Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/EfAbE-x7JWikVYwPPlQe_vVwMQg.roa
File: EfAbE-x7JWikVYwPPlQe_vVwMQg.roa (raw, json)
Hash identifier: 7jN/LfmMAw7O2spCMvO+jNeJ92v1x2ZZaE7vPy60zYA=
Subject key identifier: 11:F0:1B:13:EC:7B:25:68:A4:55:8C:0F:3E:54:1E:FE:F5:70:31:08
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 0194236923B4E93AFBE046C4936AD64F17C8
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/EfAbE-x7JWikVYwPPlQe_vVwMQg.roa
Signing time: Wed 01 Jan 2025 19:48:00 +0000
ROA not before: Wed 01 Jan 2025 19:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200027
IP address blocks: 2a00:cee7::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:23:b4:e9:3a:fb:e0:46:c4:93:6a:d6:4f:17:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 1 19:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11f01b13ec7b2568a4558c0f3e541efef5703108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:06:2f:2b:1f:5e:0d:2e:82:18:78:fb:79:5b:
dd:5c:68:ec:63:12:85:57:f2:66:8a:45:0d:d4:40:
3c:ec:cd:36:a3:b8:c3:0f:ee:8d:aa:46:ed:c7:ae:
85:2c:3f:b1:f9:6f:13:4f:2a:3b:84:26:97:3a:5d:
1b:70:48:80:72:85:3c:ab:fe:fa:0a:f9:97:ab:2e:
0c:54:d2:5c:23:80:e9:5f:c6:17:0e:f0:10:46:a0:
53:8d:31:9c:9e:5e:bd:7d:18:99:e1:69:b7:74:7e:
e1:2a:09:54:1f:65:64:d9:d3:e8:18:1e:f3:16:90:
3b:9d:3b:13:6a:cf:f0:66:91:f0:29:74:e4:af:34:
c1:ba:98:a7:14:09:e4:43:29:45:80:f8:b5:42:c6:
8f:bf:13:59:19:a2:00:5f:fc:f6:0d:a9:96:2a:d0:
cb:50:00:1d:6d:ff:70:66:25:55:88:6a:4f:65:f1:
16:7c:88:72:86:52:8c:71:b6:15:32:eb:62:17:56:
5d:a2:fb:75:1f:84:c9:11:6b:34:9d:1f:78:06:93:
f6:ff:c2:76:c3:9d:a7:86:8d:a4:32:b2:29:ae:50:
91:eb:75:c9:9f:08:36:39:d8:bb:92:56:28:e4:4d:
d3:24:69:c1:61:91:67:73:dd:73:1e:f5:29:41:16:
13:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F0:1B:13:EC:7B:25:68:A4:55:8C:0F:3E:54:1E:FE:F5:70:31:08
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/EfAbE-x7JWikVYwPPlQe_vVwMQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:cee7::/32
Signature Algorithm: sha256WithRSAEncryption
27:22:04:f0:70:37:73:f8:d6:62:02:3a:46:4d:84:a3:c4:d6:
a3:e3:74:ff:16:7e:7f:5f:bd:bd:0f:f3:50:b7:10:c7:33:de:
8c:41:60:99:94:08:a4:dd:41:6c:26:c4:7d:54:8b:09:c5:9c:
66:40:00:d6:b6:ec:2f:33:63:f6:01:23:ae:e2:a2:b8:14:91:
e7:be:9e:7f:45:5a:3d:c0:58:2c:02:dc:72:14:07:e1:4c:0f:
95:57:d4:7f:95:da:fb:cb:53:ac:36:34:43:aa:a4:32:0c:0f:
ef:01:20:3a:ac:b0:0e:73:eb:49:2c:df:77:27:9e:95:d8:79:
2d:22:dc:50:51:2a:42:74:75:19:1a:4e:2c:ad:9c:c5:b1:0c:
da:bc:07:77:e5:be:a7:8e:76:11:01:e6:9d:f2:29:73:49:03:
19:1f:2b:d9:8f:dc:23:f4:a3:cb:44:37:83:72:1b:df:a5:4b:
56:3f:f6:80:fc:ae:c8:c5:c3:dd:0f:a5:f4:47:a5:ed:b7:8c:
6b:e6:fb:1b:1e:87:4a:32:e1:0b:0b:64:6f:4d:11:71:ba:b3:
6d:36:64:9e:0f:0b:a4:4b:4b:bc:0f:f7:56:14:be:72:20:ce:
6a:53:45:0a:13:56:64:9b:7d:c2:71:53:d9:86:1d:eb:52:90:
5b:ab:d6:7c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjaSO06Tr74EbEk2rWTxfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjUwMTAxMTk0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWYwMWIxM2VjN2IyNTY4YTQ1NThjMGYzZTU0MWVmZWY1NzAzMTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAYvKx9eDS6CGHj7eVvdXGjsYxKF
V/JmikUN1EA87M02o7jDD+6Nqkbtx66FLD+x+W8TTyo7hCaXOl0bcEiAcoU8q/76
CvmXqy4MVNJcI4DpX8YXDvAQRqBTjTGcnl69fRiZ4Wm3dH7hKglUH2Vk2dPoGB7z
FpA7nTsTas/wZpHwKXTkrzTBupinFAnkQylFgPi1QsaPvxNZGaIAX/z2DamWKtDL
UAAdbf9wZiVViGpPZfEWfIhyhlKMcbYVMutiF1Zdovt1H4TJEWs0nR94BpP2/8J2
w52nho2kMrIprlCR63XJnwg2Odi7klYo5E3TJGnBYZFnc91zHvUpQRYToQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBHwGxPseyVopFWMDz5UHv71cDEIMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvRWZBYkUteDdKV2lrVll3UFBsUWVfdlZ3TVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgDO5zAN
BgkqhkiG9w0BAQsFAAOCAQEAJyIE8HA3c/jWYgI6Rk2Eo8TWo+N0/xZ+f1+9vQ/z
ULcQxzPejEFgmZQIpN1BbCbEfVSLCcWcZkAA1rbsLzNj9gEjruKiuBSR576ef0Va
PcBYLALcchQH4UwPlVfUf5Xa+8tTrDY0Q6qkMgwP7wEgOqywDnPrSSzfdyeeldh5
LSLcUFEqQnR1GRpOLK2cxbEM2rwHd+W+p452EQHmnfIpc0kDGR8r2Y/cI/Sjy0Q3
g3Ib36VLVj/2gPyuyMXD3Q+l9Eel7beMa+b7Gx6HSjLhCwtkb00RcbqzbTZkng8L
pEtLvA/3VhS+ciDOalNFChNWZJt9wnFT2YYd61KQW6vWfA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:55:52 2025 by rpki-client