Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/aTUWINMGKAxXyPjULlDsCzxwjNA.roa
File: aTUWINMGKAxXyPjULlDsCzxwjNA.roa (raw, json)
Hash identifier: RaczMm3Wo4rB6JIQE6qKdkcTiCDtnDTo1726sQtpVeY=
Subject key identifier: 69:35:16:20:D3:06:28:0C:57:C8:F8:D4:2E:50:EC:0B:3C:70:8C:D0
Certificate issuer: /CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
Certificate serial: 0194258F5F6336DF5E31298794A0F5863E25
Authority key identifier: 42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/aTUWINMGKAxXyPjULlDsCzxwjNA.roa
Signing time: Thu 02 Jan 2025 05:49:00 +0000
ROA not before: Thu 02 Jan 2025 05:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5400
IP address blocks: 2a00:2000::/23 maxlen: 23
2a00:2200::/25 maxlen: 25
2a00:2280::/25 maxlen: 25
2a00:2300::/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:5f:63:36:df:5e:31:29:87:94:a0:f5:86:3e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f1a24c80fdca329644573ae6d61c9f2e374ed8
Validity
Not Before: Jan 2 05:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69351620d306280c57c8f8d42e50ec0b3c708cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e8:be:91:d4:e0:a5:72:73:33:05:40:f3:6c:
64:76:f0:dc:b4:ce:8d:69:bd:5d:60:fb:a8:a8:c2:
8f:16:ac:50:ca:4f:21:42:65:a1:06:b9:21:93:8b:
1d:7a:07:7e:f4:d2:d9:c8:c1:7e:13:02:5f:25:19:
9a:7a:74:72:90:37:9b:4f:18:aa:eb:1d:d0:bc:f9:
2c:ba:f4:da:a0:3e:ee:ee:cc:0c:9e:63:0b:9f:ab:
ec:93:77:cf:d9:47:df:ce:5a:cd:e5:77:db:39:46:
d9:72:76:d6:9c:41:52:a9:02:6d:7a:18:84:5e:78:
c8:31:c6:f7:e6:c5:1d:65:4a:bc:20:ff:e2:13:9a:
4e:47:62:ce:72:c5:37:3f:4c:3e:8a:94:52:4b:93:
96:f0:5a:f4:00:53:a9:f0:75:aa:76:b1:85:b5:8a:
b6:91:86:e7:5c:a0:3e:80:42:be:ab:03:ae:34:fc:
3d:87:01:00:48:bf:1b:c4:9e:42:ad:83:d6:2d:86:
38:ae:8c:15:d6:99:c2:01:8d:dd:80:da:bf:8f:c9:
a8:cc:67:39:94:3f:ca:89:33:bc:97:38:aa:5b:87:
e6:4c:c4:86:68:88:30:b5:1c:86:01:b7:f7:8a:3d:
92:aa:97:5f:4c:3f:00:b0:ed:4b:a8:4d:a4:93:9e:
63:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:35:16:20:D3:06:28:0C:57:C8:F8:D4:2E:50:EC:0B:3C:70:8C:D0
X509v3 Authority Key Identifier:
keyid:42:F1:A2:4C:80:FD:CA:32:96:44:57:3A:E6:D6:1C:9F:2E:37:4E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvGiTID9yjKWRFc65tYcny43Ttg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/aTUWINMGKAxXyPjULlDsCzxwjNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/fed92a-2120-4326-a0c9-7168ae0b8278/1/QvGiTID9yjKWRFc65tYcny43Ttg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:2000::-2a00:237f:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
