Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/3w8cITzPlFENHgqLqyZeLEvZDAk.roa
File: 3w8cITzPlFENHgqLqyZeLEvZDAk.roa (raw, json)
Hash identifier: Mzp/SVdc+XpoZ/StnvvUKrJm00g1AdYvdAoz4HfdCl0=
Subject key identifier: DF:0F:1C:21:3C:CF:94:51:0D:1E:0A:8B:AB:26:5E:2C:4B:D9:0C:09
Certificate issuer: /CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Certificate serial: 0194282378CB637438C80FE4FD7BFC690A51
Authority key identifier: 4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/3w8cITzPlFENHgqLqyZeLEvZDAk.roa
Signing time: Thu 02 Jan 2025 17:50:00 +0000
ROA not before: Thu 02 Jan 2025 17:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213346
IP address blocks: 2a10:b9c0:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:78:cb:63:74:38:c8:0f:e4:fd:7b:fc:69:0a:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Validity
Not Before: Jan 2 17:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df0f1c213ccf94510d1e0a8bab265e2c4bd90c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2e:a0:22:b5:c7:56:70:10:46:b6:3b:ea:93:
a0:3f:6c:76:c5:ec:f6:9a:e9:ae:2b:56:9b:d6:31:
d0:74:6d:41:45:f8:76:2f:bf:d7:08:c1:72:04:3f:
98:f5:d1:84:a1:9b:f5:dd:79:52:cb:ec:f8:af:76:
19:47:78:3f:fe:f9:4e:0f:62:e5:6f:bb:2d:28:3d:
22:b3:db:12:87:c4:18:c8:7c:fc:1b:ad:c4:8b:0f:
27:0c:18:cf:74:1a:f1:8f:13:89:ea:35:91:b0:1c:
30:e3:78:f2:72:30:8f:16:ab:ba:3e:b3:49:91:6f:
5a:da:83:dc:2e:1a:c6:7d:da:f0:5b:5e:c9:3d:5c:
38:97:67:de:ea:75:40:f2:58:7e:e3:05:3e:66:fc:
84:9e:f3:d4:68:82:c8:28:1a:99:68:89:41:ea:ed:
05:21:09:29:ff:9a:d5:95:0a:b2:0e:69:7f:a9:79:
7a:63:48:4a:20:5b:1d:8c:02:b1:dd:a8:dc:5c:fc:
17:3a:e9:08:88:bc:3f:e4:8b:70:2a:b8:93:fd:96:
39:33:b5:25:d8:67:c5:18:51:ca:73:7f:17:be:56:
dd:e6:4a:20:e5:d8:75:e9:ad:0c:47:ae:43:45:de:
cb:6b:4f:b7:32:50:5e:72:27:66:bd:9d:6e:00:32:
25:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:0F:1C:21:3C:CF:94:51:0D:1E:0A:8B:AB:26:5E:2C:4B:D9:0C:09
X509v3 Authority Key Identifier:
keyid:4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/3w8cITzPlFENHgqLqyZeLEvZDAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:b9c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
06:05:77:40:86:06:78:c9:ae:98:64:2d:fb:1a:37:d3:92:fb:
42:a7:e3:46:1b:80:39:c5:23:c7:55:66:38:5b:3f:1b:b8:53:
99:50:e1:7d:23:75:0d:33:83:ed:c8:79:72:5a:b3:43:ad:a0:
7c:39:82:3e:9e:a6:1f:cc:a6:63:86:6d:c1:94:dc:cf:e7:94:
24:d8:d0:82:0a:6b:81:33:f6:8d:41:90:cf:38:da:89:20:15:
c8:6d:e4:f2:e7:49:e2:c3:91:ef:60:e2:36:4a:fb:8a:c0:7b:
8c:0a:7b:a1:1e:aa:7d:1c:b5:ef:27:98:fa:56:6f:af:42:d1:
2b:f4:19:f9:92:13:3c:95:bf:a5:21:4a:7f:38:68:39:5a:7f:
38:16:6a:16:99:56:b8:82:20:6a:d7:7a:c7:7f:75:80:3e:74:
18:d8:6c:d4:6d:cc:26:05:7f:24:b6:55:e9:28:3d:ba:e6:cd:
ae:2f:32:c3:55:df:46:fb:4d:a8:dd:1b:36:0a:58:73:ec:98:
0f:f9:2a:d7:f6:a6:54:47:8e:5d:74:4e:e5:c6:6a:89:50:45:
9a:a7:a4:53:71:4e:ea:81:c8:66:9e:b4:4c:28:51:a3:34:d0:
3c:5c:2d:66:71:97:aa:16:c6:c8:60:c1:3c:33:96:58:4c:aa:
a9:13:0c:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoI3jLY3Q4yA/k/Xv8aQpRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2Y0ZjhhYzhjYTczNDNlZDFiNGZmMTJjZTI3NjMxOGI2
OWQxMGUwHhcNMjUwMTAyMTc1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjBmMWMyMTNjY2Y5NDUxMGQxZTBhOGJhYjI2NWUyYzRiZDkwYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC6gIrXHVnAQRrY76pOgP2x2xez2
mumuK1ab1jHQdG1BRfh2L7/XCMFyBD+Y9dGEoZv13XlSy+z4r3YZR3g//vlOD2Ll
b7stKD0is9sSh8QYyHz8G63Eiw8nDBjPdBrxjxOJ6jWRsBww43jycjCPFqu6PrNJ
kW9a2oPcLhrGfdrwW17JPVw4l2fe6nVA8lh+4wU+ZvyEnvPUaILIKBqZaIlB6u0F
IQkp/5rVlQqyDml/qXl6Y0hKIFsdjAKx3ajcXPwXOukIiLw/5ItwKriT/ZY5M7Ul
2GfFGFHKc38Xvlbd5kog5dh16a0MR65DRd7La0+3MlBecidmvZ1uADIlAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN8PHCE8z5RRDR4Ki6smXixL2QwJMB8GA1UdIwQY
MBaAFEp/T4rIynND7RtP8SzidjGLadEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4Mzkt
OWVjN2FkZDBlYjY4LzEvM3c4Y0lUelBsRkVOSGdxTHF5WmVMRXZaREFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4MzktOWVjN2FkZDBlYjY4
LzEvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhC5wP//
MA0GCSqGSIb3DQEBCwUAA4IBAQAGBXdAhgZ4ya6YZC37GjfTkvtCp+NGG4A5xSPH
VWY4Wz8buFOZUOF9I3UNM4PtyHlyWrNDraB8OYI+nqYfzKZjhm3BlNzP55Qk2NCC
CmuBM/aNQZDPONqJIBXIbeTy50niw5HvYOI2SvuKwHuMCnuhHqp9HLXvJ5j6Vm+v
QtEr9Bn5khM8lb+lIUp/OGg5Wn84FmoWmVa4giBq13rHf3WAPnQY2GzUbcwmBX8k
tlXpKD265s2uLzLDVd9G+02o3Rs2Clhz7JgP+SrX9qZUR45ddE7lxmqJUEWap6RT
cU7qgchmnrRMKFGjNNA8XC1mcZeqFsbIYME8M5ZYTKqpEwzt
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:34 2025 by rpki-client