Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/SGMklr5AeE8jGTkv_5TNxH2UtBY.roa
File: SGMklr5AeE8jGTkv_5TNxH2UtBY.roa (raw, json)
Hash identifier: 5/gm3b3ZHQxuqtVGihJbcna/seeg7cLgU18tVnIiLhE=
Subject key identifier: 48:63:24:96:BE:40:78:4F:23:19:39:2F:FF:94:CD:C4:7D:94:B4:16
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 01942068360DE8F7F06BF094D40B206E31C7
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/SGMklr5AeE8jGTkv_5TNxH2UtBY.roa
Signing time: Wed 01 Jan 2025 05:48:07 +0000
ROA not before: Wed 01 Jan 2025 05:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 2a11:b687::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:36:0d:e8:f7:f0:6b:f0:94:d4:0b:20:6e:31:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jan 1 05:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48632496be40784f2319392fff94cdc47d94b416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:41:eb:0a:0e:18:26:82:90:31:1b:72:47:
03:d4:1d:62:19:86:95:0d:74:ce:d1:e3:ee:6b:18:
61:60:3a:ec:61:59:97:b5:f6:dd:51:6e:f8:c0:12:
c8:cd:88:a4:d5:1f:f1:3d:98:e0:10:a9:d5:79:15:
01:04:81:75:e8:d5:ef:52:0b:a1:97:0d:2c:14:0a:
8a:b1:8c:45:57:a7:5d:2a:46:6b:fc:8e:d4:03:ee:
fa:6b:cb:3a:b8:fe:f9:86:cb:8a:20:bb:dd:51:ec:
e6:44:af:ff:7d:dc:98:95:ce:bf:93:18:21:12:d4:
68:de:89:9d:d3:ae:b8:d6:8e:b7:41:b3:23:32:23:
6c:cc:09:8f:14:be:3a:b2:77:c0:e8:72:6f:dc:9f:
21:f9:84:4a:e0:3d:25:50:48:70:bf:b9:d4:7e:45:
71:8d:16:91:9c:f2:c9:6a:cf:36:43:57:df:3c:44:
45:6f:c4:18:4a:7b:87:7f:1e:a0:36:ba:70:5d:fa:
99:05:dc:98:01:01:cc:c0:4e:38:d2:40:0f:0f:a3:
9a:56:9e:88:d8:f5:b3:b0:18:e4:ce:6d:89:4f:09:
63:ad:0c:cb:e9:2f:c8:e9:4f:56:c1:09:e1:86:22:
97:4e:8a:6e:7a:20:65:67:ee:a2:25:5d:c2:1b:85:
2f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:63:24:96:BE:40:78:4F:23:19:39:2F:FF:94:CD:C4:7D:94:B4:16
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/SGMklr5AeE8jGTkv_5TNxH2UtBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b687::/32
Signature Algorithm: sha256WithRSAEncryption
01:ce:02:3a:a4:88:8e:6f:ac:59:a5:8d:ab:33:6e:b1:8e:19:
2c:c5:47:4b:1a:dd:f9:b8:cb:18:a8:3f:8b:02:d0:e8:cd:fd:
77:f6:96:c3:5b:1c:c6:8d:e5:7f:9d:7e:df:2c:7d:0c:ba:75:
c1:f6:3b:c5:f6:a2:7b:62:c3:35:e8:a2:9a:a0:43:85:51:9c:
ef:21:7c:63:9d:b7:33:06:0c:2b:9c:a5:09:a6:75:cb:b2:a4:
b2:0c:a3:ea:5c:51:8d:cb:69:73:ab:6f:48:3b:1b:04:88:67:
2a:da:3b:f6:3e:3d:18:04:3f:77:2f:1d:9c:b3:cc:ae:50:a8:
8a:91:ba:d4:e5:38:94:5f:a9:88:ad:ec:10:7e:40:25:6c:87:
a5:3d:eb:6c:95:86:68:3a:1b:fd:39:0a:60:78:71:ac:27:9a:
75:bd:35:25:b0:b5:46:31:d8:9f:d2:fa:b7:a7:a7:72:ed:2f:
6d:ef:9e:a5:bd:f7:60:b0:2a:a8:42:22:4c:a4:cc:69:fe:ee:
92:ac:44:06:28:9a:88:02:e0:9e:39:5c:a5:7d:77:26:ec:89:
d1:fc:de:08:ec:33:f7:10:07:c7:dd:64:bd:89:d7:d5:10:b7:
00:11:95:92:48:b7:31:ab:9b:cd:eb:a7:9c:c7:ac:ad:64:79:
15:ca:0f:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQgaDYN6Pfwa/CU1AsgbjHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYzMjQ5NmJlNDA3ODRmMjMxOTM5MmZmZjk0Y2RjNDdkOTRiNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqdB6woOGCaCkDEbckcD1B1iGYaV
DXTO0ePuaxhhYDrsYVmXtfbdUW74wBLIzYik1R/xPZjgEKnVeRUBBIF16NXvUguh
lw0sFAqKsYxFV6ddKkZr/I7UA+76a8s6uP75hsuKILvdUezmRK//fdyYlc6/kxgh
EtRo3omd06641o63QbMjMiNszAmPFL46snfA6HJv3J8h+YRK4D0lUEhwv7nUfkVx
jRaRnPLJas82Q1ffPERFb8QYSnuHfx6gNrpwXfqZBdyYAQHMwE440kAPD6OaVp6I
2PWzsBjkzm2JTwljrQzL6S/I6U9WwQnhhiKXTopueiBlZ+6iJV3CG4UvOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEhjJJa+QHhPIxk5L/+UzcR9lLQWMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvU0dNa2xyNUFlRThqR1Rrdl81VE54SDJVdEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhG2hzAN
BgkqhkiG9w0BAQsFAAOCAQEAAc4COqSIjm+sWaWNqzNusY4ZLMVHSxrd+bjLGKg/
iwLQ6M39d/aWw1scxo3lf51+3yx9DLp1wfY7xfaie2LDNeiimqBDhVGc7yF8Y523
MwYMK5ylCaZ1y7Kksgyj6lxRjctpc6tvSDsbBIhnKto79j49GAQ/dy8dnLPMrlCo
ipG61OU4lF+piK3sEH5AJWyHpT3rbJWGaDob/TkKYHhxrCeadb01JbC1RjHYn9L6
t6encu0vbe+epb33YLAqqEIiTKTMaf7ukqxEBiiaiALgnjlcpX13JuyJ0fzeCOwz
9xAHx91kvYnX1RC3ABGVkki3MaubzeunnMesrWR5FcoPmg==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:23:38 2025 by rpki-client