Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/T24HRLbgJbROlTALREch3AOYbaE.roa
File: T24HRLbgJbROlTALREch3AOYbaE.roa (raw, json)
Hash identifier: Wevs9VKSENwQtnqRkxhumLN/kRDIgG1A0UE3XstajKA=
Subject key identifier: 4F:6E:07:44:B6:E0:25:B4:4E:95:30:0B:44:47:21:DC:03:98:6D:A1
Certificate issuer: /CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Certificate serial: 019427B5C2D13B2F02004C9F6EFB6C2D83B8
Authority key identifier: CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/T24HRLbgJbROlTALREch3AOYbaE.roa
Signing time: Thu 02 Jan 2025 15:50:10 +0000
ROA not before: Thu 02 Jan 2025 15:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212748
IP address blocks: 2a0e:b2c4::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c2:d1:3b:2f:02:00:4c:9f:6e:fb:6c:2d:83:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce37ca3abca5e14ac11bc7f3c1562a64d6391d22
Validity
Not Before: Jan 2 15:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f6e0744b6e025b44e95300b444721dc03986da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8e:af:cd:55:f7:69:ea:e7:10:28:a2:2a:18:
68:22:60:37:4e:b0:d3:6f:04:90:03:9f:9f:75:62:
41:9e:ab:41:3a:78:e3:81:2d:4e:90:8c:e0:d5:b5:
be:9e:55:09:22:f1:8a:b6:30:a2:b1:83:8e:fe:a5:
fc:21:fd:ee:dd:69:fe:75:b0:e4:a3:45:1e:12:1e:
2d:f7:d8:dd:21:f2:d4:55:14:d2:54:25:8a:42:6b:
be:12:0c:58:07:72:d5:dc:91:fc:fe:07:a5:59:3b:
fc:8b:e7:6b:01:4d:28:a4:a5:bd:38:76:cf:98:67:
3b:d0:2d:06:c6:e8:44:23:d8:81:a2:bf:d3:22:cc:
32:88:d4:cc:de:8b:a1:19:72:57:bd:4a:22:a1:b4:
cf:9b:03:08:ff:3b:93:03:d3:5e:60:bf:df:b0:72:
58:4b:0f:ca:b0:18:56:40:38:2e:ac:8d:9b:ef:ab:
7d:4e:ed:00:77:a7:3e:13:3b:83:e3:e4:ae:38:f9:
4e:df:9e:65:a1:81:23:4f:05:45:19:90:dd:e2:50:
8d:65:f7:41:49:91:35:79:63:bd:3f:41:55:a6:3b:
03:b2:54:90:fe:be:56:06:34:62:65:7a:65:c4:7c:
7e:88:69:39:f3:6b:6d:26:5e:02:d8:cc:06:c4:ee:
03:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:6E:07:44:B6:E0:25:B4:4E:95:30:0B:44:47:21:DC:03:98:6D:A1
X509v3 Authority Key Identifier:
keyid:CE:37:CA:3A:BC:A5:E1:4A:C1:1B:C7:F3:C1:56:2A:64:D6:39:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zjfKOryl4UrBG8fzwVYqZNY5HSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/T24HRLbgJbROlTALREch3AOYbaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/be66bf-561c-4d55-826d-038035d80c0b/1/zjfKOryl4UrBG8fzwVYqZNY5HSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b2c4::/30
Signature Algorithm: sha256WithRSAEncryption
