Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/4FoOABlmyVzvFDHm0mIgYgvjDGA.roa
File: 4FoOABlmyVzvFDHm0mIgYgvjDGA.roa (raw, json)
Hash identifier: Qa6B1g8Nx1iI+g1796YFvO+DdXSNRNSwQ4bHBO8a2Lc=
Subject key identifier: E0:5A:0E:00:19:66:C9:5C:EF:14:31:E6:D2:62:20:62:0B:E3:0C:60
Certificate issuer: /CN=07f0ba59b1c76cf20dc4382e5a2854d7142c26ba
Certificate serial: 0195683C9D845FFD01540F5BC6E10D06A7FA
Authority key identifier: 07:F0:BA:59:B1:C7:6C:F2:0D:C4:38:2E:5A:28:54:D7:14:2C:26:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_C6WbHHbPINxDguWihU1xQsJro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/4FoOABlmyVzvFDHm0mIgYgvjDGA.roa
Signing time: Wed 05 Mar 2025 21:35:57 +0000
ROA not before: Wed 05 Mar 2025 21:35:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58057
IP address blocks: 2a14:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:3c:9d:84:5f:fd:01:54:0f:5b:c6:e1:0d:06:a7:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07f0ba59b1c76cf20dc4382e5a2854d7142c26ba
Validity
Not Before: Mar 5 21:35:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e05a0e001966c95cef1431e6d26220620be30c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5f:25:ed:d3:51:7e:17:68:47:69:87:e5:2c:
7b:0f:c2:fe:f1:88:0d:d4:e3:70:1f:bf:7a:16:7f:
54:61:53:7e:31:a0:c7:08:e2:dc:9a:7d:bb:c8:4b:
c3:9a:c0:65:b3:e7:a6:89:3b:62:27:0d:d3:1b:59:
21:46:c2:10:7b:ac:49:02:7d:23:00:f1:d2:29:3b:
fd:58:0b:65:a8:87:27:a8:13:7c:18:06:dc:37:74:
5c:c3:47:c9:9e:83:f9:ae:3b:b2:b8:d0:16:a0:60:
1c:a3:2b:fd:b2:e3:59:db:c3:01:3f:37:fd:e7:6f:
7d:1f:07:56:47:ee:08:2a:9c:c6:fa:8d:5f:46:90:
f4:2c:f6:76:94:dd:e8:eb:be:0f:fe:b4:9e:d6:f9:
51:b2:a4:73:f4:75:29:06:69:51:98:c2:d9:dd:59:
50:25:63:a5:27:9b:3e:b0:c5:81:d6:ae:cc:d0:32:
f9:b1:e3:e9:45:cb:6a:53:ad:ae:e2:82:be:8f:00:
d6:b6:ba:6b:2f:43:bd:dd:e9:ad:33:d6:a7:ed:52:
aa:19:95:2b:43:d2:81:9e:38:3f:47:d5:03:e8:b7:
b6:b0:e1:aa:cb:65:f1:8a:37:db:26:c4:aa:8b:5f:
e3:96:e7:e7:c9:d0:94:09:6e:b6:a0:65:fb:04:d1:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:5A:0E:00:19:66:C9:5C:EF:14:31:E6:D2:62:20:62:0B:E3:0C:60
X509v3 Authority Key Identifier:
keyid:07:F0:BA:59:B1:C7:6C:F2:0D:C4:38:2E:5A:28:54:D7:14:2C:26:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_C6WbHHbPINxDguWihU1xQsJro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/4FoOABlmyVzvFDHm0mIgYgvjDGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/296a78-01e2-496d-ba59-2200b3cc57e6/1/B_C6WbHHbPINxDguWihU1xQsJro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1::/48
