Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/sxzxRsYpVJ4N1lToM8Cy5xPqMsU.roa
File: sxzxRsYpVJ4N1lToM8Cy5xPqMsU.roa (raw, json)
Hash identifier: g5PD0lSPsiV5TiY4CJ8jfV/ckG/Bc1/ChU4XFCIeK1A=
Subject key identifier: B3:1C:F1:46:C6:29:54:9E:0D:D6:54:E8:33:C0:B2:E7:13:EA:32:C5
Certificate issuer: /CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Certificate serial: 0194221FF4A7B061773079999B8569981EE2
Authority key identifier: 4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/sxzxRsYpVJ4N1lToM8Cy5xPqMsU.roa
Signing time: Wed 01 Jan 2025 13:48:26 +0000
ROA not before: Wed 01 Jan 2025 13:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204084
IP address blocks: 2a13:3300::/32 maxlen: 32
2a13:3301::/32 maxlen: 32
2a13:3302::/32 maxlen: 32
2a13:3303::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:f4:a7:b0:61:77:30:79:99:9b:85:69:98:1e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4be1bbbe540079d2b7f270b92ceaf3b2a816e8fa
Validity
Not Before: Jan 1 13:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b31cf146c629549e0dd654e833c0b2e713ea32c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:5c:fc:66:94:f3:a3:b8:4d:31:81:09:1e:
43:45:1d:80:00:de:83:5e:df:7f:16:a3:43:0e:96:
ba:dc:13:67:96:b9:78:50:d7:be:43:d0:be:a2:47:
1a:bf:a3:5f:07:65:e8:1a:72:ca:1a:f6:76:ab:d8:
59:40:da:18:38:3f:90:a6:45:34:94:68:f0:cd:3c:
37:ef:ae:f5:76:be:0d:83:0c:33:08:88:6a:cc:4b:
ed:51:27:7e:08:b7:a6:c0:85:45:e6:e3:db:56:28:
ab:a7:73:89:33:1a:65:af:97:16:93:67:cd:80:ae:
7b:93:9b:f9:62:e9:ef:f0:c3:30:4e:e0:49:f7:b9:
d2:65:6b:e7:28:c7:6d:e4:10:c5:92:fe:88:f4:19:
5a:bc:7c:c4:ca:c0:99:c3:03:19:f4:e1:92:be:23:
a7:38:a7:39:c3:ed:7a:5d:c1:df:e8:30:f3:60:0d:
d1:95:63:62:d8:43:86:23:1b:27:4c:2f:b4:ff:4e:
89:b3:f7:40:83:fd:c1:ab:ba:6a:90:97:ff:4a:27:
cb:0f:8f:07:2e:87:11:97:b9:4c:bb:7c:6d:f8:e1:
a0:69:05:15:a4:65:05:87:87:4b:47:fd:ad:5a:21:
99:bc:0b:f9:ee:0c:0c:ae:d5:dd:7e:b6:30:e9:7e:
62:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1C:F1:46:C6:29:54:9E:0D:D6:54:E8:33:C0:B2:E7:13:EA:32:C5
X509v3 Authority Key Identifier:
keyid:4B:E1:BB:BE:54:00:79:D2:B7:F2:70:B9:2C:EA:F3:B2:A8:16:E8:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S-G7vlQAedK38nC5LOrzsqgW6Po.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/sxzxRsYpVJ4N1lToM8Cy5xPqMsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/7c7bf6-2bdf-4c7d-9aec-1ef1cee661ca/1/S-G7vlQAedK38nC5LOrzsqgW6Po.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3300::/30
