Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/f23831-6eb5-4427-81b0-34d341c5eb61/1/txmFyUOnE8z2a-lXpSSWeNlZGdM.roa
File: txmFyUOnE8z2a-lXpSSWeNlZGdM.roa (raw, json)
Hash identifier: tHzEEY6u+Izo5THIfW02uc7TbpIzTWXGA5LdSe/FigM=
Subject key identifier: B7:19:85:C9:43:A7:13:CC:F6:6B:E9:57:A5:24:96:78:D9:59:19:D3
Certificate issuer: /CN=88f84cda3f2b9f967d9e8a8485d99e6a1b7f7c6e
Certificate serial: 01941F8C3464B9BEBC57E16B8985F51EC61C
Authority key identifier: 88:F8:4C:DA:3F:2B:9F:96:7D:9E:8A:84:85:D9:9E:6A:1B:7F:7C:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPhM2j8rn5Z9noqEhdmeaht_fG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/f23831-6eb5-4427-81b0-34d341c5eb61/1/txmFyUOnE8z2a-lXpSSWeNlZGdM.roa
Signing time: Wed 01 Jan 2025 01:47:49 +0000
ROA not before: Wed 01 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214237
IP address blocks: 2a01:e880::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:34:64:b9:be:bc:57:e1:6b:89:85:f5:1e:c6:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f84cda3f2b9f967d9e8a8485d99e6a1b7f7c6e
Validity
Not Before: Jan 1 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b71985c943a713ccf66be957a5249678d95919d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:29:d0:3a:b2:c9:1e:1b:e8:18:c1:90:c0:ca:
10:ee:b4:f2:1e:82:78:59:5c:65:43:ab:64:b8:9c:
5d:05:88:ba:f5:3e:13:d3:60:68:82:8a:db:81:95:
f0:70:3d:4d:1a:63:c3:a2:d2:28:4d:7f:8a:56:5c:
28:8a:70:90:f2:ab:ea:f4:87:84:00:9f:6d:db:d6:
f4:56:4c:ef:ec:ee:36:9a:b3:11:68:80:d4:25:05:
09:44:17:9c:52:c3:3b:2f:02:82:46:61:ba:89:14:
cb:cb:9e:12:77:35:4e:27:2b:29:40:07:58:bf:6d:
4e:7c:18:47:3e:ae:83:d8:fb:eb:23:ae:d6:40:a1:
5f:6f:c4:e0:3f:99:76:67:9d:84:f0:77:b9:57:7e:
08:3f:77:59:a2:ae:29:b1:5b:da:31:a2:07:09:76:
ee:7d:93:26:d3:8a:1e:60:fc:1f:87:80:ef:49:67:
fd:86:39:b4:1e:67:e3:50:2d:1b:60:15:fb:ab:37:
80:c4:f3:01:e5:b4:2a:c8:3d:ea:b4:b9:4a:d6:4f:
2f:8d:d1:59:47:16:fe:ba:90:31:c6:c2:38:19:40:
0a:19:10:a0:00:78:74:70:e4:db:71:1d:b2:ef:3a:
5a:b3:62:dd:3f:eb:01:db:b5:f4:6d:a5:d8:0e:6a:
16:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:19:85:C9:43:A7:13:CC:F6:6B:E9:57:A5:24:96:78:D9:59:19:D3
X509v3 Authority Key Identifier:
keyid:88:F8:4C:DA:3F:2B:9F:96:7D:9E:8A:84:85:D9:9E:6A:1B:7F:7C:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPhM2j8rn5Z9noqEhdmeaht_fG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/f23831-6eb5-4427-81b0-34d341c5eb61/1/txmFyUOnE8z2a-lXpSSWeNlZGdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/f23831-6eb5-4427-81b0-34d341c5eb61/1/iPhM2j8rn5Z9noqEhdmeaht_fG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e880::/32
