Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/e3hNMZozjl2a8wTj5jqUKt2netU.roa
File: e3hNMZozjl2a8wTj5jqUKt2netU.roa (raw, json)
Hash identifier: z65fVe11ggvNgyomVpHPZ3mT5uEYvV6n9cNO6WIVkOQ=
Subject key identifier: 7B:78:4D:31:9A:33:8E:5D:9A:F3:04:E3:E6:3A:94:2A:DD:A7:7A:D5
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 019426D94F96B867D50E1AC0633CF53FC878
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/e3hNMZozjl2a8wTj5jqUKt2netU.roa
Signing time: Thu 02 Jan 2025 11:49:23 +0000
ROA not before: Thu 02 Jan 2025 11:49:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201848
IP address blocks: 2a04:ac00:1::/48 maxlen: 48
2a04:ac00:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:4f:96:b8:67:d5:0e:1a:c0:63:3c:f5:3f:c8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 11:49:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b784d319a338e5d9af304e3e63a942adda77ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6f:46:b5:56:9b:07:9c:2b:ae:86:5d:d3:e2:
13:d7:41:fd:25:3d:9d:d4:aa:69:bc:43:1d:08:33:
ac:ba:e7:1a:48:a5:9f:33:60:cc:1e:49:ae:06:de:
a2:e1:be:e7:9d:1c:2c:8f:ac:ed:99:09:31:8e:8b:
d6:fc:56:3a:4b:2f:04:44:26:f4:58:9e:9f:56:cb:
be:ab:c8:0b:6d:c1:d8:15:6f:88:db:c1:78:17:6f:
b3:4b:cb:11:82:46:38:a0:81:09:dc:f6:cc:94:25:
02:bf:8d:ce:dd:34:c3:d6:2f:29:21:86:f8:83:35:
39:8c:7e:04:64:b3:44:7e:21:cb:75:b5:0b:be:71:
41:33:55:6d:26:86:b4:f9:6e:23:c5:d7:72:57:4a:
0a:6a:21:26:b8:c4:0c:94:20:66:1a:2e:e1:b9:cd:
86:75:d8:bc:79:48:da:de:1b:6f:a0:12:51:6a:df:
ae:21:41:4a:2d:1e:3b:8b:86:52:22:c8:7d:4f:77:
76:a6:e3:93:4f:2d:c5:c5:f6:85:aa:48:92:cb:15:
bf:89:ac:4b:fc:6a:a3:cc:a1:38:3d:a7:6b:1c:67:
00:65:e8:11:af:7b:4d:5e:62:51:3c:cd:77:b0:62:
6c:2c:f7:9f:e5:38:97:e3:00:1d:c4:51:77:7e:ae:
58:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:78:4D:31:9A:33:8E:5D:9A:F3:04:E3:E6:3A:94:2A:DD:A7:7A:D5
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/e3hNMZozjl2a8wTj5jqUKt2netU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ac00:1::/48
2a04:ac00:4::/48
Signature Algorithm: sha256WithRSAEncryption
44:1a:a0:22:11:5e:4e:d3:09:93:d3:57:3a:43:f8:51:45:00:
31:8a:97:dd:52:aa:ff:dc:5f:ef:bc:3a:b6:ac:8f:0a:10:93:
d5:76:80:fe:51:15:d0:4a:84:07:75:84:58:02:8e:ad:73:37:
93:b7:9e:03:b2:f7:a7:f4:3e:0c:30:b0:19:14:e1:9c:27:f9:
a6:7a:1c:3c:75:0c:ad:41:62:35:71:ea:be:dc:36:bb:31:09:
3e:bb:0c:10:1c:da:2b:65:65:d2:19:00:fe:79:05:9a:60:ce:
37:cc:bb:fb:00:f4:0e:e8:f5:68:96:d9:4c:bc:21:0f:9e:c3:
c8:1a:b7:27:6f:d5:2e:38:81:12:7c:bd:e5:77:77:14:73:f7:
d8:db:a1:7e:0e:56:bd:80:3d:fb:3d:d8:f1:9b:5e:8d:ee:79:
ce:25:ad:ea:d8:b1:73:66:aa:2e:06:c1:6e:3d:51:e8:57:26:
58:19:58:2a:1a:1e:10:e0:e7:4a:e9:24:e1:07:2b:fd:b8:48:
a1:27:65:88:f3:43:6c:a4:d7:6e:13:07:03:00:58:f7:e0:ab:
f6:d9:16:92:a6:ef:d5:ad:6b:51:ef:a5:4a:08:ad:ae:3e:82:
80:e3:f1:c0:9b:80:e9:b0:83:91:c8:57:d8:8d:ba:d2:52:c4:
2c:5a:45:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQm2U+WuGfVDhrAYzz1P8h4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjUwMTAyMTE0OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yjc4NGQzMTlhMzM4ZTVkOWFmMzA0ZTNlNjNhOTQyYWRkYTc3YWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW9GtVabB5wrroZd0+IT10H9JT2d
1KppvEMdCDOsuucaSKWfM2DMHkmuBt6i4b7nnRwsj6ztmQkxjovW/FY6Sy8ERCb0
WJ6fVsu+q8gLbcHYFW+I28F4F2+zS8sRgkY4oIEJ3PbMlCUCv43O3TTD1i8pIYb4
gzU5jH4EZLNEfiHLdbULvnFBM1VtJoa0+W4jxddyV0oKaiEmuMQMlCBmGi7huc2G
ddi8eUja3htvoBJRat+uIUFKLR47i4ZSIsh9T3d2puOTTy3FxfaFqkiSyxW/iaxL
/GqjzKE4PadrHGcAZegRr3tNXmJRPM13sGJsLPef5TiX4wAdxFF3fq5YWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHt4TTGaM45dmvME4+Y6lCrdp3rVMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvZTNoTk1ab3pqbDJhOHdUajVqcVVLdDJuZXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgSsAAAB
AwcAKgSsAAAEMA0GCSqGSIb3DQEBCwUAA4IBAQBEGqAiEV5O0wmT01c6Q/hRRQAx
ipfdUqr/3F/vvDq2rI8KEJPVdoD+URXQSoQHdYRYAo6tczeTt54Dsven9D4MMLAZ
FOGcJ/mmehw8dQytQWI1ceq+3Da7MQk+uwwQHNorZWXSGQD+eQWaYM43zLv7APQO
6PVoltlMvCEPnsPIGrcnb9UuOIESfL3ld3cUc/fY26F+Dla9gD37Pdjxm16N7nnO
Ja3q2LFzZqouBsFuPVHoVyZYGVgqGh4Q4OdK6SThByv9uEihJ2WI80NspNduEwcD
AFj34Kv22RaSpu/VrWtR76VKCK2uPoKA4/HAm4DpsIORyFfYjbrSUsQsWkUd
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:27 2025 by rpki-client