Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/3QfuhoMXOAw_HkvKawnRRzI2es8.roa
File: 3QfuhoMXOAw_HkvKawnRRzI2es8.roa (raw, json)
Hash identifier: OF5D2WYZfkBj6VlQGsuV3S3cZwbzKIViB7ZO8twMCeM=
Subject key identifier: DD:07:EE:86:83:17:38:0C:3F:1E:4B:CA:6B:09:D1:47:32:36:7A:CF
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0194519DEBB2D1CC1BACB222B199C4B0569A
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/3QfuhoMXOAw_HkvKawnRRzI2es8.roa
Signing time: Fri 10 Jan 2025 19:08:11 +0000
ROA not before: Fri 10 Jan 2025 19:08:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 2a0e:4343::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:51:9d:eb:b2:d1:cc:1b:ac:b2:22:b1:99:c4:b0:56:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Jan 10 19:08:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd07ee868317380c3f1e4bca6b09d14732367acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3b:ed:69:72:e5:06:a7:59:33:39:57:97:df:
0c:bd:14:12:e7:51:57:e2:90:d8:cd:38:a1:34:86:
c3:03:6f:99:42:68:61:e9:0f:ff:38:01:6b:e5:53:
c7:0f:d6:14:44:8b:b8:67:4e:04:cd:cc:22:14:3a:
c7:0d:2f:2f:30:10:3a:55:11:20:b9:9c:cf:4f:32:
cf:89:09:05:e1:3b:13:cb:91:be:6a:37:50:96:e7:
2e:00:48:06:28:32:fa:f6:c5:4e:86:83:df:94:6f:
55:f0:7d:7d:d3:c4:85:e9:01:9e:57:2d:c9:c0:01:
eb:80:7e:45:8f:36:a4:8c:46:23:76:b6:22:02:b4:
42:b7:39:8a:61:b9:23:21:50:02:95:94:0d:ee:f7:
f4:29:5e:a0:e2:d3:2f:20:56:3e:d6:00:fc:d9:70:
c2:3d:31:38:04:b1:32:18:90:e7:89:ef:68:9a:56:
fc:84:16:8c:c6:89:11:7a:e1:a1:d3:d9:2d:0b:35:
8f:7b:b0:58:db:e4:b8:ee:6f:32:ae:86:8e:59:b6:
2c:be:5a:45:29:9d:4e:dc:4e:ef:d1:4c:7b:f0:04:
d2:59:a3:99:fc:38:f1:35:33:a3:7c:04:c3:93:93:
2e:84:aa:5d:a1:19:ec:d9:28:e5:1f:7c:38:5f:8f:
bd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:07:EE:86:83:17:38:0C:3F:1E:4B:CA:6B:09:D1:47:32:36:7A:CF
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/3QfuhoMXOAw_HkvKawnRRzI2es8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4343::/32
Signature Algorithm: sha256WithRSAEncryption
bf:4f:0a:6c:d6:35:2f:b0:d4:12:82:d1:a0:0b:56:1a:8a:fe:
ba:0d:97:f7:b2:bf:92:e3:34:f8:07:f9:b7:4c:90:14:ee:50:
ee:06:11:d2:86:90:95:d5:e0:49:d7:a8:11:04:7b:ba:a2:85:
40:0b:0d:46:f0:6b:bf:d0:79:aa:5d:96:c1:01:d5:14:44:23:
71:0b:e4:13:41:e8:b9:5b:53:b2:3e:06:f2:0f:7e:e3:21:ce:
e6:c2:c6:3c:0b:d8:8e:16:c9:69:2c:93:37:2e:62:50:ed:07:
7f:3e:a0:6b:5a:89:f1:34:18:c8:33:1f:49:e7:87:10:25:67:
c2:5f:01:f0:82:43:cb:51:53:d2:65:d3:ce:e1:b4:88:73:ea:
4e:a5:b9:ab:32:89:1c:dd:96:2a:95:74:2d:59:7d:d4:1f:fb:
ce:db:9d:ca:51:8f:de:c9:99:51:d3:b7:d9:a3:f7:3d:cc:16:
df:03:6d:27:2a:c5:ca:ec:5d:36:27:40:f6:9b:ee:02:2a:ba:
31:7f:de:15:5d:e3:da:14:19:d0:b4:4a:ec:d3:68:cd:b1:be:
14:4f:41:25:63:01:86:ab:5a:be:3d:da:3b:f7:bf:1f:c8:da:
af:0c:24:9c:eb:94:f5:84:cd:c3:90:ac:29:1f:9e:d0:f3:f0:
d5:9e:0a:72
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRRneuy0cwbrLIisZnEsFaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwMTEwMTkwODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA3ZWU4NjgzMTczODBjM2YxZTRiY2E2YjA5ZDE0NzMyMzY3YWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDvtaXLlBqdZMzlXl98MvRQS51FX
4pDYzTihNIbDA2+ZQmhh6Q//OAFr5VPHD9YURIu4Z04EzcwiFDrHDS8vMBA6VREg
uZzPTzLPiQkF4TsTy5G+ajdQlucuAEgGKDL69sVOhoPflG9V8H1908SF6QGeVy3J
wAHrgH5FjzakjEYjdrYiArRCtzmKYbkjIVAClZQN7vf0KV6g4tMvIFY+1gD82XDC
PTE4BLEyGJDnie9omlb8hBaMxokReuGh09ktCzWPe7BY2+S47m8yroaOWbYsvlpF
KZ1O3E7v0Ux78ATSWaOZ/DjxNTOjfATDk5MuhKpdoRns2SjlH3w4X4+9HwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN0H7oaDFzgMPx5LymsJ0UcyNnrPMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvM1FmdWhvTVhPQXdfSGt2S2F3blJSekkyZXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5DQzAN
BgkqhkiG9w0BAQsFAAOCAQEAv08KbNY1L7DUEoLRoAtWGor+ug2X97K/kuM0+Af5
t0yQFO5Q7gYR0oaQldXgSdeoEQR7uqKFQAsNRvBrv9B5ql2WwQHVFEQjcQvkE0Ho
uVtTsj4G8g9+4yHO5sLGPAvYjhbJaSyTNy5iUO0Hfz6ga1qJ8TQYyDMfSeeHECVn
wl8B8IJDy1FT0mXTzuG0iHPqTqW5qzKJHN2WKpV0LVl91B/7ztudylGP3smZUdO3
2aP3PcwW3wNtJyrFyuxdNidA9pvuAiq6MX/eFV3j2hQZ0LRK7NNozbG+FE9BJWMB
hqtavj3aO/e/H8jarwwknOuU9YTNw5CsKR+e0PPw1Z4Kcg==
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:01:41 2025 by rpki-client