Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/ct0UdU9tbjVu5vnRCDtuTGBSo4c.roa
File: ct0UdU9tbjVu5vnRCDtuTGBSo4c.roa (raw, json)
Hash identifier: 2wetSh/WjuBgx0H+sbj7Aow3E9vqoUt+MG+BDwetShE=
Subject key identifier: 72:DD:14:75:4F:6D:6E:35:6E:E6:F9:D1:08:3B:6E:4C:60:52:A3:87
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 019421B2522194F7DFB91F648787A408F278
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/ct0UdU9tbjVu5vnRCDtuTGBSo4c.roa
Signing time: Wed 01 Jan 2025 11:48:42 +0000
ROA not before: Wed 01 Jan 2025 11:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61230
IP address blocks: 2a0e:1107:10::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:52:21:94:f7:df:b9:1f:64:87:87:a4:08:f2:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 11:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72dd14754f6d6e356ee6f9d1083b6e4c6052a387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4b:2f:d8:f1:c5:86:6c:b9:74:3e:37:89:7a:
e6:a0:da:ea:45:e7:55:50:e8:7e:b4:23:f2:81:06:
fa:11:4b:e2:3b:51:0f:06:21:8c:e7:13:5c:d6:38:
7e:48:9c:dc:c7:03:ad:df:a4:fd:88:f1:26:9b:70:
45:ad:e8:a3:2d:b5:bc:55:40:5e:3a:37:2b:bd:5b:
a1:19:89:6e:c8:71:fc:9d:a7:86:0f:df:a1:9c:c7:
38:f2:69:83:fd:3e:80:1f:76:3d:b3:ed:70:34:94:
5f:44:e5:94:69:f6:31:a4:d0:94:ba:77:bb:e2:d7:
22:8c:3b:a0:de:53:6b:fb:e0:99:93:c8:ed:a9:51:
4a:52:b3:e2:4a:72:30:e7:00:53:1a:12:d0:f5:e0:
ab:18:dd:f0:13:59:ab:ae:54:fd:3b:87:ac:dd:77:
01:c4:7f:a4:bc:9e:c0:26:aa:87:22:ba:ac:40:39:
33:98:24:8a:88:1e:78:8f:f1:7d:8b:ca:ab:7d:2b:
b6:94:86:a3:08:76:77:a6:30:67:d3:c3:8e:b7:f5:
fc:54:86:e8:38:fa:b4:e9:93:c8:0a:38:41:1f:39:
01:26:f5:08:03:2b:c3:d4:05:45:ae:40:a2:7d:3d:
52:fe:02:af:96:39:93:09:d1:f8:7e:7f:73:2b:42:
46:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DD:14:75:4F:6D:6E:35:6E:E6:F9:D1:08:3B:6E:4C:60:52:A3:87
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/ct0UdU9tbjVu5vnRCDtuTGBSo4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1107:10::/44
Signature Algorithm: sha256WithRSAEncryption
a7:ce:18:87:d6:fb:c3:56:3b:3b:91:b0:ba:6d:f1:6e:f3:0f:
9c:12:7e:44:f5:cb:14:39:4d:df:39:0d:03:0b:e0:9a:35:e7:
8f:42:f7:e4:97:3b:f0:c2:d3:22:1d:0e:04:5b:96:9f:7c:bb:
e6:e3:ba:7e:1d:3f:fe:e0:a3:b7:1e:05:20:a0:16:a3:6c:6b:
86:7c:66:2b:80:16:a6:19:49:94:1d:9a:1b:d9:d2:0d:2b:a6:
59:1b:be:44:40:57:68:71:2b:71:39:3d:aa:6f:2f:31:27:02:
52:b9:51:d7:4b:82:70:ea:ab:35:fa:a6:28:5b:8a:cf:0e:8d:
de:b4:41:2a:61:09:94:82:f5:a0:02:2a:10:bc:26:fa:f3:93:
e8:57:32:28:19:bd:c6:d0:9b:04:95:6a:8b:7d:8b:61:05:91:
b0:64:45:98:a7:48:77:a8:b7:6e:d0:4d:8b:82:80:36:a3:80:
5e:ef:7c:9e:a5:1a:01:52:64:e8:73:a4:94:0c:ce:c9:5f:58:
2f:65:6f:a3:a1:08:db:92:08:1d:3a:19:6a:c8:02:09:5b:86:
db:9d:32:a6:dd:d8:de:7f:c0:55:81:79:82:7b:1a:f2:40:38:
bd:88:9b:e1:07:cf:4a:1f:aa:38:78:a8:22:32:62:ac:24:43:
b2:3e:3b:78
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhslIhlPffuR9kh4ekCPJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2E1MDg1OGExODU2ZmZhMDJlOTEzNTZmMTQyMzZlN2Mz
OGI4NWEwHhcNMjUwMTAxMTE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmRkMTQ3NTRmNmQ2ZTM1NmVlNmY5ZDEwODNiNmU0YzYwNTJhMzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEsv2PHFhmy5dD43iXrmoNrqRedV
UOh+tCPygQb6EUviO1EPBiGM5xNc1jh+SJzcxwOt36T9iPEmm3BFreijLbW8VUBe
OjcrvVuhGYluyHH8naeGD9+hnMc48mmD/T6AH3Y9s+1wNJRfROWUafYxpNCUune7
4tcijDug3lNr++CZk8jtqVFKUrPiSnIw5wBTGhLQ9eCrGN3wE1mrrlT9O4es3XcB
xH+kvJ7AJqqHIrqsQDkzmCSKiB54j/F9i8qrfSu2lIajCHZ3pjBn08OOt/X8VIbo
OPq06ZPICjhBHzkBJvUIAyvD1AVFrkCifT1S/gKvljmTCdH4fn9zK0JGOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHLdFHVPbW41bub50Qg7bkxgUqOHMB8GA1UdIwQY
MBaAFDrKUIWKGFb/oC6RNW8UI258OLhaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEt
MzMxZDdmYzc3YmQ0LzEvY3QwVWRVOXRialZ1NXZuUkNEdHVUR0JTbzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xMmI5MzctODkwZC00N2I1LWEwNDEtMzMxZDdmYzc3YmQ0
LzEvT3NwUWhZb1lWdi1nTHBFMWJ4UWpibnc0dUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg4RBwAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCnzhiH1vvDVjs7kbC6bfFu8w+cEn5E9csUOU3f
OQ0DC+CaNeePQvfklzvwwtMiHQ4EW5affLvm47p+HT/+4KO3HgUgoBajbGuGfGYr
gBamGUmUHZob2dINK6ZZG75EQFdocStxOT2qby8xJwJSuVHXS4Jw6qs1+qYoW4rP
Do3etEEqYQmUgvWgAioQvCb685PoVzIoGb3G0JsElWqLfYthBZGwZEWYp0h3qLdu
0E2LgoA2o4Be73yepRoBUmToc6SUDM7JX1gvZW+joQjbkggdOhlqyAIJW4bbnTKm
3djef8BVgXmCexryQDi9iJvhB89KH6o4eKgiMmKsJEOyPjt4
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:56:46 2025 by rpki-client