Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/DgjFWJIBX8y1ncssqkbdW81uoiI.roa
File: DgjFWJIBX8y1ncssqkbdW81uoiI.roa (raw, json)
Hash identifier: OY/CaDzEd9lidEEYQxzAb4fZAC1my1A5QmXbAVprDmk=
Subject key identifier: 0E:08:C5:58:92:01:5F:CC:B5:9D:CB:2C:AA:46:DD:5B:CD:6E:A2:22
Certificate issuer: /CN=8ef8c471e83b14fc6c6cc7cfc96c1ac3e3087eae
Certificate serial: 019426D96DAA0B760A2011DE4CAC9DA21172
Authority key identifier: 8E:F8:C4:71:E8:3B:14:FC:6C:6C:C7:CF:C9:6C:1A:C3:E3:08:7E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvjEceg7FPxsbMfPyWwaw-MIfq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/DgjFWJIBX8y1ncssqkbdW81uoiI.roa
Signing time: Thu 02 Jan 2025 11:49:31 +0000
ROA not before: Thu 02 Jan 2025 11:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 2a13:f1c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:6d:aa:0b:76:0a:20:11:de:4c:ac:9d:a2:11:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef8c471e83b14fc6c6cc7cfc96c1ac3e3087eae
Validity
Not Before: Jan 2 11:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e08c55892015fccb59dcb2caa46dd5bcd6ea222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ef:17:32:88:36:ef:51:ea:6c:94:06:3e:8f:
aa:5d:11:47:ce:fa:30:24:71:e1:9b:5d:9d:82:8a:
91:a6:00:56:5d:50:a6:34:94:0a:42:d7:11:4e:43:
9d:c8:04:ae:7e:cf:8f:42:07:cd:37:32:05:9a:3c:
92:ea:cb:02:1d:b9:6a:9e:21:ae:a8:ca:88:cc:f5:
8f:68:de:f6:07:b6:72:24:14:52:e7:98:cf:68:0c:
7c:75:16:a3:5e:85:35:28:a1:1f:9a:72:62:8e:5b:
df:19:ff:78:2a:3d:38:df:94:00:d2:35:c5:ef:d8:
8e:2a:80:c9:d7:89:22:9b:75:ed:ee:7d:dd:46:08:
6b:87:2a:ae:53:85:a7:8b:ff:9a:3e:17:50:1e:d2:
27:0c:c6:21:33:32:2e:a9:a6:0b:9e:20:06:f2:4a:
07:1e:59:8c:2e:0f:5d:29:b4:23:80:2c:08:8b:a1:
8b:c2:ad:67:10:66:85:7c:ca:34:78:b2:a5:9d:4f:
db:0e:fb:66:33:bf:91:97:fe:76:90:50:91:77:8a:
ca:3c:8e:a3:c3:90:7d:7b:c2:76:0c:9c:b4:2c:ae:
af:2b:b0:18:2b:d1:9b:c6:d3:0f:74:b1:b0:00:78:
22:66:d0:03:65:8d:3f:0c:a6:44:96:cf:b0:73:18:
6f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:08:C5:58:92:01:5F:CC:B5:9D:CB:2C:AA:46:DD:5B:CD:6E:A2:22
X509v3 Authority Key Identifier:
keyid:8E:F8:C4:71:E8:3B:14:FC:6C:6C:C7:CF:C9:6C:1A:C3:E3:08:7E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvjEceg7FPxsbMfPyWwaw-MIfq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/DgjFWJIBX8y1ncssqkbdW81uoiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/8f2ad8-6a48-423c-be41-138a7117de36/1/jvjEceg7FPxsbMfPyWwaw-MIfq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
