Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/e754d6-0dac-4246-9fd6-202a0980c176/1/sLl8IyRQ7O2V3aDprs2XcWd9-Fc.roa
File: sLl8IyRQ7O2V3aDprs2XcWd9-Fc.roa (raw, json)
Hash identifier: Q0fY46XPSxXWXxA2rseUn7tBmmNzqG29JtQSVk/FutE=
Subject key identifier: B0:B9:7C:23:24:50:EC:ED:95:DD:A0:E9:AE:CD:97:71:67:7D:F8:57
Certificate issuer: /CN=d895bee5605630f7048b1ffb3f003b39d29e47a0
Certificate serial: 019424B39D291FEF5FB4C5FA8E42C2FBD29A
Authority key identifier: D8:95:BE:E5:60:56:30:F7:04:8B:1F:FB:3F:00:3B:39:D2:9E:47:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JW-5WBWMPcEix_7PwA7OdKeR6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/e754d6-0dac-4246-9fd6-202a0980c176/1/sLl8IyRQ7O2V3aDprs2XcWd9-Fc.roa
Signing time: Thu 02 Jan 2025 01:48:58 +0000
ROA not before: Thu 02 Jan 2025 01:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212027
IP address blocks: 2a14:1ac0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:9d:29:1f:ef:5f:b4:c5:fa:8e:42:c2:fb:d2:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d895bee5605630f7048b1ffb3f003b39d29e47a0
Validity
Not Before: Jan 2 01:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0b97c232450eced95dda0e9aecd9771677df857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:32:9f:14:a1:ce:11:a5:2e:47:3c:92:38:3d:
ac:de:8f:7e:f2:d0:f7:be:14:27:0c:7f:e4:96:f1:
90:69:20:9e:00:17:f4:e9:dc:86:94:c9:00:dc:45:
12:68:78:49:cf:94:64:ac:b3:47:38:82:05:03:bf:
6f:96:1f:90:a6:cc:ef:16:71:90:03:d0:38:ba:58:
9a:bf:9d:9d:60:26:c4:56:55:c2:4c:cd:d2:78:fb:
1b:7f:38:00:09:a3:f1:e1:0a:58:a7:91:11:69:26:
79:bc:38:25:88:7d:d0:01:af:6e:51:45:a0:db:fa:
82:05:fd:d6:00:88:b3:1b:e3:9d:50:4f:e9:d8:0f:
fb:67:81:24:74:7f:ca:25:d8:2b:6a:33:a3:05:35:
ba:1e:bb:19:03:1c:80:a9:b2:ab:5a:cf:3b:12:7d:
97:1d:57:1b:9e:1e:b3:f7:6b:c1:5a:2d:5e:5f:0f:
6e:0c:30:5a:03:87:cc:cd:bf:52:e4:5f:7f:4c:91:
c4:d0:13:19:7c:a6:37:66:b9:d6:74:f5:26:9f:a6:
b6:74:86:6a:1f:d5:23:41:82:b0:28:68:6b:1d:e2:
8a:de:d0:7d:7a:a8:5e:4b:43:45:5b:a7:d4:c5:c3:
4b:7d:c2:0b:c7:61:a1:61:29:fc:b1:5e:cd:56:23:
04:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B9:7C:23:24:50:EC:ED:95:DD:A0:E9:AE:CD:97:71:67:7D:F8:57
X509v3 Authority Key Identifier:
keyid:D8:95:BE:E5:60:56:30:F7:04:8B:1F:FB:3F:00:3B:39:D2:9E:47:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JW-5WBWMPcEix_7PwA7OdKeR6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e754d6-0dac-4246-9fd6-202a0980c176/1/sLl8IyRQ7O2V3aDprs2XcWd9-Fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/e754d6-0dac-4246-9fd6-202a0980c176/1/2JW-5WBWMPcEix_7PwA7OdKeR6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ac0::/29
