Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/VVtzbUbuLsOzC7iNag2lMp3ONNI.roa
File: VVtzbUbuLsOzC7iNag2lMp3ONNI.roa (raw, json)
Hash identifier: UErAv5pCDXR+I5/GOV6u8k14kQME7/LeMPzxRNo82xU=
Subject key identifier: 55:5B:73:6D:46:EE:2E:C3:B3:0B:B8:8D:6A:0D:A5:32:9D:CE:34:D2
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019425218D3DBE2E0AFDF598CF96B6C238BE
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/VVtzbUbuLsOzC7iNag2lMp3ONNI.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24750
IP address blocks: 2a05:4c00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8d:3d:be:2e:0a:fd:f5:98:cf:96:b6:c2:38:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=555b736d46ee2ec3b30bb88d6a0da5329dce34d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b0:a4:88:26:54:0d:45:0b:3d:54:ff:02:66:
6d:91:9a:53:b1:65:75:9d:28:e3:e9:ac:48:b4:73:
cd:a6:25:ee:4b:94:cf:5a:8d:37:2a:ed:9b:23:08:
cb:46:36:cf:d7:2e:c2:4f:9a:2a:5a:c7:e1:d6:02:
e8:24:e9:d7:fd:fa:a6:cc:8f:d9:47:8c:ef:37:cd:
bb:b0:c9:95:b3:b3:f3:a9:f1:b7:fb:ce:3e:14:a0:
56:19:aa:f1:b1:07:7d:8d:86:de:50:04:ed:0a:e5:
c5:08:14:f1:12:82:4a:f0:20:3e:97:54:b2:e3:f2:
dc:38:3d:b5:5e:3f:1d:d3:b4:7b:23:0e:94:d9:a8:
81:06:2f:81:43:68:4b:3a:ea:1e:36:b7:71:83:dc:
3b:9c:de:77:3c:e3:73:ca:0b:bf:cd:49:59:15:a0:
15:c2:93:fb:af:26:03:e5:bf:e7:74:12:66:7e:25:
af:ae:5b:2b:03:fa:5a:d7:72:72:02:b0:ae:f7:4d:
42:65:6d:be:b3:3f:e2:7f:3d:26:1d:2a:29:0b:db:
71:a4:4f:52:2f:96:89:1e:24:67:d6:db:b1:f9:5a:
e4:6a:8f:e3:8b:6c:7b:24:9a:41:6d:ac:8a:a6:62:
7f:6b:d7:6f:9d:2e:9a:4e:f9:62:05:e9:c4:17:6b:
15:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5B:73:6D:46:EE:2E:C3:B3:0B:B8:8D:6A:0D:A5:32:9D:CE:34:D2
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/VVtzbUbuLsOzC7iNag2lMp3ONNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4c00::/29
Signature Algorithm: sha256WithRSAEncryption
82:16:84:4d:d1:0f:5c:2d:e8:c6:78:84:cb:85:aa:0c:7e:0b:
b5:b9:a3:05:aa:e3:c1:06:c5:51:7d:7c:d4:39:8d:9d:48:0d:
4b:49:e0:88:cb:06:0d:14:a6:d6:cd:98:7f:3d:7a:2f:a7:3b:
2b:84:0f:cb:28:ea:bc:88:b4:76:7b:4a:60:87:06:4a:93:9e:
ba:3b:c0:fc:bd:94:64:93:04:68:51:a7:17:01:e5:57:23:ef:
79:6a:b5:42:90:96:b6:82:2e:9c:b9:90:8f:ae:12:1a:74:6b:
42:13:aa:f2:8c:27:6a:cc:a6:6f:f8:12:47:39:d8:c0:23:2c:
39:3a:ed:19:fc:52:de:d0:b8:d0:e7:95:ed:51:e5:f3:70:3b:
9a:50:b9:ac:ec:04:28:5b:cd:88:66:bf:45:3d:5d:fe:e8:7e:
da:11:2f:6b:2c:c4:26:e1:c6:44:23:f9:fe:ad:7a:43:e8:03:
5a:d6:a5:05:3b:c5:76:ac:70:91:ee:5f:25:b3:f1:d5:6f:89:
df:a3:f0:c7:d7:1b:26:f4:85:b9:96:fc:c3:02:ed:7e:2f:8f:
4e:ae:6f:82:69:59:20:fb:20:ca:79:c9:6d:b9:66:02:53:c9:
22:51:9a:de:0d:c9:4b:d5:2c:13:7e:88:e6:a5:e4:4c:b0:29:
47:0a:db:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIY09vi4K/fWYz5a2wji+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTViNzM2ZDQ2ZWUyZWMzYjMwYmI4OGQ2YTBkYTUzMjlkY2UzNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7CkiCZUDUULPVT/AmZtkZpTsWV1
nSjj6axItHPNpiXuS5TPWo03Ku2bIwjLRjbP1y7CT5oqWsfh1gLoJOnX/fqmzI/Z
R4zvN827sMmVs7PzqfG3+84+FKBWGarxsQd9jYbeUATtCuXFCBTxEoJK8CA+l1Sy
4/LcOD21Xj8d07R7Iw6U2aiBBi+BQ2hLOuoeNrdxg9w7nN53PONzygu/zUlZFaAV
wpP7ryYD5b/ndBJmfiWvrlsrA/pa13JyArCu901CZW2+sz/ifz0mHSopC9txpE9S
L5aJHiRn1tux+Vrkao/ji2x7JJpBbayKpmJ/a9dvnS6aTvliBenEF2sVsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFVbc21G7i7Dswu4jWoNpTKdzjTSMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvVlZ0emJVYnVMc096QzdpTmFnMmxNcDNPTk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgVMADAN
BgkqhkiG9w0BAQsFAAOCAQEAghaETdEPXC3oxniEy4WqDH4LtbmjBarjwQbFUX18
1DmNnUgNS0ngiMsGDRSm1s2Yfz16L6c7K4QPyyjqvIi0dntKYIcGSpOeujvA/L2U
ZJMEaFGnFwHlVyPveWq1QpCWtoIunLmQj64SGnRrQhOq8ownasymb/gSRznYwCMs
OTrtGfxS3tC40OeV7VHl83A7mlC5rOwEKFvNiGa/RT1d/uh+2hEvayzEJuHGRCP5
/q16Q+gDWtalBTvFdqxwke5fJbPx1W+J36Pwx9cbJvSFuZb8wwLtfi+PTq5vgmlZ
IPsgynnJbblmAlPJIlGa3g3JS9UsE36I5qXkTLApRwrbyw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:02 2025 by rpki-client