Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/eqgEDjpvp3clW9TUgWwPbvxE3Gs.roa
File: eqgEDjpvp3clW9TUgWwPbvxE3Gs.roa (raw, json)
Hash identifier: 44yCcgAa8KsuyOOmtWYdBO6/6lRci9Vlwx3wKAXTHVk=
Subject key identifier: 7A:A8:04:0E:3A:6F:A7:77:25:5B:D4:D4:81:6C:0F:6E:FC:44:DC:6B
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D75CFA017210EA829780B915E3041E
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/eqgEDjpvp3clW9TUgWwPbvxE3Gs.roa
Signing time: Wed 01 Jan 2025 21:48:24 +0000
ROA not before: Wed 01 Jan 2025 21:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a09:e1c1:f000::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:5c:fa:01:72:10:ea:82:97:80:b9:15:e3:04:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7aa8040e3a6fa777255bd4d4816c0f6efc44dc6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:45:c8:f7:a5:c8:91:bc:47:6e:1a:56:f1:09:
90:10:5f:fc:e6:07:32:88:56:bd:98:c9:0b:f8:fa:
f8:54:22:28:1c:8f:49:d6:5c:ee:3d:a0:c3:d9:50:
c7:93:44:4a:60:11:ba:fa:6e:b9:0e:84:80:de:4d:
10:00:57:d1:1b:27:d2:2c:b6:c3:d2:ec:a2:2b:1a:
ac:1b:a8:5d:73:06:7f:e4:ba:6f:97:70:71:7e:44:
10:39:83:97:00:91:84:38:46:30:64:ed:8f:50:c9:
80:27:48:8f:c2:5f:38:d4:2c:2a:0c:ed:1f:f1:8e:
0a:b7:33:16:7b:a6:bb:d4:e5:43:78:e1:fe:42:be:
d2:b0:d6:92:e3:8a:2a:1e:a5:9d:0e:60:d1:0a:6b:
0b:4f:67:26:5a:38:a5:af:7b:27:ed:8f:1f:81:a5:
e0:e4:e4:b3:4b:2c:68:f3:27:4d:83:ea:12:3a:22:
d4:05:34:11:42:14:c7:10:26:ca:1f:0e:c9:e0:5b:
09:21:c2:7e:29:f9:57:f8:ec:b2:5c:aa:bc:dd:e8:
28:10:77:22:2a:a1:b2:e7:f7:38:ce:1e:94:00:c7:
3b:62:c4:e9:70:3d:50:33:9c:12:cf:18:59:2c:a2:
46:8f:b2:c3:ad:83:b8:02:35:5c:91:71:19:7b:15:
a4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A8:04:0E:3A:6F:A7:77:25:5B:D4:D4:81:6C:0F:6E:FC:44:DC:6B
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/eqgEDjpvp3clW9TUgWwPbvxE3Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e1c1:f000::/44
Signature Algorithm: sha256WithRSAEncryption
22:20:a4:29:fb:82:81:85:7a:5e:dc:b9:50:4b:7b:1b:d5:8e:
00:b4:00:1b:ed:06:d1:50:c5:c2:99:57:0c:1b:f2:79:88:1f:
51:a3:89:c9:77:83:45:af:08:2c:0f:d4:fa:ae:cc:f4:8e:a2:
90:18:3b:07:86:96:4a:0b:fc:73:92:74:82:10:da:4c:2f:2d:
55:00:99:fd:4d:4d:0c:74:8b:89:9b:82:38:64:65:87:a3:89:
5d:ef:cb:33:69:a8:ac:1a:78:f7:23:9c:48:04:da:52:1a:ce:
68:0f:06:af:8e:71:24:5b:9c:ab:2c:02:00:92:ef:29:57:90:
8e:f1:8e:9c:12:a1:86:4b:24:60:2e:2f:5d:ed:8a:48:9a:bb:
62:d5:10:4b:47:56:d7:14:b4:7a:30:22:22:3d:8c:1b:08:1c:
0c:15:0d:45:eb:04:b5:1e:83:2c:ea:d1:65:ff:2d:b1:2c:42:
32:63:4c:b4:d5:c2:96:a0:87:2d:8e:03:83:00:9d:f7:b9:82:
f0:ad:09:0c:40:87:0d:31:fe:57:b8:74:b1:0f:90:b2:d4:ff:
43:5f:62:6c:56:d5:c0:bf:db:f6:54:44:90:f3:c4:84:8d:10:
5a:3b:c3:d8:e4:29:5f:ae:56:65:b1:bd:c1:61:1c:63:f1:5a:
58:3e:82:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj11z6AXIQ6oKXgLkV4wQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWE4MDQwZTNhNmZhNzc3MjU1YmQ0ZDQ4MTZjMGY2ZWZjNDRkYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EXI96XIkbxHbhpW8QmQEF/85gcy
iFa9mMkL+Pr4VCIoHI9J1lzuPaDD2VDHk0RKYBG6+m65DoSA3k0QAFfRGyfSLLbD
0uyiKxqsG6hdcwZ/5Lpvl3BxfkQQOYOXAJGEOEYwZO2PUMmAJ0iPwl841CwqDO0f
8Y4KtzMWe6a71OVDeOH+Qr7SsNaS44oqHqWdDmDRCmsLT2cmWjilr3sn7Y8fgaXg
5OSzSyxo8ydNg+oSOiLUBTQRQhTHECbKHw7J4FsJIcJ+KflX+OyyXKq83egoEHci
KqGy5/c4zh6UAMc7YsTpcD1QM5wSzxhZLKJGj7LDrYO4AjVckXEZexWkXQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHqoBA46b6d3JVvU1IFsD278RNxrMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvZXFnRURqcHZwM2NsVzlUVWdXd1BidnhFM0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgnhwfAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAiIKQp+4KBhXpe3LlQS3sb1Y4AtAAb7QbRUMXC
mVcMG/J5iB9Ro4nJd4NFrwgsD9T6rsz0jqKQGDsHhpZKC/xzknSCENpMLy1VAJn9
TU0MdIuJm4I4ZGWHo4ld78szaaisGnj3I5xIBNpSGs5oDwavjnEkW5yrLAIAku8p
V5CO8Y6cEqGGSyRgLi9d7YpImrti1RBLR1bXFLR6MCIiPYwbCBwMFQ1F6wS1HoMs
6tFl/y2xLEIyY0y01cKWoIctjgODAJ33uYLwrQkMQIcNMf5XuHSxD5Cy1P9DX2Js
VtXAv9v2VESQ88SEjRBaO8PY5ClfrlZlsb3BYRxj8VpYPoIE
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:34:45 2025 by rpki-client