Signature Algorithm: sha256WithRSAEncryption
92:c5:9c:c3:89:74:08:4f:06:12:0b:76:10:64:69:b3:3e:cc:
af:f8:56:92:13:37:c0:17:d0:3a:ca:eb:4a:23:bd:50:f1:3b:
74:3e:e3:32:62:48:65:c6:b6:91:ac:47:21:19:fd:9d:4f:f2:
d6:53:18:b4:d0:36:64:66:ee:ff:7e:7d:8b:48:e6:5b:05:9b:
71:da:50:18:3c:d8:78:42:43:21:69:25:30:81:a4:ef:83:f6:
6f:77:7e:98:59:d4:80:77:75:7c:26:9a:d3:ae:07:15:e7:71:
c0:4e:32:df:11:de:9e:7a:cf:72:0b:b6:e7:9b:26:3f:df:8c:
e5:57:bc:4e:0f:c7:cb:62:af:07:6f:33:51:d2:ff:a5:70:0f:
c9:be:af:6e:37:9b:ca:34:06:3c:e7:23:49:b4:63:fe:7e:2a:
8d:0a:0d:c7:3b:a4:44:29:56:1e:d5:87:a0:dd:c9:d2:42:09:
8c:d8:ba:49:1e:40:82:3f:32:f7:57:37:a9:97:6d:33:ee:d8:
71:dd:19:b7:3b:91:57:33:7b:35:9a:8d:a6:29:f9:eb:c0:9c:
e9:6c:20:20:32:b1:bf:b3:f9:54:da:46:28:3d:47:68:23:2d:
14:29:61:59:00:7b:fd:f6:42:a9:67:de:aa:fe:68:54:e9:b7:
ee:fd:09:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZVoPJ2EX/0BVA9bxuENBqf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZjBiYTU5YjFjNzZjZjIwZGM0MzgyZTVhMjg1NGQ3MTQy
YzI2YmEwHhcNMjUwMzA1MjEzNTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDVhMGUwMDE5NjZjOTVjZWYxNDMxZTZkMjYyMjA2MjBiZTMwYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp18l7dNRfhdoR2mH5Sx7D8L+8YgN
1ONwH796Fn9UYVN+MaDHCOLcmn27yEvDmsBls+emiTtiJw3TG1khRsIQe6xJAn0j
APHSKTv9WAtlqIcnqBN8GAbcN3Rcw0fJnoP5rjuyuNAWoGAcoyv9suNZ28MBPzf9
5299HwdWR+4IKpzG+o1fRpD0LPZ2lN3o674P/rSe1vlRsqRz9HUpBmlRmMLZ3VlQ
JWOlJ5s+sMWB1q7M0DL5sePpRctqU62u4oK+jwDWtrprL0O93emtM9an7VKqGZUr
Q9KBnjg/R9UD6Le2sOGqy2XxijfbJsSqi1/jlufnydCUCW62oGX7BNEBgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOBaDgAZZslc7xQx5tJiIGIL4wxgMB8GA1UdIwQY
MBaAFAfwulmxx2zyDcQ4LlooVNcULCa6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9DNldiSEhiUElOeERndVdpaFUxeFFzSnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yOTZhNzgtMDFlMi00OTZkLWJhNTkt
MjIwMGIzY2M1N2U2LzEvNEZvT0FCbG15Vnp2RkRIbTBtSWdZZ3ZqREdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yOTZhNzgtMDFlMi00OTZkLWJhNTktMjIwMGIzY2M1N2U2
LzEvQl9DNldiSEhiUElOeERndVdpaFUxeFFzSnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhQAAQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCSxZzDiXQITwYSC3YQZGmzPsyv+FaSEzfAF9A6
yutKI71Q8Tt0PuMyYkhlxraRrEchGf2dT/LWUxi00DZkZu7/fn2LSOZbBZtx2lAY
PNh4QkMhaSUwgaTvg/Zvd36YWdSAd3V8JprTrgcV53HATjLfEd6ees9yC7bnmyY/
34zlV7xOD8fLYq8HbzNR0v+lcA/Jvq9uN5vKNAY85yNJtGP+fiqNCg3HO6REKVYe
1Yeg3cnSQgmM2LpJHkCCPzL3Vzepl20z7thx3Rm3O5FXM3s1mo2mKfnrwJzpbCAg
MrG/s/lU2kYoPUdoIy0UKWFZAHv99kKpZ96q/mhU6bfu/Qkk
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:46:38 2025 by rpki-client