Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/p97Avl9nV3Nx0i1w45Yl3T0oKzg.roa
File: p97Avl9nV3Nx0i1w45Yl3T0oKzg.roa (raw, json)
Hash identifier: ZPQA4d87YOhKqcuAke+P/kmc4CIdEE6HBQuGK1D7QA0=
Subject key identifier: A7:DE:C0:BE:5F:67:57:73:71:D2:2D:70:E3:96:25:DD:3D:28:2B:38
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 01942368F3CE409A5235A2AE82C8A879D90C
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/p97Avl9nV3Nx0i1w45Yl3T0oKzg.roa
Signing time: Wed 01 Jan 2025 19:47:48 +0000
ROA not before: Wed 01 Jan 2025 19:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44024
IP address blocks: 2a05:91c3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:f3:ce:40:9a:52:35:a2:ae:82:c8:a8:79:d9:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Jan 1 19:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7dec0be5f67577371d22d70e39625dd3d282b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:74:30:26:17:ad:70:3d:7e:a9:b5:e6:54:b2:
15:64:e3:fc:6a:93:28:7b:73:6a:94:88:cb:01:99:
51:63:58:b5:19:a9:eb:d2:98:c4:42:17:c8:02:2d:
f8:29:a9:d8:b8:9b:2b:d0:9b:b3:7a:4d:ae:2a:eb:
e6:94:f4:20:fd:e6:22:67:bd:9d:1b:7f:49:1e:b1:
9b:6f:cb:b2:24:2d:89:45:36:4b:59:eb:3b:d4:5b:
b1:e2:75:ce:79:fe:f8:f0:c3:34:e9:d2:89:b4:14:
64:d7:90:df:35:ab:c4:bd:6a:a5:76:29:fa:7c:7f:
d7:2d:d2:4c:f4:0f:c0:f1:b2:95:83:b7:40:1e:df:
70:ef:84:c6:cd:bc:d5:fb:0f:ef:d2:bb:e5:83:69:
68:cc:43:88:0e:0f:12:90:8a:e1:a6:dc:26:0f:03:
66:f8:5f:67:f6:f5:e2:b0:65:15:ee:7f:f4:6a:ef:
c4:8a:b8:51:a1:32:fc:0b:9e:71:ac:51:98:2c:df:
e4:08:3b:18:d4:db:5b:64:2c:38:74:5a:f6:25:cd:
13:1f:a5:70:d3:94:aa:6c:dc:86:48:db:d6:a2:fa:
52:45:cd:18:5a:da:20:12:a7:cc:04:8f:f6:cf:41:
82:6a:48:48:58:6e:61:e0:8c:64:55:65:a6:bd:89:
d8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DE:C0:BE:5F:67:57:73:71:D2:2D:70:E3:96:25:DD:3D:28:2B:38
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/p97Avl9nV3Nx0i1w45Yl3T0oKzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:91c3::/48
Signature Algorithm: sha256WithRSAEncryption
4f:dc:c6:28:10:e5:f2:88:de:18:ec:02:b3:85:85:f4:77:3b:
2c:61:80:83:62:73:97:03:49:f9:9f:08:40:9a:c3:2f:e7:30:
c0:09:ca:a2:cc:26:e9:2b:1a:da:b1:bf:12:4f:bf:bd:16:9d:
95:41:1b:fd:7d:2b:6d:be:73:e3:f7:cb:11:87:a5:2d:ff:50:
d2:66:8e:4f:cb:7a:dc:21:0b:4d:9c:b8:fe:16:ff:14:85:6c:
1f:0c:db:d1:0c:00:11:23:75:ec:d8:14:9c:7f:94:d3:98:cd:
15:07:a3:67:7b:4e:46:b2:26:0e:f8:57:f8:a5:53:bb:19:12:
8f:9c:81:2a:fe:1a:7c:e3:53:1c:9a:5d:f4:16:85:ed:aa:90:
85:15:8f:94:86:cd:ec:10:b4:db:7f:46:be:e3:05:86:6c:4b:
43:cf:ce:72:89:45:40:c2:61:41:7e:22:9c:b5:eb:bd:af:d2:
51:e4:ba:dd:85:a3:72:c5:33:85:e1:43:e2:42:09:86:48:59:
d9:87:4a:c9:a3:2a:90:2a:e2:a1:8b:0d:dd:69:a1:ee:05:a0:
da:79:82:14:71:1d:1f:b8:22:0a:2b:89:5c:68:55:e1:bc:8c:
28:63:79:16:c6:04:ad:db:51:ef:e9:3c:f8:a9:a7:26:7a:e5:
1a:2e:37:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjaPPOQJpSNaKugsioedkMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjUwMTAxMTk0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2RlYzBiZTVmNjc1NzczNzFkMjJkNzBlMzk2MjVkZDNkMjgyYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXQwJhetcD1+qbXmVLIVZOP8apMo
e3NqlIjLAZlRY1i1Ganr0pjEQhfIAi34KanYuJsr0Juzek2uKuvmlPQg/eYiZ72d
G39JHrGbb8uyJC2JRTZLWes71Fux4nXOef748MM06dKJtBRk15DfNavEvWqldin6
fH/XLdJM9A/A8bKVg7dAHt9w74TGzbzV+w/v0rvlg2lozEOIDg8SkIrhptwmDwNm
+F9n9vXisGUV7n/0au/EirhRoTL8C55xrFGYLN/kCDsY1NtbZCw4dFr2Jc0TH6Vw
05SqbNyGSNvWovpSRc0YWtogEqfMBI/2z0GCakhIWG5h4IxkVWWmvYnY8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKfewL5fZ1dzcdItcOOWJd09KCs4MB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEvcDk3QXZsOW5WM054MGkxdzQ1WWwzVDBvS3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgWRwwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBP3MYoEOXyiN4Y7AKzhYX0dzssYYCDYnOXA0n5
nwhAmsMv5zDACcqizCbpKxrasb8ST7+9Fp2VQRv9fSttvnPj98sRh6Ut/1DSZo5P
y3rcIQtNnLj+Fv8UhWwfDNvRDAARI3Xs2BScf5TTmM0VB6Nne05GsiYO+Ff4pVO7
GRKPnIEq/hp841Mcml30FoXtqpCFFY+Uhs3sELTbf0a+4wWGbEtDz85yiUVAwmFB
fiKcteu9r9JR5LrdhaNyxTOF4UPiQgmGSFnZh0rJoyqQKuKhiw3daaHuBaDaeYIU
cR0fuCIKK4lcaFXhvIwoY3kWxgSt21Hv6Tz4qacmeuUaLjdw
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:46:43 2025 by rpki-client