Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_8sr8aIwUZsEMoCeASgsdp-XKkc.roa
File: _8sr8aIwUZsEMoCeASgsdp-XKkc.roa (raw, json)
Hash identifier: 8xLJinv75Qe3kL2qr+hxBWBJs6ycaLqXPgI4od1LSpE=
Subject key identifier: FF:CB:2B:F1:A2:30:51:9B:04:32:80:9E:01:28:2C:76:9F:97:2A:47
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 019422FB741DE61084166FBFD4202E783A94
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_8sr8aIwUZsEMoCeASgsdp-XKkc.roa
Signing time: Wed 01 Jan 2025 17:48:12 +0000
ROA not before: Wed 01 Jan 2025 17:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a0a:b384::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:74:1d:e6:10:84:16:6f:bf:d4:20:2e:78:3a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 1 17:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffcb2bf1a230519b0432809e01282c769f972a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:1d:cf:f7:c0:e9:08:a4:cd:47:12:41:ab:
b9:42:96:91:06:54:15:6c:d6:b4:35:13:62:c6:48:
10:41:b3:47:5c:5a:7d:f8:b0:29:e2:a5:e7:d9:73:
38:b8:a3:b8:46:c1:39:40:ce:73:70:92:a2:6a:b9:
22:77:0f:03:7e:e7:b2:d7:55:0a:a7:0b:13:18:4e:
96:b3:fb:96:92:7e:ee:32:ac:da:0f:fb:e5:89:d5:
0c:ac:6e:64:00:fb:0f:db:b6:8b:cd:34:e1:d8:b6:
49:76:74:a1:3b:7b:c9:3a:8e:44:b0:54:36:19:f6:
c7:99:11:15:7d:5d:74:7d:9b:27:77:15:95:14:17:
49:c3:6d:2f:b0:95:5a:71:26:fb:1e:50:4f:29:7d:
b1:b0:fa:38:c0:0c:04:c2:22:9d:af:05:71:23:17:
00:34:05:3c:a9:11:b5:e6:d1:c5:4b:2f:9c:82:f3:
5b:0c:cb:7f:dd:ca:0f:9e:95:1a:54:a6:af:3f:c8:
66:9f:3c:eb:cf:cf:71:30:81:5c:49:75:de:60:55:
83:3c:68:2e:1b:eb:14:81:78:22:59:90:c6:da:06:
a1:1a:66:15:cc:e4:e1:2e:96:f8:8f:d5:74:41:c9:
97:dc:ca:d5:5a:e2:91:20:33:c0:21:cb:91:8a:06:
a7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CB:2B:F1:A2:30:51:9B:04:32:80:9E:01:28:2C:76:9F:97:2A:47
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/_8sr8aIwUZsEMoCeASgsdp-XKkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:b384::/32
Signature Algorithm: sha256WithRSAEncryption
71:d0:2d:c7:cb:31:c4:75:5e:6d:cf:89:7c:6c:ab:4d:43:5c:
0e:eb:9e:b1:fb:01:0a:f4:d1:ad:ab:02:ba:44:fe:c5:23:61:
a9:06:1c:fa:d1:d4:5c:31:09:07:0f:17:1e:0d:52:65:74:69:
c0:f7:e5:5a:36:48:fb:dc:b2:11:42:3c:99:00:f4:0d:7e:7e:
dc:05:29:9f:e3:6c:15:94:c2:c8:ae:b8:74:f4:05:22:f2:1b:
ef:50:9a:5b:70:bd:b6:fb:db:0d:47:9f:a9:83:82:a4:8b:8b:
43:d4:86:4e:fe:4f:74:27:c3:57:92:ed:38:0e:05:18:51:42:
34:76:a4:d9:11:68:5d:0e:7a:d5:37:a2:5e:18:07:29:08:4c:
b0:35:12:74:0c:45:b1:97:68:58:48:4f:46:94:13:f8:1a:d9:
84:4b:80:4a:2f:50:49:b1:71:37:04:5e:46:50:a8:cd:33:80:
07:31:16:54:fd:3e:1c:f6:1a:b0:f3:f0:66:03:2b:fa:62:d9:
cd:d7:64:69:86:4b:da:6a:48:02:f0:b7:61:2d:78:cc:19:1d:
6b:24:f2:09:73:7a:f1:14:c8:de:f4:30:ee:98:f1:5e:98:30:
85:8f:06:31:73:21:a8:dd:49:e9:6f:ea:50:8f:66:e7:c3:b5:
92:01:56:3c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi+3Qd5hCEFm+/1CAueDqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMTAxMTc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNiMmJmMWEyMzA1MTliMDQzMjgwOWUwMTI4MmM3NjlmOTcyYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO4dz/fA6QikzUcSQau5QpaRBlQV
bNa0NRNixkgQQbNHXFp9+LAp4qXn2XM4uKO4RsE5QM5zcJKiarkidw8Dfuey11UK
pwsTGE6Ws/uWkn7uMqzaD/vlidUMrG5kAPsP27aLzTTh2LZJdnShO3vJOo5EsFQ2
GfbHmREVfV10fZsndxWVFBdJw20vsJVacSb7HlBPKX2xsPo4wAwEwiKdrwVxIxcA
NAU8qRG15tHFSy+cgvNbDMt/3coPnpUaVKavP8hmnzzrz89xMIFcSXXeYFWDPGgu
G+sUgXgiWZDG2gahGmYVzOThLpb4j9V0QcmX3MrVWuKRIDPAIcuRigan5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP/LK/GiMFGbBDKAngEoLHaflypHMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvXzhzcjhhSXdVWnNFTW9DZUFTZ3NkcC1YS2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgtZjg1ODlmNjgyNjkx
LzEvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgqzhDAN
BgkqhkiG9w0BAQsFAAOCAQEAcdAtx8sxxHVebc+JfGyrTUNcDuuesfsBCvTRrasC
ukT+xSNhqQYc+tHUXDEJBw8XHg1SZXRpwPflWjZI+9yyEUI8mQD0DX5+3AUpn+Ns
FZTCyK64dPQFIvIb71CaW3C9tvvbDUefqYOCpIuLQ9SGTv5PdCfDV5LtOA4FGFFC
NHak2RFoXQ561TeiXhgHKQhMsDUSdAxFsZdoWEhPRpQT+BrZhEuASi9QSbFxNwRe
RlCozTOABzEWVP0+HPYasPPwZgMr+mLZzddkaYZL2mpIAvC3YS14zBkdayTyCXN6
8RTI3vQw7pjxXpgwhY8GMXMhqN1J6W/qUI9m58O1kgFWPA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:08:44 2025 by rpki-client