Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/4E-cbgyOXJc89SUUv5sM3VxtLuk.roa
File: 4E-cbgyOXJc89SUUv5sM3VxtLuk.roa (raw, json)
Hash identifier: D+jbZ3w2pVOtXKOqYfIoycf5LJ7PgaHCl8bnKHOQ6Cg=
Subject key identifier: E0:4F:9C:6E:0C:8E:5C:97:3C:F5:25:14:BF:9B:0C:DD:5C:6D:2E:E9
Certificate issuer: /CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
Certificate serial: 019426D9288B6828E4236EB9A055E940869E
Authority key identifier: D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/4E-cbgyOXJc89SUUv5sM3VxtLuk.roa
Signing time: Thu 02 Jan 2025 11:49:13 +0000
ROA not before: Thu 02 Jan 2025 11:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208436
IP address blocks: 2a0e:9f40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:28:8b:68:28:e4:23:6e:b9:a0:55:e9:40:86:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d895fa70e3f7df361151d55379d4d9b85dadfd3d
Validity
Not Before: Jan 2 11:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e04f9c6e0c8e5c973cf52514bf9b0cdd5c6d2ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:23:e4:c6:ba:a6:a2:fc:56:66:8f:26:c4:6e:
6c:39:dd:b4:80:4f:5e:3f:5f:ea:7b:c6:fe:38:28:
eb:8a:36:5c:48:72:34:56:51:57:e9:c1:bc:63:c8:
b9:67:56:5b:93:5b:27:3d:af:6e:09:f2:83:1f:33:
a5:44:60:db:e5:17:7b:dd:3c:66:7e:a0:17:e3:de:
96:d3:1c:b1:b6:55:f0:61:c6:99:f5:79:03:68:cd:
b1:b6:44:4a:cf:44:50:b7:3b:c7:19:46:e7:88:e6:
8a:69:f7:e3:87:80:73:8e:fd:32:dd:22:ab:c0:6c:
3d:b9:35:95:e0:7d:aa:f0:3f:39:ae:a8:b6:7f:41:
ce:9e:95:79:85:87:a6:6e:eb:a7:15:60:a2:4c:b2:
5d:6a:ab:cb:44:f8:fd:f4:3e:c7:5d:cf:57:1e:9c:
a4:e1:43:9b:25:8c:bc:90:cc:77:21:1d:3e:73:c1:
15:63:06:66:7d:c2:ce:e0:9b:9f:ee:24:1d:c0:f3:
aa:b1:97:26:d0:36:c5:17:c2:56:54:20:77:c0:02:
88:e9:50:00:ff:d4:79:da:d8:ef:53:66:58:d0:77:
61:88:d3:4d:75:7e:50:1e:85:a0:03:e3:6d:b4:ba:
7f:0e:e8:7e:45:34:78:fc:d3:54:b1:73:91:e8:97:
90:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4F:9C:6E:0C:8E:5C:97:3C:F5:25:14:BF:9B:0C:DD:5C:6D:2E:E9
X509v3 Authority Key Identifier:
keyid:D8:95:FA:70:E3:F7:DF:36:11:51:D5:53:79:D4:D9:B8:5D:AD:FD:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JX6cOP33zYRUdVTedTZuF2t_T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/4E-cbgyOXJc89SUUv5sM3VxtLuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/70b504-c2d4-4387-9b75-f45b8dbe2f97/1/2JX6cOP33zYRUdVTedTZuF2t_T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
