Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/4boeBlk7o1BaTuZdEOVxwc-y71c.roa
File: 4boeBlk7o1BaTuZdEOVxwc-y71c.roa (raw, json)
Hash identifier: RGuBRtk99FPER/w90B0w3hwMlxFq4HdA7ruV2FfydxY=
Subject key identifier: E1:BA:1E:06:59:3B:A3:50:5A:4E:E6:5D:10:E5:71:C1:CF:B2:EF:57
Certificate issuer: /CN=3f34d48d841a52a4227d49fa3ef85ba5abf22248
Certificate serial: 0194252161D8AE351FC32D17A90A3B7058E7
Authority key identifier: 3F:34:D4:8D:84:1A:52:A4:22:7D:49:FA:3E:F8:5B:A5:AB:F2:22:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PzTUjYQaUqQifUn6PvhbpavyIkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/4boeBlk7o1BaTuZdEOVxwc-y71c.roa
Signing time: Thu 02 Jan 2025 03:48:52 +0000
ROA not before: Thu 02 Jan 2025 03:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207318
IP address blocks: 2a11:d580::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:61:d8:ae:35:1f:c3:2d:17:a9:0a:3b:70:58:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f34d48d841a52a4227d49fa3ef85ba5abf22248
Validity
Not Before: Jan 2 03:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1ba1e06593ba3505a4ee65d10e571c1cfb2ef57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:dc:20:a9:99:8d:7d:49:5d:38:a6:96:26:40:
f4:e0:46:28:46:cb:12:fb:cc:52:98:af:74:61:59:
17:e2:17:1f:89:9b:b9:b9:a7:b7:e3:95:d1:4f:79:
10:b6:fc:f0:c6:03:8c:df:25:a9:71:bf:a2:5d:fe:
c2:b8:20:bd:1e:96:8e:06:93:2d:65:41:99:af:7c:
90:1a:36:41:0d:62:9e:ce:99:c0:fd:fe:6d:cd:45:
33:70:05:2b:99:22:38:ae:cb:d7:dd:2d:32:38:7c:
fb:bf:5b:d5:32:cf:66:06:9b:ff:88:11:10:42:17:
71:ae:dd:6c:05:54:c7:a1:4b:3b:80:9d:25:f9:ab:
8d:a4:99:97:1e:44:68:b6:78:dd:b8:43:0d:95:62:
56:24:6e:15:f3:1e:cf:52:2b:0c:bd:3c:96:82:0b:
b8:50:38:ac:4a:02:be:a4:bc:b0:0e:97:10:59:87:
93:21:39:b2:d3:e5:6b:48:4a:73:6c:e9:94:40:4e:
61:7d:1a:8e:50:51:d7:4e:08:74:e8:d0:34:62:95:
64:29:82:f7:39:1a:c2:4f:aa:2d:d0:c8:a0:a8:5e:
7f:16:5d:b0:75:0a:3e:b1:81:12:d9:a0:6e:fd:15:
cc:30:3b:f5:a1:ba:76:a3:b0:31:ff:4b:8e:2c:d7:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BA:1E:06:59:3B:A3:50:5A:4E:E6:5D:10:E5:71:C1:CF:B2:EF:57
X509v3 Authority Key Identifier:
keyid:3F:34:D4:8D:84:1A:52:A4:22:7D:49:FA:3E:F8:5B:A5:AB:F2:22:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzTUjYQaUqQifUn6PvhbpavyIkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/4boeBlk7o1BaTuZdEOVxwc-y71c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/eb7037-deed-4a23-b3a4-0458c15cfd0b/1/PzTUjYQaUqQifUn6PvhbpavyIkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:d580::/29
