Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/oN_HXrNwEKHWNOBeBXWLmMaedS8.roa
File: oN_HXrNwEKHWNOBeBXWLmMaedS8.roa (raw, json)
Hash identifier: EF1LIVK1qYYVxrGAD02d8UOfG8Hm02T8nbZi/iaVNaM=
Subject key identifier: A0:DF:C7:5E:B3:70:10:A1:D6:34:E0:5E:05:75:8B:98:C6:9E:75:2F
Certificate issuer: /CN=4f672d39929731aed9e01bc5a9e6d680f4659a0b
Certificate serial: 019421440D6404AEBFA15389F3D58366D161
Authority key identifier: 4F:67:2D:39:92:97:31:AE:D9:E0:1B:C5:A9:E6:D6:80:F4:65:9A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T2ctOZKXMa7Z4BvFqebWgPRlmgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/oN_HXrNwEKHWNOBeBXWLmMaedS8.roa
Signing time: Wed 01 Jan 2025 09:48:15 +0000
ROA not before: Wed 01 Jan 2025 09:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1764
IP address blocks: 2001:4b60:100::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:0d:64:04:ae:bf:a1:53:89:f3:d5:83:66:d1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f672d39929731aed9e01bc5a9e6d680f4659a0b
Validity
Not Before: Jan 1 09:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0dfc75eb37010a1d634e05e05758b98c69e752f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ed:d9:08:b9:a2:1a:da:04:be:35:5a:fe:58:
1e:2f:62:8e:a6:7f:79:56:1c:c6:52:e5:cf:96:46:
97:85:10:23:39:73:9a:17:f7:53:da:27:84:7a:42:
09:b6:25:16:80:3a:52:1c:25:61:66:65:5a:e3:94:
af:2d:6c:c8:c4:13:d5:e1:a8:48:2e:61:31:81:2e:
71:e7:6a:54:b5:67:c7:45:6f:6b:90:f2:42:fd:7f:
54:c4:4c:3d:f0:61:19:ae:bb:6c:d2:04:f8:16:04:
15:36:4b:39:ac:4a:3d:9e:38:f3:9b:39:ac:fa:32:
51:f1:53:0e:07:8f:11:a2:ce:6c:af:c6:dd:ba:c4:
34:25:47:8b:c5:13:75:d4:0a:72:02:31:1d:96:15:
3c:c5:87:2d:8e:49:27:2a:2e:76:13:1c:fe:90:53:
0c:35:99:e6:1a:0d:d0:e9:9a:de:8b:bd:c8:fb:17:
b1:eb:0c:36:23:b8:b6:d3:fe:77:8f:d5:95:07:61:
c3:8c:be:23:28:b4:81:65:40:6d:5f:f0:ab:59:94:
97:5f:35:02:af:3c:25:28:b4:37:a9:25:72:9b:9f:
27:0e:1e:1c:77:dc:2d:0e:cf:51:6e:ad:cd:4a:99:
62:97:94:cc:45:7f:b6:e1:52:4b:f7:44:70:d8:e2:
b6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DF:C7:5E:B3:70:10:A1:D6:34:E0:5E:05:75:8B:98:C6:9E:75:2F
X509v3 Authority Key Identifier:
keyid:4F:67:2D:39:92:97:31:AE:D9:E0:1B:C5:A9:E6:D6:80:F4:65:9A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T2ctOZKXMa7Z4BvFqebWgPRlmgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/oN_HXrNwEKHWNOBeBXWLmMaedS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/35c0b9-2855-4b20-8c80-7e280752da21/1/T2ctOZKXMa7Z4BvFqebWgPRlmgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4b60:100::/48