e7:d1:de:ca:11:67:77:dd:9f:6c:02:99:44:aa:c7:f4:a0:75:
fe:cb:03:9b:f4:72:ce:ab:66:65:20:09:ec:11:6a:11:2a:89:
54:82:83:47:05:1e:2d:2d:f9:df:00:49:db:e4:1e:1d:39:80:
9b:41:83:d4:4f:d3:17:ba:9d:8b:0b:f2:ba:bd:4c:f2:8e:6e:
12:76:1e:79:3b:14:6b:d5:cc:a2:ad:5e:61:ab:a9:4e:ea:b4:
d6:a0:25:57:88:7f:22:39:da:80:54:61:48:1a:e1:14:84:84:
8c:3f:0f:11:5c:7e:c9:43:54:bd:a4:08:e6:45:16:1d:39:0a:
d3:8b:38:10:79:28:ae:ca:3d:b9:d2:fd:a5:0e:7b:f5:d1:69:
77:63:a5:47:cb:d5:b7:9f:7a:35:48:fc:2e:8f:c4:a0:e8:4d:
b4:b6:dd:9d:d2:66:cc:3f:fe:1c:bb:b0:ab:94:2c:28:3d:b0:
7c:e2:75:9b:27:ed:20:3c:d3:ea:63:46:16:57:9e:8b:38:3d:
39:07:f0:e3:71:14:fd:95:42:bf:1d:89:96:14:f1:80:3a:dc:
a9:27:23:d7:c4:7e:c3:02:7f:04:b5:d9:13:32:14:a2:5b:e4:
b4:24:39:6a:49:da:09:6a:4b:3c:37:93:fb:0f:fe:7d:c1:04:
c9:ae:76:5d
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZQlj19jNt9eMSmHlKD1hj4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjFhMjRjODBmZGNhMzI5NjQ0NTczYWU2ZDYxYzlmMmUz
NzRlZDgwHhcNMjUwMTAyMDU0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM1MTYyMGQzMDYyODBjNTdjOGY4ZDQyZTUwZWMwYjNjNzA4Y2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Oi+kdTgpXJzMwVA82xkdvDctM6N
ab1dYPuoqMKPFqxQyk8hQmWhBrkhk4sdegd+9NLZyMF+EwJfJRmaenRykDebTxiq
6x3QvPksuvTaoD7u7swMnmMLn6vsk3fP2UffzlrN5XfbOUbZcnbWnEFSqQJtehiE
XnjIMcb35sUdZUq8IP/iE5pOR2LOcsU3P0w+ipRSS5OW8Fr0AFOp8HWqdrGFtYq2
kYbnXKA+gEK+qwOuNPw9hwEASL8bxJ5CrYPWLYY4rowV1pnCAY3dgNq/j8mozGc5
lD/KiTO8lziqW4fmTMSGaIgwtRyGAbf3ij2SqpdfTD8AsO1LqE2kk55jYwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFGk1FiDTBigMV8j41C5Q7As8cIzQMB8GA1UdIwQY
MBaAFELxokyA/coylkRXOubWHJ8uN07YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzkt
NzE2OGFlMGI4Mjc4LzEvYVRVV0lOTUdLQXhYeVBqVUxsRHNDenh3ak5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mZWQ5MmEtMjEyMC00MzI2LWEwYzktNzE2OGFlMGI4Mjc4
LzEvUXZHaVRJRDl5aktXUkZjNjV0WWNueTQzVHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPMA0DBAUqACAD
BQcqACMAMA0GCSqGSIb3DQEBCwUAA4IBAQDn0d7KEWd33Z9sAplEqsf0oHX+ywOb
9HLOq2ZlIAnsEWoRKolUgoNHBR4tLfnfAEnb5B4dOYCbQYPUT9MXup2LC/K6vUzy
jm4Sdh55OxRr1cyirV5hq6lO6rTWoCVXiH8iOdqAVGFIGuEUhISMPw8RXH7JQ1S9
pAjmRRYdOQrTizgQeSiuyj250v2lDnv10Wl3Y6VHy9W3n3o1SPwuj8Sg6E20tt2d
0mbMP/4cu7CrlCwoPbB84nWbJ+0gPNPqY0YWV56LOD05B/DjcRT9lUK/HYmWFPGA
OtypJyPXxH7DAn8EtdkTMhSiW+S0JDlqSdoJaks8N5P7D/59wQTJrnZd
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:58:46 2025 by rpki-client