Signature Algorithm: sha256WithRSAEncryption
82:d6:09:dd:58:5a:c0:1e:42:30:8d:b0:b9:f9:e9:c5:47:44:
77:d9:0b:8c:30:c9:47:a4:af:5f:39:1e:7f:c3:20:9a:4b:ff:
07:c8:ef:61:9a:06:47:65:e0:c1:ea:21:6a:02:68:06:78:52:
fe:8a:92:e8:a3:c2:e8:74:3f:f1:8f:5e:56:7a:aa:fb:c7:e0:
f8:8f:62:24:55:04:ae:b1:02:ff:5a:95:f5:61:09:a9:f2:6c:
95:ac:57:80:27:d4:f2:db:81:cc:f8:4f:f2:d9:96:ae:91:07:
b0:57:2a:58:75:8e:6e:b9:4f:86:0b:50:52:ce:fe:4c:ce:06:
a0:fb:71:dd:5b:21:42:f2:2e:25:f9:ad:bd:63:40:d7:fc:ff:
5c:53:f2:67:18:38:70:f4:3c:d2:b8:cf:9e:f0:75:13:d7:c2:
b6:13:62:c3:21:34:06:68:b1:4e:7f:c8:f8:b8:95:ba:a4:05:
1d:88:a4:91:49:bf:70:46:c8:43:83:08:54:89:34:ae:d7:45:
2f:bd:f7:70:c3:e5:2e:aa:fe:db:1d:4d:9a:be:db:66:77:22:
22:96:2c:8b:82:e5:bc:9a:cf:b9:4d:33:d8:b8:71:65:a6:11:
f2:13:54:9f:43:6d:c9:19:dd:29:58:70:4e:97:f8:06:4d:77:
bd:56:6e:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks50pH+9ftMX6jkLC+9KaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTViZWU1NjA1NjMwZjcwNDhiMWZmYjNmMDAzYjM5ZDI5
ZTQ3YTAwHhcNMjUwMTAyMDE0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGI5N2MyMzI0NTBlY2VkOTVkZGEwZTlhZWNkOTc3MTY3N2RmODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jKfFKHOEaUuRzySOD2s3o9+8tD3
vhQnDH/klvGQaSCeABf06dyGlMkA3EUSaHhJz5RkrLNHOIIFA79vlh+QpszvFnGQ
A9A4uliav52dYCbEVlXCTM3SePsbfzgACaPx4QpYp5ERaSZ5vDgliH3QAa9uUUWg
2/qCBf3WAIizG+OdUE/p2A/7Z4EkdH/KJdgrajOjBTW6HrsZAxyAqbKrWs87En2X
HVcbnh6z92vBWi1eXw9uDDBaA4fMzb9S5F9/TJHE0BMZfKY3ZrnWdPUmn6a2dIZq
H9UjQYKwKGhrHeKK3tB9eqheS0NFW6fUxcNLfcILx2GhYSn8sV7NViMENQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLC5fCMkUOztld2g6a7Nl3FnffhXMB8GA1UdIwQY
MBaAFNiVvuVgVjD3BIsf+z8AOznSnkegMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpXLTVXQldNUGNFaXhfN1B3QTdPZEtlUjZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9lNzU0ZDYtMGRhYy00MjQ2LTlmZDYt
MjAyYTA5ODBjMTc2LzEvc0xsOEl5UlE3TzJWM2FEcHJzMlhjV2Q5LUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9lNzU0ZDYtMGRhYy00MjQ2LTlmZDYtMjAyYTA5ODBjMTc2
LzEvMkpXLTVXQldNUGNFaXhfN1B3QTdPZEtlUjZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQawDAN
BgkqhkiG9w0BAQsFAAOCAQEAgtYJ3VhawB5CMI2wufnpxUdEd9kLjDDJR6SvXzke
f8Mgmkv/B8jvYZoGR2XgweohagJoBnhS/oqS6KPC6HQ/8Y9eVnqq+8fg+I9iJFUE
rrEC/1qV9WEJqfJslaxXgCfU8tuBzPhP8tmWrpEHsFcqWHWObrlPhgtQUs7+TM4G
oPtx3VshQvIuJfmtvWNA1/z/XFPyZxg4cPQ80rjPnvB1E9fCthNiwyE0BmixTn/I
+LiVuqQFHYikkUm/cEbIQ4MIVIk0rtdFL733cMPlLqr+2x1Nmr7bZnciIpYsi4Ll
vJrPuU0z2LhxZaYR8hNUn0NtyRndKVhwTpf4Bk13vVZu0Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:16:03 2025 by rpki-client