Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/4fc8oS9l6XipIztCEOKX5rStKEs.roa
File: 4fc8oS9l6XipIztCEOKX5rStKEs.roa (raw, json)
Hash identifier: QJlqsQqRFXjTlCtGRezlM1Uj5b/+zIGZvP1ClcUSG6U=
Subject key identifier: E1:F7:3C:A1:2F:65:E9:78:A9:23:3B:42:10:E2:97:E6:B4:AD:28:4B
Certificate issuer: /CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
Certificate serial: 01942143EA1B1D80A28D64C4B9807A0A2234
Authority key identifier: B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/4fc8oS9l6XipIztCEOKX5rStKEs.roa
Signing time: Wed 01 Jan 2025 09:48:06 +0000
ROA not before: Wed 01 Jan 2025 09:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a14:2ec0:62b4::/48 maxlen: 48
2a14:2ec0:854e::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ea:1b:1d:80:a2:8d:64:c4:b9:80:7a:0a:22:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b22640351ab21a0dc7aaa15fab5b110977714a3c
Validity
Not Before: Jan 1 09:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1f73ca12f65e978a9233b4210e297e6b4ad284b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a1:f1:cc:82:20:a3:54:c9:ca:8b:92:fd:3d:
68:02:45:49:dc:14:83:30:c9:ed:23:3d:5a:45:ce:
73:93:7e:69:bd:56:ac:32:bf:b4:87:a6:d9:f3:ed:
71:f6:bb:a4:6e:03:fe:3e:da:b2:21:65:24:ec:87:
de:62:09:37:2c:9d:6d:1d:68:26:a3:1e:0a:95:08:
fc:a8:e3:cc:40:4e:eb:57:58:b2:19:61:2b:b5:7d:
3d:d6:fa:36:79:77:95:c5:bd:6c:cb:da:ba:3e:07:
82:89:1c:ff:37:93:b3:59:b0:ad:e0:b2:cf:14:28:
67:47:0e:20:5d:71:e1:52:ca:71:f1:ae:56:7a:2f:
c2:93:6d:01:bf:a6:7d:d3:5e:52:10:c6:5f:59:ad:
da:0c:1f:f3:3a:a6:11:dc:35:15:ea:03:25:f0:86:
a4:37:1c:b6:60:39:d5:c2:01:1a:55:c1:c7:4f:17:
c4:03:ec:99:c8:f8:9a:1d:02:08:c3:69:be:3f:b2:
90:bb:fb:2a:f9:06:d5:40:b7:8e:93:1b:9d:4c:d0:
83:14:df:93:12:7c:e0:8b:bf:84:a2:aa:32:1e:bc:
ba:b3:b9:2b:41:9e:3b:7b:f4:0c:73:aa:44:59:6a:
bd:94:45:f1:bd:1c:03:d8:8c:08:89:07:ed:15:37:
8e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F7:3C:A1:2F:65:E9:78:A9:23:3B:42:10:E2:97:E6:B4:AD:28:4B
X509v3 Authority Key Identifier:
keyid:B2:26:40:35:1A:B2:1A:0D:C7:AA:A1:5F:AB:5B:11:09:77:71:4A:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siZANRqyGg3HqqFfq1sRCXdxSjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/4fc8oS9l6XipIztCEOKX5rStKEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e38ff0-469b-41e5-bbed-179e6e4290c0/1/siZANRqyGg3HqqFfq1sRCXdxSjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:2ec0:62b4::/48
2a14:2ec0:854e::/48
