Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/4lN9UMCt9-jT04o2voesNzfPwGs.roa
File: 4lN9UMCt9-jT04o2voesNzfPwGs.roa (raw, json)
Hash identifier: t3RT/PpcRecUqHyCeVTaRV/4YmAPhY6KAKsv8Og5F9U=
Subject key identifier: E2:53:7D:50:C0:AD:F7:E8:D3:D3:8A:36:BE:87:AC:37:37:CF:C0:6B
Certificate issuer: /CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Certificate serial: 019422FC19FA2FCBA2AB129974BDF235F735
Authority key identifier: 21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/4lN9UMCt9-jT04o2voesNzfPwGs.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13002
IP address blocks: 2a02:17e8::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:19:fa:2f:cb:a2:ab:12:99:74:bd:f2:35:f7:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bfa77b3cd782933e5f255445d428adfbdca0e1
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2537d50c0adf7e8d3d38a36be87ac3737cfc06b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:20:c9:86:fc:15:09:0e:77:85:35:bf:4a:9b:
5d:1c:fd:76:07:9c:d7:e6:50:19:89:14:1d:0d:69:
30:76:e7:4a:9c:19:0f:45:6a:49:20:03:c3:a5:5a:
6f:09:e7:43:58:d2:3f:7c:e5:e8:67:e4:98:32:3e:
d4:f7:b2:eb:b6:30:e6:8b:1f:d3:7f:aa:8d:30:71:
1d:23:a1:0e:24:40:93:94:bd:f2:94:e4:f5:ae:c9:
4a:b4:74:33:af:b5:1a:8f:3d:ed:69:2b:49:c1:01:
d1:e4:09:ad:f5:63:92:38:22:d1:de:57:cc:15:c9:
3e:91:0c:04:0b:14:45:9c:19:93:66:e6:84:e2:43:
bd:64:55:8c:6b:b7:78:b7:6e:8c:6b:4f:c8:25:81:
b0:fb:9e:83:d2:85:49:00:67:e2:7e:f2:c6:ff:ee:
07:1f:7b:89:63:e1:ab:9b:57:0b:3e:80:fe:5d:27:
96:0f:6a:63:89:22:cf:65:c6:bc:df:a3:14:da:86:
2d:f1:5c:2b:e9:1a:b6:e6:e3:32:a7:42:b6:50:fd:
dd:ec:6c:d0:02:7b:f9:16:00:5a:85:c5:9f:88:cb:
d8:53:93:97:b8:8c:73:cc:b8:2a:20:ba:bc:c5:19:
4f:b6:87:7d:81:4d:da:81:88:ac:6c:26:56:71:d7:
7d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:53:7D:50:C0:AD:F7:E8:D3:D3:8A:36:BE:87:AC:37:37:CF:C0:6B
X509v3 Authority Key Identifier:
keyid:21:BF:A7:7B:3C:D7:82:93:3E:5F:25:54:45:D4:28:AD:FB:DC:A0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib-nezzXgpM-XyVURdQorfvcoOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/4lN9UMCt9-jT04o2voesNzfPwGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9c7aff-d83e-4f51-9b96-5484c39b2d4e/1/Ib-nezzXgpM-XyVURdQorfvcoOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:17e8::/32
Signature Algorithm: sha256WithRSAEncryption
76:44:b9:b9:48:6a:6f:63:34:9f:d6:de:fd:97:21:85:e0:55:
e6:a0:5a:09:33:54:89:4d:cf:39:18:22:3f:08:c4:29:36:24:
63:5b:49:95:df:85:fb:83:5e:28:39:fc:93:3b:83:15:b1:95:
66:31:94:bc:66:52:39:8c:09:0f:ab:3f:7e:2d:f9:21:ce:f5:
f4:03:cd:bc:a6:ce:80:73:8d:56:84:0f:e6:d3:eb:e7:57:6f:
c1:a5:d3:a2:30:37:fc:9d:7c:af:7c:dc:6c:c5:ed:30:65:3f:
42:36:13:87:78:ed:a1:97:32:b4:5d:4e:5c:a0:c9:c7:82:30:
f6:f3:f9:d7:02:68:be:49:0a:84:cb:f4:fa:cd:f9:c4:9b:3a:
50:81:31:f4:1f:5b:74:f2:65:06:a0:8c:e4:f8:ec:b1:60:be:
05:8a:66:e2:04:4e:98:67:48:84:b3:cf:8d:7a:a3:da:c1:8f:
dd:7c:a0:45:85:e1:f4:9f:5b:db:e6:6f:a1:2c:e8:71:3d:9d:
0f:2f:5a:e6:db:d9:c2:92:16:9a:6e:a4:37:56:09:8f:a0:6e:
5f:7c:fe:30:bc:4d:af:1a:e6:87:e5:6d:f6:11:8d:a1:ad:f5:
5c:75:90:15:c0:d8:c0:4c:d3:71:be:85:57:92:05:59:c8:14:
bb:b3:d5:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi/Bn6L8uiqxKZdL3yNfc1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmZhNzdiM2NkNzgyOTMzZTVmMjU1NDQ1ZDQyOGFkZmJk
Y2EwZTEwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjUzN2Q1MGMwYWRmN2U4ZDNkMzhhMzZiZTg3YWMzNzM3Y2ZjMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviDJhvwVCQ53hTW/SptdHP12B5zX
5lAZiRQdDWkwdudKnBkPRWpJIAPDpVpvCedDWNI/fOXoZ+SYMj7U97LrtjDmix/T
f6qNMHEdI6EOJECTlL3ylOT1rslKtHQzr7Uajz3taStJwQHR5Amt9WOSOCLR3lfM
Fck+kQwECxRFnBmTZuaE4kO9ZFWMa7d4t26Ma0/IJYGw+56D0oVJAGfifvLG/+4H
H3uJY+Grm1cLPoD+XSeWD2pjiSLPZca836MU2oYt8Vwr6Rq25uMyp0K2UP3d7GzQ
Anv5FgBahcWfiMvYU5OXuIxzzLgqILq8xRlPtod9gU3agYisbCZWcdd9ewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOJTfVDArffo09OKNr6HrDc3z8BrMB8GA1UdIwQY
MBaAFCG/p3s814KTPl8lVEXUKK373KDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYt
NTQ4NGMzOWIyZDRlLzEvNGxOOVVNQ3Q5LWpUMDRvMnZvZXNOemZQd0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85YzdhZmYtZDgzZS00ZjUxLTliOTYtNTQ4NGMzOWIyZDRl
LzEvSWItbmV6elhncE0tWHlWVVJkUW9yZnZjb09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIX6DAN
BgkqhkiG9w0BAQsFAAOCAQEAdkS5uUhqb2M0n9be/ZchheBV5qBaCTNUiU3PORgi
PwjEKTYkY1tJld+F+4NeKDn8kzuDFbGVZjGUvGZSOYwJD6s/fi35Ic719APNvKbO
gHONVoQP5tPr51dvwaXTojA3/J18r3zcbMXtMGU/QjYTh3jtoZcytF1OXKDJx4Iw
9vP51wJovkkKhMv0+s35xJs6UIEx9B9bdPJlBqCM5PjssWC+BYpm4gROmGdIhLPP
jXqj2sGP3XygRYXh9J9b2+ZvoSzocT2dDy9a5tvZwpIWmm6kN1YJj6BuX3z+MLxN
rxrmh+Vt9hGNoa31XHWQFcDYwEzTcb6FV5IFWcgUu7PV4w==
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:36:01 2025 by rpki-client