Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/AWzKvVBumPuAv-ix9WEGZW27uLc.roa
File: AWzKvVBumPuAv-ix9WEGZW27uLc.roa (raw, json)
Hash identifier: DAiyzPE0kSu04Hsgva4YCQLrUYc+yqLAnbyuT7wymo0=
Subject key identifier: 01:6C:CA:BD:50:6E:98:FB:80:BF:E8:B1:F5:61:06:65:6D:BB:B8:B7
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D7666E5D3A11C29A07FB7FC0DBC32A
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/AWzKvVBumPuAv-ix9WEGZW27uLc.roa
Signing time: Wed 01 Jan 2025 21:48:26 +0000
ROA not before: Wed 01 Jan 2025 21:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197071
IP address blocks: 2a00:f826:4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:66:6e:5d:3a:11:c2:9a:07:fb:7f:c0:db:c3:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=016ccabd506e98fb80bfe8b1f56106656dbbb8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:86:70:2c:95:1a:23:fa:62:0f:00:38:a7:c9:
38:89:9f:40:b7:c0:47:c9:56:f4:e7:2c:57:94:c3:
bb:59:66:76:30:dc:7c:e3:a1:78:9f:74:70:41:c2:
31:1a:6a:2a:03:9b:bb:3a:22:47:57:11:8e:be:0f:
5e:37:c3:33:e0:4b:04:24:36:d2:0b:7a:02:6c:ca:
01:8d:23:7c:84:56:bb:a7:ea:6a:58:58:1c:91:a6:
22:8b:6e:f5:87:34:c0:96:6f:52:6e:be:b9:a4:14:
89:da:e7:a4:f3:86:67:fe:16:42:a5:f6:c8:79:e3:
d3:97:cf:03:59:af:16:5e:95:f7:01:32:8d:0f:5e:
3a:08:80:b2:a3:41:53:bb:68:70:0b:41:5a:e6:d4:
37:4c:00:ad:45:e6:86:9a:06:fa:62:f8:f8:b7:a1:
e6:bc:95:56:59:61:e4:ad:d7:54:c5:44:85:4f:00:
89:f0:09:02:f7:2e:81:24:90:1e:dd:b5:71:3e:09:
bd:e6:c3:87:07:bf:e9:0c:15:9b:78:1f:4a:0f:f0:
dd:a2:35:19:a7:38:35:c0:10:c5:9e:a1:02:25:12:
4d:54:5a:b6:39:4f:c4:df:ad:9a:e0:6d:d6:07:de:
b3:94:2e:51:a3:be:67:9f:aa:ab:bf:7e:10:9c:97:
8a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6C:CA:BD:50:6E:98:FB:80:BF:E8:B1:F5:61:06:65:6D:BB:B8:B7
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/AWzKvVBumPuAv-ix9WEGZW27uLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f826:4::/48
Signature Algorithm: sha256WithRSAEncryption
04:27:31:42:02:21:78:bb:96:79:fa:e3:e1:1a:5c:4e:62:bb:
bd:ce:26:2f:1c:e3:85:17:fc:60:70:1e:ea:44:45:c3:ed:36:
19:0f:40:d6:83:08:ca:a0:19:cc:a8:31:72:15:7a:43:8a:96:
7f:29:45:c7:62:87:93:8d:d1:b5:96:a6:c3:3a:0f:57:96:cf:
94:31:1f:74:d3:38:58:fa:4a:ba:a9:56:18:c8:08:30:4e:62:
96:b0:b2:ce:e7:32:a2:fc:d7:a4:84:ea:b8:55:6b:75:c8:9d:
12:39:f7:0f:d0:36:3a:41:f4:93:e2:69:a5:a5:2f:31:31:c5:
88:68:cd:02:ab:11:dd:5d:2e:05:94:42:f8:18:f7:34:b8:4a:
48:4d:ee:1f:0c:91:ba:a6:5b:ab:2a:86:9d:e4:de:4a:05:e3:
8a:b8:3f:68:2d:22:0c:5e:48:5a:4e:53:4d:6b:d6:b7:c2:75:
a6:e1:3f:1a:a6:96:12:61:29:74:90:94:4a:8c:71:08:85:ec:
b9:6b:7c:ac:e6:40:d3:db:23:0a:63:c2:d7:70:5d:6c:7f:5e:
92:9a:f2:b6:e9:8d:39:dd:49:e0:76:95:76:b9:49:55:31:66:
ed:2b:92:e9:29:9c:24:48:e6:b5:3b:30:e7:56:b1:16:9c:7c:
1f:0d:31:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj12ZuXToRwpoH+3/A28MqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTZjY2FiZDUwNmU5OGZiODBiZmU4YjFmNTYxMDY2NTZkYmJiOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIZwLJUaI/piDwA4p8k4iZ9At8BH
yVb05yxXlMO7WWZ2MNx846F4n3RwQcIxGmoqA5u7OiJHVxGOvg9eN8Mz4EsEJDbS
C3oCbMoBjSN8hFa7p+pqWFgckaYii271hzTAlm9Sbr65pBSJ2uek84Zn/hZCpfbI
eePTl88DWa8WXpX3ATKND146CICyo0FTu2hwC0Fa5tQ3TACtReaGmgb6Yvj4t6Hm
vJVWWWHkrddUxUSFTwCJ8AkC9y6BJJAe3bVxPgm95sOHB7/pDBWbeB9KD/DdojUZ
pzg1wBDFnqECJRJNVFq2OU/E362a4G3WB96zlC5Ro75nn6qrv34QnJeKdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAFsyr1Qbpj7gL/osfVhBmVtu7i3MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvQVd6S3ZWQnVtUHVBdi1peDlXRUdaVzI3dUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD4JgAE
MA0GCSqGSIb3DQEBCwUAA4IBAQAEJzFCAiF4u5Z5+uPhGlxOYru9ziYvHOOFF/xg
cB7qREXD7TYZD0DWgwjKoBnMqDFyFXpDipZ/KUXHYoeTjdG1lqbDOg9Xls+UMR90
0zhY+kq6qVYYyAgwTmKWsLLO5zKi/NekhOq4VWt1yJ0SOfcP0DY6QfST4mmlpS8x
McWIaM0CqxHdXS4FlEL4GPc0uEpITe4fDJG6plurKoad5N5KBeOKuD9oLSIMXkha
TlNNa9a3wnWm4T8appYSYSl0kJRKjHEIhey5a3ys5kDT2yMKY8LXcF1sf16SmvK2
6Y053UngdpV2uUlVMWbtK5LpKZwkSOa1OzDnVrEWnHwfDTGa
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:24 2025 by rpki-client