Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/sruhjCasQirrH-0fB1hMnGtdKbc.roa
File: sruhjCasQirrH-0fB1hMnGtdKbc.roa (raw, json)
Hash identifier: 8+bBqgElq6yZn7FjZz4g3hAHeMtSgWQVOOV2GJz8wKQ=
Subject key identifier: B2:BB:A1:8C:26:AC:42:2A:EB:1F:ED:1F:07:58:4C:9C:6B:5D:29:B7
Certificate issuer: /CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Certificate serial: 0194244592C14EC2C21F3392053D94F45294
Authority key identifier: C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/sruhjCasQirrH-0fB1hMnGtdKbc.roa
Signing time: Wed 01 Jan 2025 23:48:46 +0000
ROA not before: Wed 01 Jan 2025 23:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202000
IP address blocks: 2a05:4140:900::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:92:c1:4e:c2:c2:1f:33:92:05:3d:94:f4:52:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74c60adeb0cd5768cf756f562b1b5cc5b9c180a
Validity
Not Before: Jan 1 23:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2bba18c26ac422aeb1fed1f07584c9c6b5d29b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:38:2a:0a:29:81:0f:ef:3c:32:e8:3e:36:ff:
a6:b2:b5:51:bc:1e:5c:08:2d:f6:ab:dc:71:c3:6b:
e9:4a:a6:0f:bb:fa:d6:36:5d:05:b7:2d:04:cf:18:
71:fa:7c:3d:5b:f9:9c:ed:20:f2:75:c0:a9:1c:1a:
fe:0d:d8:f6:44:bb:36:e1:43:c3:40:bc:70:99:d1:
73:6c:35:d0:00:fb:74:ac:63:73:3c:c0:77:53:2b:
a2:f4:35:27:54:d0:f4:72:f3:34:da:37:81:40:52:
3a:a9:69:86:60:d5:5f:b5:36:9f:b6:b1:1a:80:4c:
c7:43:fb:df:6e:aa:98:d0:ee:c8:19:b0:e3:88:f7:
5e:24:51:20:65:24:8b:83:8a:de:e3:7f:ea:da:04:
cc:11:95:56:14:45:0c:be:ee:5e:6f:cc:7d:74:68:
3f:20:cf:75:57:38:cd:2a:c0:d1:81:16:f2:0f:22:
11:6f:78:47:f8:44:40:96:88:45:e1:11:70:48:50:
78:9e:df:31:2c:a8:91:e9:3b:d0:e7:84:8a:a2:28:
a3:92:ed:ec:50:c9:ac:63:93:3b:dd:ba:78:18:7b:
6a:b7:ea:c8:bf:3e:51:9e:e3:d4:2d:62:ab:44:cf:
07:0b:84:1e:4f:74:5d:45:05:15:04:5c:21:95:0e:
b7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:BB:A1:8C:26:AC:42:2A:EB:1F:ED:1F:07:58:4C:9C:6B:5D:29:B7
X509v3 Authority Key Identifier:
keyid:C7:4C:60:AD:EB:0C:D5:76:8C:F7:56:F5:62:B1:B5:CC:5B:9C:18:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0xgresM1XaM91b1YrG1zFucGAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/sruhjCasQirrH-0fB1hMnGtdKbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/adb65c-f6f7-4495-ba23-885e84e7512e/1/x0xgresM1XaM91b1YrG1zFucGAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4140:900::/40
