Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/0JcOAjVYzD7ATTRTY6zM_FW7ibk.roa
File: 0JcOAjVYzD7ATTRTY6zM_FW7ibk.roa (raw, json)
Hash identifier: ae6zh695aCdxOBAb92vW9Mqs/ewqcDH7wayEClXo5lU=
Subject key identifier: D0:97:0E:02:35:58:CC:3E:C0:4D:34:53:63:AC:CC:FC:55:BB:89:B9
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 019428258BB6EA29296FB8CB328F71718A85
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/0JcOAjVYzD7ATTRTY6zM_FW7ibk.roa
Signing time: Thu 02 Jan 2025 17:52:16 +0000
ROA not before: Thu 02 Jan 2025 17:52:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61180
IP address blocks: 2a02:166b::/38 maxlen: 48
2a06:2602::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:8b:b6:ea:29:29:6f:b8:cb:32:8f:71:71:8a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 2 17:52:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0970e023558cc3ec04d345363acccfc55bb89b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:10:53:48:82:8f:62:61:54:a0:1b:01:f9:f9:
94:b2:b9:13:9f:f4:fb:27:c1:16:b7:53:24:f4:91:
3a:2c:c6:35:b1:8d:bc:9d:46:00:8b:e3:c1:fe:74:
a5:f5:00:74:e1:60:85:ee:c5:78:20:f5:09:68:63:
61:ca:46:ea:f1:8d:06:02:41:68:5c:75:87:fe:6f:
eb:7b:2d:53:75:26:1f:31:e4:2f:5c:9a:5b:49:43:
52:7e:c6:d5:d5:35:a5:81:48:a0:d9:56:b0:91:b5:
11:d6:55:b1:78:ea:90:4a:43:fa:41:cf:e9:eb:a5:
63:8b:7c:65:4d:97:70:e5:7b:8e:54:a1:32:ce:9d:
de:0f:3c:82:1e:57:32:a4:e5:37:33:e6:b6:61:5c:
6e:c5:bd:23:6b:f5:73:ea:35:50:5f:7d:4d:03:af:
91:f1:9c:7c:a0:38:13:8f:96:e1:80:00:57:cd:78:
31:30:5c:c0:0d:df:c8:f6:98:70:38:ce:dd:72:c9:
62:ea:e2:fe:82:91:f7:47:92:af:1a:80:2e:43:cb:
2f:83:5b:7e:5e:1b:81:cc:f2:da:89:4f:5e:af:a2:
1c:0a:ff:53:2c:e6:d0:70:0f:36:26:2e:a5:af:e1:
2c:db:61:62:8f:9d:01:d1:4d:b6:7f:cf:94:a5:73:
eb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:97:0E:02:35:58:CC:3E:C0:4D:34:53:63:AC:CC:FC:55:BB:89:B9
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/0JcOAjVYzD7ATTRTY6zM_FW7ibk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:166b::/38
2a06:2602::/38
Signature Algorithm: sha256WithRSAEncryption
ab:26:6d:14:3a:f5:79:79:fe:76:94:16:eb:ff:30:b5:fd:2b:
b5:fd:61:c6:1c:d0:18:74:54:5c:bb:30:e1:33:e8:19:1d:a6:
27:4c:48:4b:56:21:f3:ce:1d:c9:23:56:90:56:d9:33:53:b4:
2f:3b:0a:a1:c6:e5:5c:5d:17:7d:45:42:45:45:0d:62:a2:2d:
cc:1c:93:63:86:e7:a1:af:20:89:71:94:97:45:f2:0c:78:7d:
56:a5:19:18:d8:ea:28:69:ba:25:55:6a:96:94:f3:1d:d3:7b:
d0:0f:db:f1:ee:96:65:42:e1:cf:b6:37:3c:97:4a:91:5c:1b:
46:00:fa:ed:8f:0d:71:36:3c:c8:78:57:e4:54:62:e5:0e:81:
9c:9f:db:28:41:d4:cf:51:8d:f8:fe:2c:d0:8c:8c:b8:06:3b:
73:75:d3:34:ef:cb:da:2e:a9:5b:bf:3a:d4:7a:cc:8c:9d:4f:
eb:10:0d:ca:bb:94:6e:f7:77:79:5a:69:f7:74:6c:3b:d8:4a:
8a:de:6b:d5:67:a0:ac:5e:08:02:a1:e9:0d:24:a3:d6:eb:a6:
45:91:df:c4:08:bf:72:e3:5c:cf:6a:e7:97:3a:9a:78:f4:04:
f6:76:d0:30:4c:d1:7b:bb:56:27:b5:73:17:53:6e:aa:48:5e:
4b:09:d1:12
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQoJYu26ikpb7jLMo9xcYqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjUwMTAyMTc1MjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk3MGUwMjM1NThjYzNlYzA0ZDM0NTM2M2FjY2NmYzU1YmI4OWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hBTSIKPYmFUoBsB+fmUsrkTn/T7
J8EWt1Mk9JE6LMY1sY28nUYAi+PB/nSl9QB04WCF7sV4IPUJaGNhykbq8Y0GAkFo
XHWH/m/rey1TdSYfMeQvXJpbSUNSfsbV1TWlgUig2VawkbUR1lWxeOqQSkP6Qc/p
66Vji3xlTZdw5XuOVKEyzp3eDzyCHlcypOU3M+a2YVxuxb0ja/Vz6jVQX31NA6+R
8Zx8oDgTj5bhgABXzXgxMFzADd/I9phwOM7dcsli6uL+gpH3R5KvGoAuQ8svg1t+
XhuBzPLaiU9er6IcCv9TLObQcA82Ji6lr+Es22Fij50B0U22f8+UpXPrrwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFNCXDgI1WMw+wE00U2OszPxVu4m5MB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvMEpjT0FqVll6RDdBVFRSVFk2ek1fRlc3aWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYCKgIWawAD
BgIqBiYCADANBgkqhkiG9w0BAQsFAAOCAQEAqyZtFDr1eXn+dpQW6/8wtf0rtf1h
xhzQGHRUXLsw4TPoGR2mJ0xIS1Yh884dySNWkFbZM1O0LzsKocblXF0XfUVCRUUN
YqItzByTY4bnoa8giXGUl0XyDHh9VqUZGNjqKGm6JVVqlpTzHdN70A/b8e6WZULh
z7Y3PJdKkVwbRgD67Y8NcTY8yHhX5FRi5Q6BnJ/bKEHUz1GN+P4s0IyMuAY7c3XT
NO/L2i6pW7861HrMjJ1P6xANyruUbvd3eVpp93RsO9hKit5r1WegrF4IAqHpDSSj
1uumRZHfxAi/cuNcz2rnlzqaePQE9nbQMEzRe7tWJ7VzF1NuqkheSwnREg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:04 2025 by rpki-client