03:dd:31:81:58:be:5d:0f:70:04:0a:8b:f2:aa:ed:da:6e:e5:
89:3e:ad:8a:d7:e3:87:90:0a:5d:3c:a7:73:e9:1e:1e:fc:fd:
4b:d1:47:a1:a5:a5:32:ee:db:f9:c8:ff:6e:7e:65:b6:86:bc:
aa:93:d0:88:dd:0d:a4:df:33:b3:95:50:00:d0:53:45:18:ee:
28:7f:be:91:83:bc:81:94:46:9e:fc:d9:67:99:94:5c:43:f1:
8e:1a:7a:d9:d3:b3:b6:4f:04:5f:15:c2:dc:4b:9c:84:75:9d:
24:09:a8:d8:4b:d4:41:63:cd:f6:ec:2d:c5:5d:9e:46:e1:ff:
b0:18:49:2a:fe:24:41:5c:82:33:fc:2b:32:97:b9:ba:23:e7:
d5:99:2b:85:87:10:32:6d:9e:81:e5:98:6e:8a:a9:af:42:6c:
59:f8:bc:a7:de:2d:58:e0:a6:0e:82:ac:c8:de:ef:dd:6e:d9:
6c:c4:f6:88:41:1a:13:bc:38:26:41:3f:5c:04:91:98:e2:a6:
0e:3c:ab:a6:c8:a5:ba:d1:ab:f0:86:ac:33:9d:bc:87:a1:0b:
fd:be:b2:1b:af:00:4d:d3:6f:3c:1d:8b:d6:6e:26:6f:52:29:
d2:78:f1:27:d4:cc:97:2f:ac:10:a8:0c:1f:68:15:f8:0f:7a:
53:d7:11:a7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2W2qC3YKIBHeTKydohFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjhjNDcxZTgzYjE0ZmM2YzZjYzdjZmM5NmMxYWMzZTMw
ODdlYWUwHhcNMjUwMTAyMTE0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA4YzU1ODkyMDE1ZmNjYjU5ZGNiMmNhYTQ2ZGQ1YmNkNmVhMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+8XMog271HqbJQGPo+qXRFHzvow
JHHhm12dgoqRpgBWXVCmNJQKQtcRTkOdyASufs+PQgfNNzIFmjyS6ssCHblqniGu
qMqIzPWPaN72B7ZyJBRS55jPaAx8dRajXoU1KKEfmnJijlvfGf94Kj0435QA0jXF
79iOKoDJ14kim3Xt7n3dRghrhyquU4Wni/+aPhdQHtInDMYhMzIuqaYLniAG8koH
HlmMLg9dKbQjgCwIi6GLwq1nEGaFfMo0eLKlnU/bDvtmM7+Rl/52kFCRd4rKPI6j
w5B9e8J2DJy0LK6vK7AYK9GbxtMPdLGwAHgiZtADZY0/DKZEls+wcxhv2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA4IxViSAV/MtZ3LLKpG3VvNbqIiMB8GA1UdIwQY
MBaAFI74xHHoOxT8bGzHz8lsGsPjCH6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZqRWNlZzdGUHhzYk1mUHlXd2F3LU1JZnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84ZjJhZDgtNmE0OC00MjNjLWJlNDEt
MTM4YTcxMTdkZTM2LzEvRGdqRldKSUJYOHkxbmNzc3FrYmRXODF1b2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84ZjJhZDgtNmE0OC00MjNjLWJlNDEtMTM4YTcxMTdkZTM2
LzEvanZqRWNlZzdGUHhzYk1mUHlXd2F3LU1JZnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAA90xgVi+XQ9wBAqL8qrt2m7liT6titfjh5AKXTyn
c+keHvz9S9FHoaWlMu7b+cj/bn5ltoa8qpPQiN0NpN8zs5VQANBTRRjuKH++kYO8
gZRGnvzZZ5mUXEPxjhp62dOztk8EXxXC3EuchHWdJAmo2EvUQWPN9uwtxV2eRuH/
sBhJKv4kQVyCM/wrMpe5uiPn1ZkrhYcQMm2egeWYboqpr0JsWfi8p94tWOCmDoKs
yN7v3W7ZbMT2iEEaE7w4JkE/XASRmOKmDjyrpsilutGr8IasM528h6EL/b6yG68A
TdNvPB2L1m4mb1Ip0njxJ9TMly+sEKgMH2gV+A96U9cRpw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:31:31 2025 by rpki-client