Signature Algorithm: sha256WithRSAEncryption
6f:17:4a:cb:a9:a6:29:d2:0e:99:2c:ca:72:1a:53:67:4b:25:
31:a8:13:63:93:40:c1:ff:be:df:9e:19:d5:d8:94:22:0a:2e:
c1:4d:b0:12:30:1b:a2:b8:b3:9e:71:4b:84:b6:99:71:76:a0:
94:3a:a5:2b:f4:c8:2f:96:2c:18:0b:f3:83:5f:86:bb:a8:80:
9f:0e:2b:35:c8:31:f1:08:6d:05:b5:12:20:16:b6:2a:91:ca:
67:a9:90:c9:8f:99:08:e2:df:b7:08:ae:f2:4b:16:d9:5f:3f:
b1:bd:22:f8:dd:f8:bb:bb:43:67:3d:f9:1f:d0:c1:b2:43:75:
37:b8:01:2f:98:77:83:9f:c4:fc:4b:d4:6e:44:c6:1f:eb:ab:
a3:4c:6f:1b:87:7c:a4:89:f9:e6:b0:9b:79:7f:9d:ff:d9:c8:
32:8a:a3:c5:fc:da:65:8b:d4:1b:06:6b:16:b9:f6:46:fe:7e:
59:ea:a7:48:01:a6:6c:0d:e1:c0:28:97:9b:3f:3d:2c:eb:1f:
aa:11:01:52:ac:d4:5c:f8:ee:2d:38:6f:f0:d3:c7:0e:b3:aa:
25:38:24:bd:93:c0:e5:1e:7c:6e:9b:fa:18:80:f9:c7:a7:9a:
d5:d6:57:9d:47:71:64:bb:c6:49:2b:d3:94:b3:bc:8a:ad:f1:
7b:aa:f6:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQkRZLBTsLCHzOSBT2U9FKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NGM2MGFkZWIwY2Q1NzY4Y2Y3NTZmNTYyYjFiNWNjNWI5
YzE4MGEwHhcNMjUwMTAxMjM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmJiYTE4YzI2YWM0MjJhZWIxZmVkMWYwNzU4NGM5YzZiNWQyOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjgqCimBD+88Mug+Nv+msrVRvB5c
CC32q9xxw2vpSqYPu/rWNl0Fty0Ezxhx+nw9W/mc7SDydcCpHBr+Ddj2RLs24UPD
QLxwmdFzbDXQAPt0rGNzPMB3Uyui9DUnVND0cvM02jeBQFI6qWmGYNVftTaftrEa
gEzHQ/vfbqqY0O7IGbDjiPdeJFEgZSSLg4re43/q2gTMEZVWFEUMvu5eb8x9dGg/
IM91VzjNKsDRgRbyDyIRb3hH+ERAlohF4RFwSFB4nt8xLKiR6TvQ54SKoiijku3s
UMmsY5M73bp4GHtqt+rIvz5RnuPULWKrRM8HC4QeT3RdRQUVBFwhlQ63hwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLK7oYwmrEIq6x/tHwdYTJxrXSm3MB8GA1UdIwQY
MBaAFMdMYK3rDNV2jPdW9WKxtcxbnBgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMt
ODg1ZTg0ZTc1MTJlLzEvc3J1aGpDYXNRaXJySC0wZkIxaE1uR3RkS2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9hZGI2NWMtZjZmNy00NDk1LWJhMjMtODg1ZTg0ZTc1MTJl
LzEveDB4Z3Jlc00xWGFNOTFiMVlyRzF6RnVjR0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgVBQAkw
DQYJKoZIhvcNAQELBQADggEBAG8XSsuppinSDpksynIaU2dLJTGoE2OTQMH/vt+e
GdXYlCIKLsFNsBIwG6K4s55xS4S2mXF2oJQ6pSv0yC+WLBgL84NfhruogJ8OKzXI
MfEIbQW1EiAWtiqRymepkMmPmQji37cIrvJLFtlfP7G9Ivjd+Lu7Q2c9+R/QwbJD
dTe4AS+Yd4OfxPxL1G5Exh/rq6NMbxuHfKSJ+eawm3l/nf/ZyDKKo8X82mWL1BsG
axa59kb+flnqp0gBpmwN4cAol5s/PSzrH6oRAVKs1Fz47i04b/DTxw6zqiU4JL2T
wOUefG6b+hiA+cenmtXWV51HcWS7xkkr05SzvIqt8Xuq9kA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:29:16 2025 by rpki-client