Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/KdLCeX5Vyhzaf_CZL0RWBrqwlP0.roa
File: KdLCeX5Vyhzaf_CZL0RWBrqwlP0.roa (raw, json)
Hash identifier: /nFn61m2q/SLG4vZvlepHTXZpNtOvzJKgGc3wCnK7rE=
Subject key identifier: 29:D2:C2:79:7E:55:CA:1C:DA:7F:F0:99:2F:44:56:06:BA:B0:94:FD
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0193634A665081910489A846B21A42EF7AA8
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/KdLCeX5Vyhzaf_CZL0RWBrqwlP0.roa
Signing time: Mon 25 Nov 2024 12:27:20 +0000
ROA not before: Mon 25 Nov 2024 12:27:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:dfc3::/32 maxlen: 32
2a0e:dfc5::/32 maxlen: 32
2a0e:dfc6::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:4a:66:50:81:91:04:89:a8:46:b2:1a:42:ef:7a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Nov 25 12:27:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29d2c2797e55ca1cda7ff0992f445606bab094fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0d:cc:27:e5:d3:51:48:b5:eb:34:83:89:9f:
1e:bc:c5:28:4d:16:f9:0e:90:10:61:be:2e:eb:ba:
68:d2:80:38:eb:c8:21:b8:da:e3:07:86:ec:c0:0d:
ac:40:bb:5f:48:79:b8:ad:dd:25:63:22:cb:bd:e4:
70:17:af:d2:c4:88:73:52:26:e1:37:f3:7e:36:a9:
55:a9:b3:cb:74:df:23:3f:72:38:dd:6c:4b:85:fd:
d7:cd:01:f8:32:bf:60:cc:04:d4:6e:b8:e9:86:3f:
c7:57:c3:aa:51:cb:b1:d7:44:76:ee:5a:79:a7:66:
8b:86:8d:52:d0:91:ad:d8:61:4d:68:ef:4b:d7:20:
e2:ed:90:00:22:9e:f2:da:7e:2b:7d:10:17:a6:72:
b9:d4:56:23:fa:43:71:b1:ae:06:37:0d:3a:a1:93:
9e:62:dd:fd:da:d7:9a:b4:34:60:37:df:fd:89:08:
fc:a5:0f:b9:67:c3:6e:ac:76:3b:3e:e9:bd:bb:47:
fa:41:97:60:62:64:5b:3e:65:4a:c9:bb:9d:31:be:
8a:3e:82:04:5a:81:54:3a:7f:94:74:25:55:35:84:
0d:a3:3d:f3:bc:55:99:fa:99:43:d0:4f:49:91:92:
b2:f9:5d:12:ec:3e:a2:0b:55:19:2f:04:38:7a:f2:
1f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D2:C2:79:7E:55:CA:1C:DA:7F:F0:99:2F:44:56:06:BA:B0:94:FD
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/KdLCeX5Vyhzaf_CZL0RWBrqwlP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc3::/32
2a0e:dfc5::-2a0e:dfc6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
27:cc:d6:24:c2:05:7c:17:02:4a:92:8f:67:db:9e:23:85:3a:
d2:d9:c3:67:b5:36:0f:10:78:94:8c:ae:22:b3:df:bb:a6:34:
12:27:9e:20:21:99:44:28:b4:6d:0f:8a:6e:58:4a:61:df:99:
c4:fd:33:77:68:e7:f9:d6:63:8d:4a:61:fc:bb:10:1a:b2:7c:
99:2f:dd:d6:25:be:f0:e8:54:28:91:76:5e:54:4e:6e:6e:95:
d2:25:76:ac:9d:32:5c:f9:a7:54:6e:a0:a5:bb:1e:ef:a5:55:
d5:f9:43:9d:1d:bd:2d:5c:13:78:95:ff:bc:75:92:79:f2:bb:
5b:5d:da:79:ab:85:98:c7:01:7c:02:ec:49:ae:28:63:48:87:
e7:c6:cf:6d:4e:e7:74:0c:07:85:65:4d:2b:55:69:6a:f0:4b:
8b:6f:8c:e6:7d:e6:7f:9e:b7:4e:81:89:fe:24:65:ea:77:ad:
a1:4d:19:1d:5a:8e:d9:33:4d:3c:06:ae:d6:4e:02:c8:e2:26:
b3:2a:21:00:d6:2f:5d:74:1d:87:c9:da:b8:19:1f:59:b3:d1:
a5:c5:6b:04:95:ce:cf:4f:d8:c1:88:c7:93:4b:fd:fb:8e:f1:
4f:74:2d:20:00:a9:5f:1b:8f:d6:a9:b4:cf:86:0b:b1:8d:23:
df:73:f0:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZNjSmZQgZEEiahGshpC73qoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQxMTI1MTIyNzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQyYzI3OTdlNTVjYTFjZGE3ZmYwOTkyZjQ0NTYwNmJhYjA5NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArg3MJ+XTUUi16zSDiZ8evMUoTRb5
DpAQYb4u67po0oA468ghuNrjB4bswA2sQLtfSHm4rd0lYyLLveRwF6/SxIhzUibh
N/N+NqlVqbPLdN8jP3I43WxLhf3XzQH4Mr9gzATUbrjphj/HV8OqUcux10R27lp5
p2aLho1S0JGt2GFNaO9L1yDi7ZAAIp7y2n4rfRAXpnK51FYj+kNxsa4GNw06oZOe
Yt392teatDRgN9/9iQj8pQ+5Z8NurHY7Pum9u0f6QZdgYmRbPmVKybudMb6KPoIE
WoFUOn+UdCVVNYQNoz3zvFWZ+plD0E9JkZKy+V0S7D6iC1UZLwQ4evIfAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCnSwnl+Vcoc2n/wmS9EVga6sJT9MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvS2RMQ2VYNVZ5aHphZl9DWkwwUldCcnF3bFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKg7fwzAO
AwUAKg7fxQMFACoO38YwDQYJKoZIhvcNAQELBQADggEBACfM1iTCBXwXAkqSj2fb
niOFOtLZw2e1Ng8QeJSMriKz37umNBInniAhmUQotG0Pim5YSmHfmcT9M3do5/nW
Y41KYfy7EBqyfJkv3dYlvvDoVCiRdl5UTm5uldIldqydMlz5p1RuoKW7Hu+lVdX5
Q50dvS1cE3iV/7x1knnyu1td2nmrhZjHAXwC7EmuKGNIh+fGz21O53QMB4VlTStV
aWrwS4tvjOZ95n+et06Bif4kZep3raFNGR1ajtkzTTwGrtZOAsjiJrMqIQDWL110
HYfJ2rgZH1mz0aXFawSVzs9P2MGIx5NL/fuO8U90LSAAqV8bj9aptM+GC7GNI99z
8ME=
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:29:37 2025 by rpki-client