Signature Algorithm: sha256WithRSAEncryption
62:f8:86:55:b6:45:92:a0:1f:4a:83:4d:d2:b9:b1:08:d4:38:
d5:c7:7e:1a:22:3c:1d:91:c6:ea:a1:f7:69:8d:03:0a:c0:19:
42:e8:2c:9e:81:15:88:7c:44:74:bb:3d:cc:59:6c:23:a7:29:
22:6a:23:4b:bc:eb:ae:16:18:7f:3b:ce:95:dc:23:9b:c8:fc:
49:0d:17:7c:69:15:83:98:c6:19:e3:0e:b2:54:c6:eb:2e:d5:
2c:92:71:43:0b:2a:47:cd:de:8b:0b:d8:62:f1:28:60:ba:a8:
1a:da:ce:c9:05:b5:8a:c2:94:e8:73:51:5e:9c:69:36:db:91:
bd:50:b4:c1:88:7e:81:ef:61:ef:90:58:5d:fc:d4:1f:99:16:
44:92:c7:2f:f8:98:41:25:34:79:02:84:76:77:20:0b:cf:70:
02:02:8d:45:09:73:12:59:3c:72:43:cc:9d:fa:9e:db:29:5a:
d9:33:78:25:f2:e4:23:e7:47:10:ac:fd:85:f6:03:fd:3f:19:
85:ef:8b:9a:0c:38:f2:d4:52:d3:ee:c7:7c:f6:f8:b9:5a:f6:
6b:5c:26:72:a7:50:c4:23:5e:44:cb:f9:f5:d4:35:bb:44:84:
eb:88:ee:3b:95:e3:1d:64:ee:ac:b9:5d:f8:46:e1:e4:ec:5b:
af:2a:02:5a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH/SnsGF3MHmZm4VpmB7iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZTFiYmJlNTQwMDc5ZDJiN2YyNzBiOTJjZWFmM2IyYTgx
NmU4ZmEwHhcNMjUwMTAxMTM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFjZjE0NmM2Mjk1NDllMGRkNjU0ZTgzM2MwYjJlNzEzZWEzMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Jc/GaU86O4TTGBCR5DRR2AAN6D
Xt9/FqNDDpa63BNnlrl4UNe+Q9C+okcav6NfB2XoGnLKGvZ2q9hZQNoYOD+QpkU0
lGjwzTw37671dr4NgwwzCIhqzEvtUSd+CLemwIVF5uPbViirp3OJMxplr5cWk2fN
gK57k5v5Yunv8MMwTuBJ97nSZWvnKMdt5BDFkv6I9BlavHzEysCZwwMZ9OGSviOn
OKc5w+16XcHf6DDzYA3RlWNi2EOGIxsnTC+0/06Js/dAg/3Bq7pqkJf/SifLD48H
LocRl7lMu3xt+OGgaQUVpGUFh4dLR/2tWiGZvAv57gwMrtXdfrYw6X5iHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLMc8UbGKVSeDdZU6DPAsucT6jLFMB8GA1UdIwQY
MBaAFEvhu75UAHnSt/JwuSzq87KoFuj6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMt
MWVmMWNlZTY2MWNhLzEvc3h6eFJzWXBWSjROMWxUb004Q3k1eFBxTXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My83YzdiZjYtMmJkZi00YzdkLTlhZWMtMWVmMWNlZTY2MWNh
LzEvUy1HN3ZsUUFlZEszOG5DNUxPcnpzcWdXNlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhMzADAN
BgkqhkiG9w0BAQsFAAOCAQEAYviGVbZFkqAfSoNN0rmxCNQ41cd+GiI8HZHG6qH3
aY0DCsAZQugsnoEViHxEdLs9zFlsI6cpImojS7zrrhYYfzvOldwjm8j8SQ0XfGkV
g5jGGeMOslTG6y7VLJJxQwsqR83eiwvYYvEoYLqoGtrOyQW1isKU6HNRXpxpNtuR
vVC0wYh+ge9h75BYXfzUH5kWRJLHL/iYQSU0eQKEdncgC89wAgKNRQlzElk8ckPM
nfqe2yla2TN4JfLkI+dHEKz9hfYD/T8Zhe+Lmgw48tRS0+7HfPb4uVr2a1wmcqdQ
xCNeRMv59dQ1u0SE64juO5XjHWTurLld+Ebh5OxbryoCWg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:06:03 2025 by rpki-client