Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/cec119-4c99-4158-99f1-659c671911f1/1/O1UMqFY4UYla6Wia0-cx5UTbNYo.roa
File: O1UMqFY4UYla6Wia0-cx5UTbNYo.roa (raw, json)
Hash identifier: yk9XmbWdQVbHd1Fk+ePRsax442yqoQX1eANsND8ceoU=
Subject key identifier: 3B:55:0C:A8:56:38:51:89:5A:E9:68:9A:D3:E7:31:E5:44:DB:35:8A
Certificate issuer: /CN=40cd5a5038d5e12fe1c9d9f5c8664074c3dd0ac7
Certificate serial: 019425FDE909F9C67F68ADF64AECE38A5DA2
Authority key identifier: 40:CD:5A:50:38:D5:E1:2F:E1:C9:D9:F5:C8:66:40:74:C3:DD:0A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QM1aUDjV4S_hydn1yGZAdMPdCsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/cec119-4c99-4158-99f1-659c671911f1/1/O1UMqFY4UYla6Wia0-cx5UTbNYo.roa
Signing time: Thu 02 Jan 2025 07:49:44 +0000
ROA not before: Thu 02 Jan 2025 07:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14114
IP address blocks: 2001:678:f88::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e9:09:f9:c6:7f:68:ad:f6:4a:ec:e3:8a:5d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40cd5a5038d5e12fe1c9d9f5c8664074c3dd0ac7
Validity
Not Before: Jan 2 07:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b550ca8563851895ae9689ad3e731e544db358a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:21:59:67:9b:7d:ee:b4:43:d4:c7:42:cb:
be:e2:00:4d:84:ff:22:a4:2c:b8:48:e9:4a:40:2e:
83:21:e5:b1:ae:f0:07:15:cf:81:76:c8:ed:cf:bd:
54:be:eb:2b:83:4e:e1:38:52:74:f1:a6:d5:71:91:
54:19:fa:7c:b0:b9:f2:83:67:51:15:7f:5d:50:8b:
5a:51:d0:f9:8c:ab:60:f4:c1:39:92:c7:6a:96:e2:
72:4b:70:ef:e6:09:aa:3b:f5:03:ba:ee:60:62:b2:
9f:2f:86:f4:b0:40:6c:04:a3:85:ed:bd:dd:1c:35:
01:9e:c1:be:5f:73:03:8d:90:22:e1:33:7f:3a:26:
a3:4a:bf:b3:2f:88:3a:6b:67:aa:4d:10:97:44:2c:
ba:c7:dd:46:32:09:65:0a:3b:55:f4:ec:1e:bd:3c:
8e:8e:09:61:e3:d2:4c:73:17:8b:55:7b:5e:d4:bf:
88:41:c1:59:db:a3:53:2d:14:9d:a7:01:44:46:cb:
e3:40:00:57:9d:56:9e:03:e9:78:e7:fb:47:d2:2c:
8d:51:67:fb:2c:e2:37:34:37:56:7e:42:bc:f8:4f:
79:50:28:a0:d4:70:84:bc:d2:d4:67:da:a0:3f:4d:
51:f0:2d:82:ce:df:81:48:0f:5d:58:15:1d:dd:62:
f4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:55:0C:A8:56:38:51:89:5A:E9:68:9A:D3:E7:31:E5:44:DB:35:8A
X509v3 Authority Key Identifier:
keyid:40:CD:5A:50:38:D5:E1:2F:E1:C9:D9:F5:C8:66:40:74:C3:DD:0A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM1aUDjV4S_hydn1yGZAdMPdCsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/cec119-4c99-4158-99f1-659c671911f1/1/O1UMqFY4UYla6Wia0-cx5UTbNYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/cec119-4c99-4158-99f1-659c671911f1/1/QM1aUDjV4S_hydn1yGZAdMPdCsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f88::/48