55:2a:c4:01:b6:cc:6b:81:17:38:7f:d5:ef:90:1e:d2:d6:64:
e3:5e:1a:30:6c:1d:e2:d3:f0:ea:54:e8:56:5a:4b:80:dc:a3:
25:08:10:47:93:dd:54:0e:09:8d:5f:64:6e:f8:da:99:9a:ce:
0b:e5:4d:8a:bc:df:8b:fd:55:55:b9:49:f2:5b:ca:84:c7:bb:
e4:cc:61:f3:57:5c:58:e5:61:83:8e:a2:a5:0d:12:ce:09:e7:
29:9f:5a:ec:9b:bf:3b:3b:b8:f9:b5:ed:d3:74:ba:63:76:81:
d0:9f:7b:42:9c:d2:46:89:d6:ea:0c:42:66:bc:c8:28:58:f6:
6d:6f:b2:56:e7:91:5e:be:fa:3c:a6:27:d1:12:cd:94:80:ee:
fd:9a:f9:13:2b:e5:b9:8e:f3:a6:6b:d1:fe:b5:d7:90:2f:e3:
cc:70:56:63:76:21:75:17:a8:a5:cb:67:b9:81:ff:d3:a6:0c:
64:dd:f7:91:16:4c:e5:dc:85:55:c8:a3:30:86:8b:f5:7d:bc:
94:5f:49:9e:8a:8f:3b:71:fe:0a:08:6d:47:4c:86:24:0a:a3:
cb:19:41:b3:5c:ad:e8:ea:2b:86:6a:2d:fe:76:a2:8f:7c:3d:
7a:57:6c:12:06:3e:c7:9c:2a:8b:a5:92:f8:b2:4b:1a:89:6c:
04:3e:55:f7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2SiLaCjkI265oFXpQIaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTVmYTcwZTNmN2RmMzYxMTUxZDU1Mzc5ZDRkOWI4NWRh
ZGZkM2QwHhcNMjUwMTAyMTE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDRmOWM2ZTBjOGU1Yzk3M2NmNTI1MTRiZjliMGNkZDVjNmQyZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyPkxrqmovxWZo8mxG5sOd20gE9e
P1/qe8b+OCjrijZcSHI0VlFX6cG8Y8i5Z1Zbk1snPa9uCfKDHzOlRGDb5Rd73Txm
fqAX496W0xyxtlXwYcaZ9XkDaM2xtkRKz0RQtzvHGUbniOaKaffjh4Bzjv0y3SKr
wGw9uTWV4H2q8D85rqi2f0HOnpV5hYembuunFWCiTLJdaqvLRPj99D7HXc9XHpyk
4UObJYy8kMx3IR0+c8EVYwZmfcLO4Juf7iQdwPOqsZcm0DbFF8JWVCB3wAKI6VAA
/9R52tjvU2ZY0HdhiNNNdX5QHoWgA+NttLp/Duh+RTR4/NNUsXOR6JeQJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOBPnG4MjlyXPPUlFL+bDN1cbS7pMB8GA1UdIwQY
MBaAFNiV+nDj9982EVHVU3nU2bhdrf09MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUt
ZjQ1YjhkYmUyZjk3LzEvNEUtY2JneU9YSmM4OVNVVXY1c00zVnh0THVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi83MGI1MDQtYzJkNC00Mzg3LTliNzUtZjQ1YjhkYmUyZjk3
LzEvMkpYNmNPUDMzellSVWRWVGVkVFp1RjJ0X1QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg6fQDAN
BgkqhkiG9w0BAQsFAAOCAQEAVSrEAbbMa4EXOH/V75Ae0tZk414aMGwd4tPw6lTo
VlpLgNyjJQgQR5PdVA4JjV9kbvjamZrOC+VNirzfi/1VVblJ8lvKhMe75Mxh81dc
WOVhg46ipQ0SzgnnKZ9a7Ju/Ozu4+bXt03S6Y3aB0J97QpzSRonW6gxCZrzIKFj2
bW+yVueRXr76PKYn0RLNlIDu/Zr5EyvluY7zpmvR/rXXkC/jzHBWY3YhdReopctn
uYH/06YMZN33kRZM5dyFVcijMIaL9X28lF9JnoqPO3H+CghtR0yGJAqjyxlBs1yt
6Oorhmot/naij3w9eldsEgY+x5wqi6WS+LJLGolsBD5V9w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:29:59 2025 by rpki-client