Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/a3niJhhhbHreFfGjbAmSk9tp5Hg.roa
File: a3niJhhhbHreFfGjbAmSk9tp5Hg.roa (raw, json)
Hash identifier: wXAg4R4zJfQXNfdkJ10FLKONCCcC29DIeDoj1USMCs0=
Subject key identifier: 6B:79:E2:26:18:61:6C:7A:DE:15:F1:A3:6C:09:92:93:DB:69:E4:78
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0194236A5504DCA58BFFB3A0E0183D95A6BC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/a3niJhhhbHreFfGjbAmSk9tp5Hg.roa
Signing time: Wed 01 Jan 2025 19:49:18 +0000
ROA not before: Wed 01 Jan 2025 19:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212177
IP address blocks: 128.0.117.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:55:04:dc:a5:8b:ff:b3:a0:e0:18:3d:95:a6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 19:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b79e22618616c7ade15f1a36c099293db69e478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:85:7d:42:1b:a3:a1:ac:67:88:64:f0:b2:
6b:19:b6:44:83:b8:85:75:9f:4f:05:66:cc:eb:8a:
ff:41:12:2c:97:f1:af:42:50:df:cf:b2:7c:0f:4e:
96:8f:87:44:6c:18:48:a3:da:1a:5e:e3:af:c3:e9:
7c:0b:75:45:4f:6a:4f:e2:f6:a1:57:c5:d5:9e:1e:
83:ee:6e:56:72:c8:1c:f3:fd:a1:1b:e6:be:07:ed:
cf:0b:a1:9e:d6:7c:ef:13:5a:8b:6c:15:f4:4a:0b:
dd:ac:c9:cf:1c:ae:0b:d8:54:64:04:db:dd:90:24:
d6:4b:63:99:7a:d4:f5:59:d9:77:72:e3:d8:2a:2f:
ea:a7:86:6b:5d:50:ca:80:0a:98:1f:cc:a9:ce:d9:
bd:44:06:40:6c:ec:95:b9:cb:bb:9d:7f:f0:5f:00:
cc:16:b6:ca:51:77:f5:60:20:c4:4b:77:67:c0:f3:
bb:13:96:90:7f:e5:1b:49:91:75:2f:3c:74:73:ee:
e8:6c:64:ed:6f:db:36:9a:cd:e4:f2:c7:7f:43:cd:
e0:e3:56:d3:be:98:bb:09:a5:4b:d6:fc:97:c3:5b:
06:f9:49:06:ab:7f:8f:f2:cc:34:43:fe:32:f6:cd:
d6:ed:2a:52:9f:fe:3e:6b:96:46:69:a1:ff:1c:80:
04:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:79:E2:26:18:61:6C:7A:DE:15:F1:A3:6C:09:92:93:DB:69:E4:78
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/a3niJhhhbHreFfGjbAmSk9tp5Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.117.0/24
Signature Algorithm: sha256WithRSAEncryption
74:8d:0b:d6:1d:5a:a0:8e:78:77:87:55:1b:72:c3:a6:d2:6e:
10:a0:fc:18:04:9b:59:73:47:38:6e:59:f4:41:97:8a:5d:c5:
cd:c5:c2:eb:a6:bc:57:cb:46:1c:44:e9:c0:76:68:ac:25:91:
80:92:f9:2a:0d:5b:d3:a5:22:02:bb:e7:4c:4f:8b:d1:c4:98:
92:7e:96:e8:f0:50:de:cf:80:5b:cf:3c:2b:33:eb:88:5c:d1:
54:42:6b:9e:15:ff:3d:0c:59:21:f1:3b:68:89:d6:b8:c3:7b:
2b:30:9e:0a:95:44:b0:4a:ae:55:01:59:4a:cd:7f:1f:c2:2f:
25:5f:3a:3d:22:88:ca:25:83:a2:ce:16:6e:10:e2:7a:80:3f:
7e:ff:6e:36:18:88:0b:76:2f:7a:a2:a1:18:2d:5d:41:f2:77:
79:07:ac:78:20:bf:ea:16:5b:f4:aa:c6:65:8e:89:20:e3:6b:
c4:40:cd:69:20:3e:47:02:a2:f0:c1:4c:ca:24:a5:0f:ad:b5:
1c:4a:48:9d:e1:5e:a1:4e:ac:b7:c1:07:8c:b0:62:d0:14:fc:
a0:2f:af:d8:ab:2a:3e:2e:9b:94:eb:2c:3e:1e:99:de:33:b3:
b8:94:a5:a1:9c:62:d2:ff:f1:f0:83:98:49:92:4e:b6:56:1a:
81:9e:eb:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjalUE3KWL/7Og4Bg9laa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwMTAxMTk0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjc5ZTIyNjE4NjE2YzdhZGUxNWYxYTM2YzA5OTI5M2RiNjllNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg+FfUIbo6GsZ4hk8LJrGbZEg7iF
dZ9PBWbM64r/QRIsl/GvQlDfz7J8D06Wj4dEbBhIo9oaXuOvw+l8C3VFT2pP4vah
V8XVnh6D7m5Wcsgc8/2hG+a+B+3PC6Ge1nzvE1qLbBX0SgvdrMnPHK4L2FRkBNvd
kCTWS2OZetT1Wdl3cuPYKi/qp4ZrXVDKgAqYH8ypztm9RAZAbOyVucu7nX/wXwDM
FrbKUXf1YCDES3dnwPO7E5aQf+UbSZF1Lzx0c+7obGTtb9s2ms3k8sd/Q83g41bT
vpi7CaVL1vyXw1sG+UkGq3+P8sw0Q/4y9s3W7SpSn/4+a5ZGaaH/HIAEuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGt54iYYYWx63hXxo2wJkpPbaeR4MB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvYTNuaUpoaGhiSHJlRmZHamJBbVNrOXRwNUhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgAB1MA0G
CSqGSIb3DQEBCwUAA4IBAQB0jQvWHVqgjnh3h1UbcsOm0m4QoPwYBJtZc0c4bln0
QZeKXcXNxcLrprxXy0YcROnAdmisJZGAkvkqDVvTpSICu+dMT4vRxJiSfpbo8FDe
z4BbzzwrM+uIXNFUQmueFf89DFkh8Ttoida4w3srMJ4KlUSwSq5VAVlKzX8fwi8l
Xzo9IojKJYOizhZuEOJ6gD9+/242GIgLdi96oqEYLV1B8nd5B6x4IL/qFlv0qsZl
jokg42vEQM1pID5HAqLwwUzKJKUPrbUcSkid4V6hTqy3wQeMsGLQFPygL6/Yqyo+
LpuU6yw+HpneM7O4lKWhnGLS//Hwg5hJkk62VhqBnusl
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:06:21 2025 by rpki-client