Signature Algorithm: sha256WithRSAEncryption
c3:94:93:73:10:49:44:e1:25:38:df:27:94:dc:a3:2c:8b:b8:
2a:a2:bd:69:0e:f0:27:41:14:00:d2:da:9f:7d:13:68:5c:dc:
a0:c6:f8:eb:be:c4:2d:84:a0:40:20:50:d1:2d:ea:ac:07:31:
80:cc:27:d7:87:7f:10:d5:98:b8:dc:cc:08:e8:3e:af:f4:f2:
93:a1:28:ab:f9:4d:f7:9e:4d:9c:75:27:42:df:1f:da:dd:a8:
17:4d:e5:95:56:80:06:ef:93:b4:81:7d:19:11:12:38:91:f5:
26:8e:67:3b:d5:dc:74:56:72:13:c2:be:1e:8d:3f:7a:1e:e3:
a3:e2:12:4f:e5:69:d9:01:01:c6:2c:eb:62:b5:b3:23:c3:78:
dc:e6:af:5d:54:5d:f4:64:75:e0:72:01:8e:9e:60:10:19:0d:
cc:7f:6f:9f:35:9b:ac:92:71:74:0b:80:4f:f0:2e:da:af:8c:
8e:a5:2f:7d:a3:69:8c:1f:30:bf:9f:f0:79:55:94:f9:a1:e4:
d2:eb:65:6f:0e:89:40:9a:2b:b6:4d:13:8f:37:1d:64:9d:dd:
6a:a8:b1:a5:a3:9a:83:22:57:77:f4:a8:1b:d5:bd:50:58:2f:
91:d5:74:cc:8b:54:60:d3:f2:52:38:f9:13:68:47:1f:bb:72:
4e:77:e4:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/ekJ+cZ/aK32Suzjil2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwY2Q1YTUwMzhkNWUxMmZlMWM5ZDlmNWM4NjY0MDc0YzNk
ZDBhYzcwHhcNMjUwMTAyMDc0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU1MGNhODU2Mzg1MTg5NWFlOTY4OWFkM2U3MzFlNTQ0ZGIzNThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/whWWebfe60Q9THQsu+4gBNhP8i
pCy4SOlKQC6DIeWxrvAHFc+Bdsjtz71Uvusrg07hOFJ08abVcZFUGfp8sLnyg2dR
FX9dUItaUdD5jKtg9ME5ksdqluJyS3Dv5gmqO/UDuu5gYrKfL4b0sEBsBKOF7b3d
HDUBnsG+X3MDjZAi4TN/OiajSr+zL4g6a2eqTRCXRCy6x91GMgllCjtV9OwevTyO
jglh49JMcxeLVXte1L+IQcFZ26NTLRSdpwFERsvjQABXnVaeA+l45/tH0iyNUWf7
LOI3NDdWfkK8+E95UCig1HCEvNLUZ9qgP01R8C2Czt+BSA9dWBUd3WL0WwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDtVDKhWOFGJWulomtPnMeVE2zWKMB8GA1UdIwQY
MBaAFEDNWlA41eEv4cnZ9chmQHTD3QrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU0xYVVEalY0U19oeWRuMXlHWkFkTVBkQ3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9jZWMxMTktNGM5OS00MTU4LTk5ZjEt
NjU5YzY3MTkxMWYxLzEvTzFVTXFGWTRVWWxhNldpYTAtY3g1VVRiTllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9jZWMxMTktNGM5OS00MTU4LTk5ZjEtNjU5YzY3MTkxMWYx
LzEvUU0xYVVEalY0U19oeWRuMXlHWkFkTVBkQ3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA+I
MA0GCSqGSIb3DQEBCwUAA4IBAQDDlJNzEElE4SU43yeU3KMsi7gqor1pDvAnQRQA
0tqffRNoXNygxvjrvsQthKBAIFDRLeqsBzGAzCfXh38Q1Zi43MwI6D6v9PKToSir
+U33nk2cdSdC3x/a3agXTeWVVoAG75O0gX0ZERI4kfUmjmc71dx0VnITwr4ejT96
HuOj4hJP5WnZAQHGLOtitbMjw3jc5q9dVF30ZHXgcgGOnmAQGQ3Mf2+fNZusknF0
C4BP8C7ar4yOpS99o2mMHzC/n/B5VZT5oeTS62VvDolAmiu2TROPNx1knd1qqLGl
o5qDIld39Kgb1b1QWC+R1XTMi1Rg0/JSOPkTaEcfu3JOd+Ts
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:42:11 2025 by rpki-client