Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/tsimjRApcLdxNhZEKgAs63IqA5I.roa
File: tsimjRApcLdxNhZEKgAs63IqA5I.roa (raw, json)
Hash identifier: HrZUtgrX3ioBRBNFpZduF4ySYEUBH1QJ3tZ4kshDhvk=
Subject key identifier: B6:C8:A6:8D:10:29:70:B7:71:36:16:44:2A:00:2C:EB:72:2A:03:92
Certificate issuer: /CN=3b95aebaca73316dc4680c808b793e6a09565f1b
Certificate serial: 019422FB31F0113AD02930556D2C26AE6682
Authority key identifier: 3B:95:AE:BA:CA:73:31:6D:C4:68:0C:80:8B:79:3E:6A:09:56:5F:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5WuuspzMW3EaAyAi3k-aglWXxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/tsimjRApcLdxNhZEKgAs63IqA5I.roa
Signing time: Wed 01 Jan 2025 17:47:55 +0000
ROA not before: Wed 01 Jan 2025 17:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204662
IP address blocks: 2a07:8d40:1::/48 maxlen: 48
2a07:8d40:1001::/48 maxlen: 48
2a07:8d40:2001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:31:f0:11:3a:d0:29:30:55:6d:2c:26:ae:66:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b95aebaca73316dc4680c808b793e6a09565f1b
Validity
Not Before: Jan 1 17:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6c8a68d102970b7713616442a002ceb722a0392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c5:9a:5d:bc:26:66:d5:70:41:a2:6c:b2:4d:
02:86:fc:0a:61:11:37:e1:61:31:c9:29:a8:75:43:
fd:5e:87:2b:09:66:98:e2:40:6b:f3:bb:ce:e1:fc:
ee:94:38:19:81:73:5e:25:d6:a8:d2:bd:49:45:2e:
5c:06:d2:6c:4d:45:2b:2f:40:a1:05:99:39:4d:54:
2f:ed:35:c3:16:91:8f:fe:03:5c:44:99:95:17:6d:
af:2c:5c:01:2e:1a:fb:ec:06:9e:97:2f:20:3c:a9:
c4:e9:b2:1d:af:b6:c6:d7:95:5d:88:89:55:08:1a:
8e:29:92:fe:ea:0a:be:08:f2:59:b1:f5:4c:cd:1e:
38:72:47:31:a2:ae:fd:34:34:fc:d9:76:14:98:dd:
2d:79:d8:82:73:d1:66:e4:cc:ab:68:72:59:a0:a6:
2e:9f:6a:b2:6e:bd:17:45:71:72:eb:1d:5a:d7:99:
67:a7:72:ec:f5:2e:14:32:c1:43:9c:a5:1c:0c:42:
92:d5:68:ef:1f:eb:d9:bd:15:ae:31:b9:16:40:a0:
6a:f5:0d:7a:d8:d2:e4:87:52:af:96:63:64:1b:ee:
4d:ef:b4:53:0c:96:74:33:5c:83:79:6c:87:82:49:
2c:b2:e1:67:d8:0b:1a:c0:80:76:88:6a:c7:39:44:
0e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C8:A6:8D:10:29:70:B7:71:36:16:44:2A:00:2C:EB:72:2A:03:92
X509v3 Authority Key Identifier:
keyid:3B:95:AE:BA:CA:73:31:6D:C4:68:0C:80:8B:79:3E:6A:09:56:5F:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5WuuspzMW3EaAyAi3k-aglWXxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/tsimjRApcLdxNhZEKgAs63IqA5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/O5WuuspzMW3EaAyAi3k-aglWXxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:8d40:1::/48
2a07:8d40:1001::/48
