Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/72MXyacTS0KtDpuANaheHhEI1AI.roa
File: 72MXyacTS0KtDpuANaheHhEI1AI.roa (raw, json)
Hash identifier: Q7ai7Um+aH+RTkwIG88T7cCbD3OURNh3G/4vvvdbzT0=
Subject key identifier: EF:63:17:C9:A7:13:4B:42:AD:0E:9B:80:35:A8:5E:1E:11:08:D4:02
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDB9EA3237C53336A0F2E76E5EB203
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/72MXyacTS0KtDpuANaheHhEI1AI.roa
Signing time: Thu 02 Jan 2025 07:49:32 +0000
ROA not before: Thu 02 Jan 2025 07:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21286
IP address blocks: 2a07:3502:1120::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b9:ea:32:37:c5:33:36:a0:f2:e7:6e:5e:b2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef6317c9a7134b42ad0e9b8035a85e1e1108d402
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a1:23:fe:a0:d9:b1:53:96:dd:0e:a9:30:db:
eb:6e:94:66:41:74:d8:ba:bb:ff:37:9c:56:53:69:
37:74:bf:ff:b6:f3:54:de:15:b5:c6:05:cf:dc:be:
8d:0a:2b:3f:d1:a5:97:4e:6e:93:61:11:e2:4a:3a:
14:6e:97:c9:84:39:d6:58:08:cf:0d:fc:e8:f0:50:
4f:56:49:a5:4b:d4:71:bd:92:c1:67:48:91:88:9a:
9b:c1:83:6d:0e:48:f2:6b:ed:ec:0f:e3:d0:e2:0a:
20:9a:4f:65:76:c8:48:02:50:43:94:6e:c6:a1:f0:
54:38:f8:ec:ec:cb:3e:bd:54:50:b5:2e:48:4a:31:
e9:19:9e:77:57:1a:73:80:e9:de:86:68:ff:d2:50:
f7:70:b2:4d:ef:6e:ac:54:8a:6d:c5:70:4a:78:ea:
a5:94:27:7c:58:36:8b:f1:59:78:ad:f5:3e:e1:c0:
92:03:d9:fc:72:73:b8:40:32:2a:f5:2a:b8:00:33:
4e:ed:da:e0:b2:49:e8:a8:42:b1:e0:9c:0b:33:f4:
56:2e:2c:ae:60:fa:1c:54:49:81:bf:d6:88:a5:ec:
b5:e3:18:8b:62:99:31:4d:b9:e7:d9:de:05:d7:9e:
5b:89:e5:9c:ef:b4:f1:d0:5a:ab:c2:de:7b:f4:75:
06:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:63:17:C9:A7:13:4B:42:AD:0E:9B:80:35:A8:5E:1E:11:08:D4:02
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/72MXyacTS0KtDpuANaheHhEI1AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3502:1120::/48
Signature Algorithm: sha256WithRSAEncryption
84:8c:d2:3b:9f:2b:70:a2:6f:de:cf:e2:ae:30:b3:8a:8d:f3:
fc:21:18:85:ce:83:27:a7:e3:93:b6:53:9d:bd:99:94:3e:90:
6f:1e:99:c9:96:c6:7d:14:e4:61:d7:40:d2:7f:75:33:3f:71:
73:4f:9b:5c:00:72:15:c1:2c:3b:e2:5f:0d:38:69:77:2e:2d:
81:c0:f4:b0:9c:cd:63:7d:41:23:42:24:a0:ac:8b:82:64:d9:
ad:a0:86:c2:bc:b0:f8:99:f0:db:a8:d4:73:cb:d5:7f:22:8f:
59:0b:c2:d3:3d:23:9f:b4:bb:84:e0:9d:96:e8:75:a1:03:40:
c5:1a:6b:09:3b:b6:88:3d:d0:9d:69:1c:96:62:bd:4e:68:5c:
b0:03:84:f5:a3:0f:36:9d:83:8d:cc:c8:05:36:c5:b5:3c:9e:
c3:7d:76:9e:46:29:76:16:41:00:c0:b9:86:ce:f9:fd:b3:83:
e9:1b:ef:0a:b8:f8:82:7a:64:4a:7d:89:33:a5:dc:17:c5:8c:
4a:2c:56:b8:3d:91:27:76:63:f2:5c:7c:13:1b:6f:4e:b3:d6:
46:f9:f2:25:72:54:6d:92:ce:ab:45:51:0e:d5:5c:68:a9:6c:
40:d8:27:08:65:e5:e5:ef:17:85:83:c7:6b:6f:d5:de:79:9e:
1d:18:fe:b6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/bnqMjfFMzag8uduXrIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYzMTdjOWE3MTM0YjQyYWQwZTliODAzNWE4NWUxZTExMDhkNDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KEj/qDZsVOW3Q6pMNvrbpRmQXTY
urv/N5xWU2k3dL//tvNU3hW1xgXP3L6NCis/0aWXTm6TYRHiSjoUbpfJhDnWWAjP
Dfzo8FBPVkmlS9RxvZLBZ0iRiJqbwYNtDkjya+3sD+PQ4gogmk9ldshIAlBDlG7G
ofBUOPjs7Ms+vVRQtS5ISjHpGZ53VxpzgOnehmj/0lD3cLJN726sVIptxXBKeOql
lCd8WDaL8Vl4rfU+4cCSA9n8cnO4QDIq9Sq4ADNO7drgsknoqEKx4JwLM/RWLiyu
YPocVEmBv9aIpey14xiLYpkxTbnn2d4F155bieWc77Tx0Fqrwt579HUGHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO9jF8mnE0tCrQ6bgDWoXh4RCNQCMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvNzJNWHlhY1RTMEt0RHB1QU5haGVIaEVJMUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgc1AhEg
MA0GCSqGSIb3DQEBCwUAA4IBAQCEjNI7nytwom/ez+KuMLOKjfP8IRiFzoMnp+OT
tlOdvZmUPpBvHpnJlsZ9FORh10DSf3UzP3FzT5tcAHIVwSw74l8NOGl3Li2BwPSw
nM1jfUEjQiSgrIuCZNmtoIbCvLD4mfDbqNRzy9V/Io9ZC8LTPSOftLuE4J2W6HWh
A0DFGmsJO7aIPdCdaRyWYr1OaFywA4T1ow82nYONzMgFNsW1PJ7DfXaeRil2FkEA
wLmGzvn9s4PpG+8KuPiCemRKfYkzpdwXxYxKLFa4PZEndmPyXHwTG29Os9ZG+fIl
clRtks6rRVEO1VxoqWxA2CcIZeXl7xeFg8drb9XeeZ4dGP62
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:41 2025 by rpki-client