d:5e:77:8d:c4:87:07:80:6a:
d6:d7:ec:20:27:06:c8:1e:0d:c5:fa:70:d3:c2:5a:
45:cf:82:4e:30:21:df:8a:3b:8f:bd:16:14:e1:02:
2c:ad:28:75:c8:11:49:9c:46:7c:e8:ec:ba:12:98:
d3:a0:3c:ed:62:b6:11:17:e4:a2:a1:c7:a4:9c:86:
92:e1:e2:d5:fb:1c:20:3f:ad:59:1f:68:7b:ea:13:
1b:09:ff:67:c9:de:7d:36:c0:43:54:41:7a:25:86:
a1:4c:5b:51:f8:04:69:39:be:9a:51:89:77:a9:03:
ce:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:69:82:CE:4E:9C:AB:8E:44:9D:84:89:F7:A3:0A:B4:DD:C9:0B:C2
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/IWmCzk6cq45EnYSJ96MKtN3JC8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:26::/48
Signature Algorithm: sha256WithRSAEncryption
50:1f:86:1b:29:5c:c2:b4:17:fe:14:e4:7a:16:a9:bb:d7:64:
59:7e:0d:5a:36:51:a0:b4:fd:1b:df:d9:17:fe:e6:6d:c3:af:
a5:20:f5:2d:22:5e:15:5f:81:b5:ea:1b:44:1c:5e:1b:06:61:
6f:ea:c6:5a:6e:bb:f2:8d:6a:91:b6:16:94:f9:ef:d6:9d:3f:
3c:23:83:9e:2e:36:1d:81:20:a6:4c:5b:a3:2c:3d:0d:e6:be:
bf:52:29:23:77:51:f8:4c:5f:f6:06:e8:f3:0c:7f:5a:b1:f3:
07:26:8a:92:fb:5a:6d:c0:02:86:12:41:0d:74:d3:e5:f3:bc:
4e:56:74:10:27:36:35:1d:49:98:e0:1a:2d:9e:1b:f4:83:4b:
a4:7e:a6:bd:d3:c9:c7:a3:db:cf:43:6b:0f:bd:3b:f8:a5:7c:
bb:50:4a:74:de:21:4b:ba:04:51:30:ec:67:24:b1:32:96:a9:
8d:05:98:27:48:f4:87:4f:53:41:11:c7:42:ef:1b:44:88:ea:
1d:64:69:00:f1:ef:e4:71:50:39:ec:10:aa:5f:9f:6a:3e:f9:
b6:6a:73:4d:4f:da:91:f7:72:8d:b6:76:94:6c:c5:14:04:31:
d9:9f:5b:84:b0:e8:48:ec:0b:a8:c3:4f:57:05:84:e0:85:0c:
be:df:53:bd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQksmTvU+ScZ4OrOZmNqQOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwMTAyMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY5ODJjZTRlOWNhYjhlNDQ5ZDg0ODlmN2EzMGFiNGRkYzkwYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNmCewDFmXcgFSIvuJdfDTXAGsnK
P6VVldJFiLN24wX5MDIXU/FVM+gWFLMn4Q1bVJsGGPbRkStARyU/EtkHhHsNgH8z
5rgU/WLKDFTmNbG1MGLHRejvrVTJI19pTqre4bq5205WtjUZdev2iI0F9rOzhvBf
uxwtU0kIVHdoj1xGk94X+cbmZhbIdX8dXneNxIcHgGrW1+wgJwbIHg3F+nDTwlpF
z4JOMCHfijuPvRYU4QIsrSh1yBFJnEZ86Oy6EpjToDztYrYRF+SioceknIaS4eLV
+xwgP61ZH2h76hMbCf9nyd59NsBDVEF6JYahTFtR+ARpOb6aUYl3qQPO1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCFpgs5OnKuORJ2EifejCrTdyQvCMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvSVdtQ3prNmNxNDVFbllTSjk2TUt0TjNKQzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAm
MA0GCSqGSIb3DQEBCwUAA4IBAQBQH4YbKVzCtBf+FOR6Fqm712RZfg1aNlGgtP0b
39kX/uZtw6+lIPUtIl4VX4G16htEHF4bBmFv6sZabrvyjWqRthaU+e/WnT88I4Oe
LjYdgSCmTFujLD0N5r6/Uikjd1H4TF/2BujzDH9asfMHJoqS+1ptwAKGEkENdNPl
87xOVnQQJzY1HUmY4Botnhv0g0ukfqa908nHo9vPQ2sPvTv4pXy7UEp03iFLugRR
MOxnJLEylqmNBZgnSPSHT1NBEcdC7xtEiOodZGkA8e/kcVA57BCqX59qPvm2anNN
T9qR93KNtnaUbMUUBDHZn1uEsOhI7Auow09XBYTghQy+31O9
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:28:49 2025 by rpki-client