15:0e:05:54:5b:28:0c:fc:d8:06:7e:ef:a0:94:e5:45:71:0b:
ba:d5:ea:b5:20:45:f9:18:6e:8b:5b:84:4a:06:c2:97:e6:53:
61:e6:2e:91:8f:a2:53:5d:ea:d4:5c:9b:db:10:36:91:18:03:
86:d0:23:d5:ee:52:14:ab:48:52:5b:4e:6f:99:8c:87:e2:f8:
f1:12:cb:73:eb:a2:bb:a1:73:bf:78:87:fe:db:e2:aa:9f:67:
cd:c4:c7:f1:6a:2e:42:d6:a0:15:59:dd:2e:ec:af:1f:7e:7d:
27:ff:11:45:31:34:65:d0:7a:ff:5c:05:ec:7e:b9:82:13:91:
97:6c:f6:76:2a:e5:67:80:f2:97:82:2f:08:ef:73:6d:8e:1c:
48:ac:9d:b8:a6:4e:a7:a7:18:69:5e:5a:82:7e:47:c9:37:52:
50:fd:2b:b6:d0:58:68:73:b6:d9:46:33:44:10:e6:a5:52:a4:
8e:75:0a:bd:57:e6:99:eb:ec:fe:18:a5:f4:27:a4:39:4c:a6:
25:ca:c5:72:9e:a7:d8:48:da:44:09:38:4a:9f:92:fa:10:66:
3a:c8:cc:37:22:58:b3:59:8c:30:ae:d1:2b:f8:9b:ad:91:d6:
d1:57:99:ff:42:6a:86:d2:e8:ec:50:07:31:7d:4f:fc:32:b3:
9e:7f:b0:86
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntcLROy8CAEyfbvtsLYO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMzdjYTNhYmNhNWUxNGFjMTFiYzdmM2MxNTYyYTY0ZDYz
OTFkMjIwHhcNMjUwMTAyMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjZlMDc0NGI2ZTAyNWI0NGU5NTMwMGI0NDQ3MjFkYzAzOTg2ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso6vzVX3aernECiiKhhoImA3TrDT
bwSQA5+fdWJBnqtBOnjjgS1OkIzg1bW+nlUJIvGKtjCisYOO/qX8If3u3Wn+dbDk
o0UeEh4t99jdIfLUVRTSVCWKQmu+EgxYB3LV3JH8/gelWTv8i+drAU0opKW9OHbP
mGc70C0GxuhEI9iBor/TIswyiNTM3ouhGXJXvUoiobTPmwMI/zuTA9NeYL/fsHJY
Sw/KsBhWQDgurI2b76t9Tu0Ad6c+EzuD4+SuOPlO355loYEjTwVFGZDd4lCNZfdB
SZE1eWO9P0FVpjsDslSQ/r5WBjRiZXplxHx+iGk582ttJl4C2MwGxO4DKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE9uB0S24CW0TpUwC0RHIdwDmG2hMB8GA1UdIwQY
MBaAFM43yjq8peFKwRvH88FWKmTWOR0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvempmS09yeWw0VXJCRzhmendWWXFaTlk1SFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZTY2YmYtNTYxYy00ZDU1LTgyNmQt
MDM4MDM1ZDgwYzBiLzEvVDI0SFJMYmdKYlJPbFRBTFJFY2gzQU9ZYmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZTY2YmYtNTYxYy00ZDU1LTgyNmQtMDM4MDM1ZDgwYzBi
LzEvempmS09yeWw0VXJCRzhmendWWXFaTlk1SFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKg6yxDAN
BgkqhkiG9w0BAQsFAAOCAQEAFQ4FVFsoDPzYBn7voJTlRXELutXqtSBF+Rhui1uE
SgbCl+ZTYeYukY+iU13q1Fyb2xA2kRgDhtAj1e5SFKtIUltOb5mMh+L48RLLc+ui
u6Fzv3iH/tviqp9nzcTH8WouQtagFVndLuyvH359J/8RRTE0ZdB6/1wF7H65ghOR
l2z2dirlZ4Dyl4IvCO9zbY4cSKyduKZOp6cYaV5agn5HyTdSUP0rttBYaHO22UYz
RBDmpVKkjnUKvVfmmevs/hil9CekOUymJcrFcp6n2EjaRAk4Sp+S+hBmOsjMNyJY
s1mMMK7RK/ibrZHW0VeZ/0JqhtLo7FAHMX1P/DKznn+whg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:31:15 2025 by rpki-client