Signature Algorithm: sha256WithRSAEncryption
96:86:ab:70:91:83:7c:3b:b8:d9:22:75:ba:95:a1:1e:ea:b3:
df:e7:34:8b:32:a6:43:9c:aa:50:99:09:d5:9d:c7:93:35:90:
2e:50:cc:88:0c:6e:46:b3:30:57:0c:0e:75:74:b8:ae:44:c3:
27:6d:5b:5c:2b:90:29:48:c9:a1:03:99:96:8a:10:25:33:6c:
b9:2d:29:e4:14:55:7a:e4:b8:f3:7f:35:66:33:db:97:d7:cd:
c5:f9:fa:be:ff:88:11:29:a7:e1:64:cc:3c:5c:7f:61:cd:3d:
7c:f9:f0:07:65:90:aa:f9:f7:65:d9:2e:05:a8:1a:6d:6c:74:
c8:57:5f:90:42:3f:60:a9:36:38:12:42:bf:65:6d:8b:be:66:
61:8d:f6:ab:d2:bf:57:7a:f8:a0:42:ae:5e:c1:f8:81:9c:14:
65:98:60:43:9a:f4:d7:83:9c:8e:43:9f:40:c2:c5:d0:6f:85:
fc:6b:1a:cf:05:12:ba:96:18:a7:90:12:df:5d:a2:8b:d3:5b:
1a:e5:96:70:dd:5e:3f:88:7b:98:d0:14:61:22:6e:f7:a0:25:
da:d8:fe:3e:36:9d:3f:e5:b0:0f:d3:4a:e1:cb:ea:28:7e:48:
28:f0:fd:f5:0e:87:d6:bd:14:52:22:0b:1a:81:ae:2e:9e:5e:
02:85:4b:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQfjDRkub68V+FriYX1HsYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Zjg0Y2RhM2YyYjlmOTY3ZDllOGE4NDg1ZDk5ZTZhMWI3
ZjdjNmUwHhcNMjUwMTAxMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzE5ODVjOTQzYTcxM2NjZjY2YmU5NTdhNTI0OTY3OGQ5NTkxOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CnQOrLJHhvoGMGQwMoQ7rTyHoJ4
WVxlQ6tkuJxdBYi69T4T02BogorbgZXwcD1NGmPDotIoTX+KVlwoinCQ8qvq9IeE
AJ9t29b0Vkzv7O42mrMRaIDUJQUJRBecUsM7LwKCRmG6iRTLy54SdzVOJyspQAdY
v21OfBhHPq6D2PvrI67WQKFfb8TgP5l2Z52E8He5V34IP3dZoq4psVvaMaIHCXbu
fZMm04oeYPwfh4DvSWf9hjm0HmfjUC0bYBX7qzeAxPMB5bQqyD3qtLlK1k8vjdFZ
Rxb+upAxxsI4GUAKGRCgAHh0cOTbcR2y7zpas2LdP+sB27X0baXYDmoWBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLcZhclDpxPM9mvpV6UklnjZWRnTMB8GA1UdIwQY
MBaAFIj4TNo/K5+WfZ6KhIXZnmobf3xuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBoTTJqOHJuNVo5bm9xRWhkbWVhaHRfZkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mMjM4MzEtNmViNS00NDI3LTgxYjAt
MzRkMzQxYzVlYjYxLzEvdHhtRnlVT25FOHoyYS1sWHBTU1dlTmxaR2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mMjM4MzEtNmViNS00NDI3LTgxYjAtMzRkMzQxYzVlYjYx
LzEvaVBoTTJqOHJuNVo5bm9xRWhkbWVhaHRfZkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgHogDAN
BgkqhkiG9w0BAQsFAAOCAQEAloarcJGDfDu42SJ1upWhHuqz3+c0izKmQ5yqUJkJ
1Z3HkzWQLlDMiAxuRrMwVwwOdXS4rkTDJ21bXCuQKUjJoQOZlooQJTNsuS0p5BRV
euS48381ZjPbl9fNxfn6vv+IESmn4WTMPFx/Yc09fPnwB2WQqvn3ZdkuBagabWx0
yFdfkEI/YKk2OBJCv2Vti75mYY32q9K/V3r4oEKuXsH4gZwUZZhgQ5r014OcjkOf
QMLF0G+F/GsazwUSupYYp5AS312ii9NbGuWWcN1eP4h7mNAUYSJu96Al2tj+Pjad
P+WwD9NK4cvqKH5IKPD99Q6H1r0UUiILGoGuLp5eAoVL5Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:37:56 2025 by rpki-client