Signature Algorithm: sha256WithRSAEncryption
c1:d3:28:18:7e:b1:0e:35:c2:19:99:79:fa:90:35:f3:de:53:
50:12:ec:f0:e3:6f:e5:d1:0f:3f:a2:f5:a8:c7:8e:6a:60:c7:
13:11:96:6e:9d:5d:84:cb:32:a4:07:85:ce:75:a5:11:49:0e:
f1:fe:37:50:f9:03:33:75:3c:67:04:50:07:e2:a8:1c:03:c3:
ca:17:63:93:65:ca:aa:3b:d8:c6:5a:ed:86:eb:75:90:65:a9:
76:40:7d:99:20:d2:fc:7c:e8:e2:63:a6:03:fb:94:6a:ed:eb:
84:67:d8:45:22:9f:72:33:26:1d:09:3e:12:51:dc:17:0e:b4:
e6:81:36:c1:68:20:b3:09:80:d5:72:75:c5:c6:62:2a:32:70:
f6:69:35:ca:aa:2a:b6:4f:91:c0:ea:2a:ae:8a:e9:d0:8f:fb:
8c:37:29:67:fa:be:08:b0:d9:13:3c:01:9b:b1:b4:a7:05:c0:
23:45:51:f1:73:23:70:3d:b0:2a:f6:eb:35:6c:43:5b:d7:d2:
77:11:02:c3:65:9e:c4:7c:8f:29:4c:4c:14:29:7d:39:0c:ba:
63:21:11:b4:be:c7:9a:b1:bf:a6:72:33:80:4a:e8:d0:54:f0:
b1:3c:31:ca:ee:ed:20:0b:0b:a4:18:06:b5:45:bf:c7:dd:b5:
63:dd:d5:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ+obHYCijWTEuYB6CiI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjY0MDM1MWFiMjFhMGRjN2FhYTE1ZmFiNWIxMTA5Nzc3
MTRhM2MwHhcNMjUwMTAxMDk0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWY3M2NhMTJmNjVlOTc4YTkyMzNiNDIxMGUyOTdlNmI0YWQyODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KHxzIIgo1TJyouS/T1oAkVJ3BSD
MMntIz1aRc5zk35pvVasMr+0h6bZ8+1x9rukbgP+PtqyIWUk7IfeYgk3LJ1tHWgm
ox4KlQj8qOPMQE7rV1iyGWErtX091vo2eXeVxb1sy9q6PgeCiRz/N5OzWbCt4LLP
FChnRw4gXXHhUspx8a5Wei/Ck20Bv6Z9015SEMZfWa3aDB/zOqYR3DUV6gMl8Iak
Nxy2YDnVwgEaVcHHTxfEA+yZyPiaHQIIw2m+P7KQu/sq+QbVQLeOkxudTNCDFN+T
Enzgi7+EoqoyHry6s7krQZ47e/QMc6pEWWq9lEXxvRwD2IwIiQftFTeOCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOH3PKEvZel4qSM7QhDil+a0rShLMB8GA1UdIwQY
MBaAFLImQDUashoNx6qhX6tbEQl3cUo8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQt
MTc5ZTZlNDI5MGMwLzEvNGZjOG9TOWw2WGlwSXp0Q0VPS1g1clN0S0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lMzhmZjAtNDY5Yi00MWU1LWJiZWQtMTc5ZTZlNDI5MGMw
LzEvc2laQU5ScXlHZzNIcXFGZnExc1JDWGR4U2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhQuwGK0
AwcAKhQuwIVOMA0GCSqGSIb3DQEBCwUAA4IBAQDB0ygYfrEONcIZmXn6kDXz3lNQ
Euzw42/l0Q8/ovWox45qYMcTEZZunV2EyzKkB4XOdaURSQ7x/jdQ+QMzdTxnBFAH
4qgcA8PKF2OTZcqqO9jGWu2G63WQZal2QH2ZINL8fOjiY6YD+5Rq7euEZ9hFIp9y
MyYdCT4SUdwXDrTmgTbBaCCzCYDVcnXFxmIqMnD2aTXKqiq2T5HA6iquiunQj/uM
Nyln+r4IsNkTPAGbsbSnBcAjRVHxcyNwPbAq9us1bENb19J3EQLDZZ7EfI8pTEwU
KX05DLpjIRG0vseasb+mcjOASujQVPCxPDHK7u0gCwukGAa1Rb/H3bVj3dWt
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:45:25 2025 by rpki-client