Signature Algorithm: sha256WithRSAEncryption
90:fa:34:04:10:28:75:03:4a:69:38:a3:ac:3b:01:5f:04:52:
c2:e0:b2:2e:6c:aa:c1:68:5e:c8:40:1f:c4:6b:87:3a:10:06:
ff:6d:05:5c:88:04:ff:95:17:64:fb:27:be:4d:32:da:65:6c:
ce:18:3e:88:9b:ff:85:b0:8a:a9:27:7f:ce:87:f3:f2:d4:41:
1f:ea:02:63:1a:0a:31:d5:a6:5d:7d:be:2a:0c:3f:ce:e2:98:
3a:1c:0c:5f:f4:29:c7:43:32:6d:4d:d0:8d:0e:52:51:02:d0:
70:cb:de:e5:cb:21:0a:d5:d5:7d:22:b5:a4:e6:a2:6e:bb:7f:
0a:74:a2:67:2f:ac:ad:4a:1b:49:ab:22:0b:3d:bb:d5:b2:6f:
e0:05:5a:55:9c:93:42:43:51:4d:bd:11:6d:a7:c5:2f:d5:aa:
5e:ad:c9:6c:ba:8c:77:50:e5:ef:af:05:0f:36:69:71:82:17:
77:a1:12:69:52:14:ed:8a:67:5f:12:50:8b:3e:da:88:66:6c:
a8:d7:af:f4:3d:57:01:9b:28:ec:cf:2f:12:c8:09:d8:ed:38:
4b:2f:83:ca:b7:69:d8:7f:d9:97:56:3e:22:f5:65:b5:26:fb:
62:9a:cb:b1:8f:49:da:31:96:ce:0e:07:43:09:42:25:6e:88:
58:ed:cf:80
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIWHYrjUfwy0XqQo7cFjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzRkNDhkODQxYTUyYTQyMjdkNDlmYTNlZjg1YmE1YWJm
MjIyNDgwHhcNMjUwMTAyMDM0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWJhMWUwNjU5M2JhMzUwNWE0ZWU2NWQxMGU1NzFjMWNmYjJlZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1twgqZmNfUldOKaWJkD04EYoRssS
+8xSmK90YVkX4hcfiZu5uae345XRT3kQtvzwxgOM3yWpcb+iXf7CuCC9HpaOBpMt
ZUGZr3yQGjZBDWKezpnA/f5tzUUzcAUrmSI4rsvX3S0yOHz7v1vVMs9mBpv/iBEQ
Qhdxrt1sBVTHoUs7gJ0l+auNpJmXHkRotnjduEMNlWJWJG4V8x7PUisMvTyWggu4
UDisSgK+pLywDpcQWYeTITmy0+VrSEpzbOmUQE5hfRqOUFHXTgh06NA0YpVkKYL3
ORrCT6ot0MigqF5/Fl2wdQo+sYES2aBu/RXMMDv1obp2o7Ax/0uOLNeEJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOG6HgZZO6NQWk7mXRDlccHPsu9XMB8GA1UdIwQY
MBaAFD801I2EGlKkIn1J+j74W6Wr8iJIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpUVWpZUWFVcVFpZlVuNlB2aGJwYXZ5SWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lYjcwMzctZGVlZC00YTIzLWIzYTQt
MDQ1OGMxNWNmZDBiLzEvNGJvZUJsazdvMUJhVHVaZEVPVnh3Yy15NzFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lYjcwMzctZGVlZC00YTIzLWIzYTQtMDQ1OGMxNWNmZDBi
LzEvUHpUVWpZUWFVcVFpZlVuNlB2aGJwYXZ5SWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhHVgDAN
BgkqhkiG9w0BAQsFAAOCAQEAkPo0BBAodQNKaTijrDsBXwRSwuCyLmyqwWheyEAf
xGuHOhAG/20FXIgE/5UXZPsnvk0y2mVszhg+iJv/hbCKqSd/zofz8tRBH+oCYxoK
MdWmXX2+Kgw/zuKYOhwMX/Qpx0MybU3QjQ5SUQLQcMve5cshCtXVfSK1pOaibrt/
CnSiZy+srUobSasiCz271bJv4AVaVZyTQkNRTb0RbafFL9WqXq3JbLqMd1Dl768F
DzZpcYIXd6ESaVIU7YpnXxJQiz7aiGZsqNev9D1XAZso7M8vEsgJ2O04Sy+Dyrdp
2H/Zl1Y+IvVltSb7YprLsY9J2jGWzg4HQwlCJW6IWO3PgA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:25 2025 by rpki-client