Signature Algorithm: sha256WithRSAEncryption
ae:5a:be:87:cc:67:aa:8a:60:46:ed:d8:5c:3d:5f:18:70:6a:
51:1b:b7:01:55:fa:58:f5:91:dd:bb:9a:d6:0c:45:76:d8:26:
1c:d2:d0:d0:41:31:cd:a4:1c:eb:db:19:01:12:2a:40:a0:d8:
78:ab:58:eb:e8:18:b0:6c:98:cd:2e:a6:d6:68:b6:a5:55:e2:
e5:a2:04:a8:5b:ce:05:f8:5f:cc:fa:80:ea:b5:cc:15:25:31:
3c:54:b6:a0:bf:a5:2b:a1:24:50:f7:d0:7d:32:8e:dd:d7:45:
ef:2f:11:e6:f0:04:94:7e:3a:b9:19:31:74:8c:18:d2:09:02:
b0:bf:ab:ef:a8:a0:bc:47:92:d7:bc:b8:76:39:fa:66:80:e1:
eb:1b:d0:43:d9:8f:85:74:d5:6a:67:d4:25:98:a4:79:a6:90:
b6:ae:09:6d:ff:ce:ef:92:e3:55:db:52:67:2c:6c:25:2e:14:
1d:e0:52:48:78:03:da:cb:fb:f4:38:0c:d8:66:dd:2f:54:15:
20:31:9e:f6:31:a2:4e:e3:6d:8e:cc:50:c4:70:a1:33:22:11:
87:4a:ab:8c:1f:67:e7:cc:60:7a:de:ac:fa:ba:35:1c:03:7e:
11:03:9f:2e:d3:a8:e5:8c:d0:fb:93:07:f6:db:ed:6e:bd:62:
d1:15:28:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRA1kBK6/oVOJ89WDZtFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNjcyZDM5OTI5NzMxYWVkOWUwMWJjNWE5ZTZkNjgwZjQ2
NTlhMGIwHhcNMjUwMTAxMDk0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRmYzc1ZWIzNzAxMGExZDYzNGUwNWUwNTc1OGI5OGM2OWU3NTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu3ZCLmiGtoEvjVa/lgeL2KOpn95
VhzGUuXPlkaXhRAjOXOaF/dT2ieEekIJtiUWgDpSHCVhZmVa45SvLWzIxBPV4ahI
LmExgS5x52pUtWfHRW9rkPJC/X9UxEw98GEZrrts0gT4FgQVNks5rEo9njjzmzms
+jJR8VMOB48Ros5sr8bdusQ0JUeLxRN11ApyAjEdlhU8xYctjkknKi52Exz+kFMM
NZnmGg3Q6Zrei73I+xex6ww2I7i20/53j9WVB2HDjL4jKLSBZUBtX/CrWZSXXzUC
rzwlKLQ3qSVym58nDh4cd9wtDs9Rbq3NSplil5TMRX+24VJL90Rw2OK20wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKDfx16zcBCh1jTgXgV1i5jGnnUvMB8GA1UdIwQY
MBaAFE9nLTmSlzGu2eAbxanm1oD0ZZoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDJjdE9aS1hNYTdaNEJ2RnFlYldnUFJsbWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zNWMwYjktMjg1NS00YjIwLThjODAt
N2UyODA3NTJkYTIxLzEvb05fSFhyTndFS0hXTk9CZUJYV0xtTWFlZFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zNWMwYjktMjg1NS00YjIwLThjODAtN2UyODA3NTJkYTIx
LzEvVDJjdE9aS1hNYTdaNEJ2RnFlYldnUFJsbWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAFLYAEA
MA0GCSqGSIb3DQEBCwUAA4IBAQCuWr6HzGeqimBG7dhcPV8YcGpRG7cBVfpY9ZHd
u5rWDEV22CYc0tDQQTHNpBzr2xkBEipAoNh4q1jr6BiwbJjNLqbWaLalVeLlogSo
W84F+F/M+oDqtcwVJTE8VLagv6UroSRQ99B9Mo7d10XvLxHm8ASUfjq5GTF0jBjS
CQKwv6vvqKC8R5LXvLh2OfpmgOHrG9BD2Y+FdNVqZ9QlmKR5ppC2rglt/87vkuNV
21JnLGwlLhQd4FJIeAPay/v0OAzYZt0vVBUgMZ72MaJO422OzFDEcKEzIhGHSquM
H2fnzGB63qz6ujUcA34RA58u06jljND7kwf22+1uvWLRFShL
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:49:21 2025 by rpki-client