2a07:8d40:2001::/48
Signature Algorithm: sha256WithRSAEncryption
35:f1:28:0b:01:7a:7b:58:b4:7d:63:93:25:fd:fc:e1:bd:7e:
a0:73:ee:7c:d6:c2:4e:cd:50:2b:f8:9e:b2:9f:4d:95:8a:98:
f6:5a:45:bd:db:d7:99:6a:9d:90:b6:00:4e:bc:0b:51:d3:0d:
7a:38:62:17:a9:e7:7a:74:5e:ac:97:cc:50:61:5d:ff:34:99:
f4:8e:97:22:67:5b:ee:c6:46:4b:62:6b:b1:f1:2e:ce:7d:f2:
7a:85:c3:36:37:e4:9d:35:91:40:14:86:6e:7c:70:f6:05:a1:
ab:dd:2a:70:15:60:55:52:67:3e:2b:7d:12:6d:39:40:97:44:
23:e7:89:cb:9d:43:81:a6:e2:c9:d9:a2:49:b1:72:67:18:6a:
4a:09:96:88:aa:e1:89:ab:91:4b:b6:f0:61:1d:ff:f0:bb:ca:
45:a8:a0:fb:92:28:2c:85:cd:13:67:f5:36:c6:8a:0e:7c:bf:
06:24:fe:42:1f:c6:6a:63:58:83:46:9a:77:d8:29:c7:10:a2:
b5:4a:6e:46:7b:e0:29:99:c3:c9:91:c7:24:ed:46:93:de:7a:
8e:b2:52:a2:05:61:e8:c5:bf:96:52:c4:32:76:aa:b5:65:56:
f5:70:8c:5b:72:a4:d1:44:ef:79:5b:4a:a7:af:92:99:08:e8:
a2:5f:c5:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi+zHwETrQKTBVbSwmrmaCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTVhZWJhY2E3MzMxNmRjNDY4MGM4MDhiNzkzZTZhMDk1
NjVmMWIwHhcNMjUwMTAxMTc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM4YTY4ZDEwMjk3MGI3NzEzNjE2NDQyYTAwMmNlYjcyMmEwMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcWaXbwmZtVwQaJssk0ChvwKYRE3
4WExySmodUP9XocrCWaY4kBr87vO4fzulDgZgXNeJdao0r1JRS5cBtJsTUUrL0Ch
BZk5TVQv7TXDFpGP/gNcRJmVF22vLFwBLhr77Aaely8gPKnE6bIdr7bG15VdiIlV
CBqOKZL+6gq+CPJZsfVMzR44ckcxoq79NDT82XYUmN0tediCc9Fm5MyraHJZoKYu
n2qybr0XRXFy6x1a15lnp3Ls9S4UMsFDnKUcDEKS1WjvH+vZvRWuMbkWQKBq9Q16
2NLkh1KvlmNkG+5N77RTDJZ0M1yDeWyHgkkssuFn2AsawIB2iGrHOUQObwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLbIpo0QKXC3cTYWRCoALOtyKgOSMB8GA1UdIwQY
MBaAFDuVrrrKczFtxGgMgIt5PmoJVl8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVXdXVzcHpNVzNFYUF5QWkzay1hZ2xXWHhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9hYjNmMzYtNzg1MC00MjY2LWI2N2Et
MDIzY2MxZmMxOTEwLzEvdHNpbWpSQXBjTGR4TmhaRUtnQXM2M0lxQTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9hYjNmMzYtNzg1MC00MjY2LWI2N2EtMDIzY2MxZmMxOTEw
LzEvTzVXdXVzcHpNVzNFYUF5QWkzay1hZ2xXWHhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgeNQAAB
AwcAKgeNQBABAwcAKgeNQCABMA0GCSqGSIb3DQEBCwUAA4IBAQA18SgLAXp7WLR9
Y5Ml/fzhvX6gc+581sJOzVAr+J6yn02Vipj2WkW929eZap2QtgBOvAtR0w16OGIX
qed6dF6sl8xQYV3/NJn0jpciZ1vuxkZLYmux8S7OffJ6hcM2N+SdNZFAFIZufHD2
BaGr3SpwFWBVUmc+K30SbTlAl0Qj54nLnUOBpuLJ2aJJsXJnGGpKCZaIquGJq5FL
tvBhHf/wu8pFqKD7kigshc0TZ/U2xooOfL8GJP5CH8ZqY1iDRpp32CnHEKK1Sm5G
e+ApmcPJkcck7UaT3nqOslKiBWHoxb+WUsQydqq1ZVb1cIxbcqTRRO95W0qnr5KZ
COiiX8W3
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:02:49 2025 by rpki-client