Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/jfQonXtPZtcDBte2FXgG7Z2rsPg.roa
File: jfQonXtPZtcDBte2FXgG7Z2rsPg.roa (raw, json)
Hash identifier: K2eAlLdAXZ12cK1cQO/TfyRLKstdPW0ZoPYSuEKmNig=
Subject key identifier: 8D:F4:28:9D:7B:4F:66:D7:03:06:D7:B6:15:78:06:ED:9D:AB:B0:F8
Certificate issuer: /CN=3a0b05f40a6916394782302d1b5660737257a48b
Certificate serial: 018B70BC150A5E2DB8B517FE03E7523B55AF
Authority key identifier: 3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/jfQonXtPZtcDBte2FXgG7Z2rsPg.roa
Signing time: Fri 27 Oct 2023 10:44:16 +0000
ROA not before: Fri 27 Oct 2023 10:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209474
IP address blocks: 2a0f:6580:108::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:bc:15:0a:5e:2d:b8:b5:17:fe:03:e7:52:3b:55:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0b05f40a6916394782302d1b5660737257a48b
Validity
Not Before: Oct 27 10:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8df4289d7b4f66d70306d7b6157806ed9dabb0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9e:31:c4:ee:67:21:74:e8:0d:a2:6b:d7:0e:
21:81:75:1c:f2:f5:01:38:a3:71:b9:65:ff:47:48:
39:2f:61:41:51:4c:b6:b1:08:3b:8b:af:ef:70:46:
ed:32:1a:2b:c5:e0:f2:d2:74:d5:fb:48:be:da:2f:
a5:13:2e:f1:26:ca:1c:de:ea:d5:5e:5d:76:96:e7:
9c:9c:97:38:78:8b:bf:95:10:1e:f6:69:e5:44:53:
45:d2:f2:b8:8a:13:7c:da:8d:bd:74:df:d7:72:a8:
cb:69:b0:47:7d:05:5d:0a:f8:64:8a:4e:a0:da:a2:
08:c7:1a:3e:86:63:13:83:8f:90:63:4c:c1:5d:60:
bb:98:d9:72:2b:51:0f:8a:f6:30:c4:ce:bd:7e:f8:
2c:1b:92:d7:e4:eb:78:ca:be:e8:39:b1:fb:2b:cd:
23:b5:4a:28:e7:42:e3:1b:3d:4c:c2:b5:64:83:2c:
26:61:de:95:1f:2b:4e:e6:ca:17:33:59:34:62:73:
58:96:34:69:4f:06:12:61:7c:9c:bf:f7:5c:19:04:
a9:53:dc:19:e8:77:4b:4b:50:b6:8c:6d:7d:76:00:
fa:c9:40:4b:27:5b:6f:bd:27:75:34:42:79:60:82:
23:4f:f5:ac:60:44:5d:e2:34:dd:20:6e:3c:f0:24:
2f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F4:28:9D:7B:4F:66:D7:03:06:D7:B6:15:78:06:ED:9D:AB:B0:F8
X509v3 Authority Key Identifier:
keyid:3A:0B:05:F4:0A:69:16:39:47:82:30:2D:1B:56:60:73:72:57:A4:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgsF9AppFjlHgjAtG1Zgc3JXpIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/jfQonXtPZtcDBte2FXgG7Z2rsPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7583cb-d31e-4e03-b14b-b20e28f5188f/1/OgsF9AppFjlHgjAtG1Zgc3JXpIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6580:108::/48
Signature Algorithm: sha256WithRSAEncryption
17:75:05:0d:0e:8a:e1:d5:50:07:4a:78:8e:0a:8f:d4:ea:16:
d6:b0:c0:59:fb:c4:97:59:61:04:c3:cb:b9:1d:31:77:70:af:
97:c2:18:0b:1f:87:88:8d:e5:51:a7:a1:9d:52:63:5c:c5:5f:
e3:14:56:8a:89:db:03:6b:84:f4:77:49:de:80:d6:cd:8e:8b:
e9:8b:64:53:a3:97:f3:26:93:05:93:34:26:14:94:6d:27:e4:
23:db:ea:94:e5:c4:54:12:a8:8d:f0:f9:42:3c:52:09:3e:99:
2f:9d:8f:27:8c:37:cb:04:bd:9a:b6:38:4c:3c:51:ca:57:f0:
7a:fe:d0:e3:cc:07:38:b1:03:c5:77:69:1c:ca:67:92:01:3f:
a7:a8:4f:1a:f0:e7:18:4e:29:b3:94:ce:c1:5d:c5:c7:7c:70:
24:d8:1c:ff:aa:e0:d5:46:02:74:db:32:23:70:97:ab:c2:62:
dc:0d:86:9b:28:4f:0b:75:40:42:58:7a:50:e0:c8:fb:5a:51:
a9:9b:f8:74:d7:e9:db:7d:20:96:ca:f2:8d:f6:e4:f8:da:b9:
69:64:8e:ca:9e:69:11:ae:c4:c5:9a:7b:54:25:d8:db:f9:f7:
93:bc:f0:5c:9a:88:81:26:6a:76:5f:1d:d2:ce:66:e0:1f:94:
bf:c2:35:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYtwvBUKXi24tRf+A+dSO1WvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMGIwNWY0MGE2OTE2Mzk0NzgyMzAyZDFiNTY2MDczNzI1
N2E0OGIwHhcNMjMxMDI3MTA0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY0Mjg5ZDdiNGY2NmQ3MDMwNmQ3YjYxNTc4MDZlZDlkYWJiMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ4xxO5nIXToDaJr1w4hgXUc8vUB
OKNxuWX/R0g5L2FBUUy2sQg7i6/vcEbtMhorxeDy0nTV+0i+2i+lEy7xJsoc3urV
Xl12luecnJc4eIu/lRAe9mnlRFNF0vK4ihN82o29dN/XcqjLabBHfQVdCvhkik6g
2qIIxxo+hmMTg4+QY0zBXWC7mNlyK1EPivYwxM69fvgsG5LX5Ot4yr7oObH7K80j
tUoo50LjGz1MwrVkgywmYd6VHytO5soXM1k0YnNYljRpTwYSYXycv/dcGQSpU9wZ
6HdLS1C2jG19dgD6yUBLJ1tvvSd1NEJ5YIIjT/WsYERd4jTdIG488CQvjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI30KJ17T2bXAwbXthV4Bu2dq7D4MB8GA1UdIwQY
MBaAFDoLBfQKaRY5R4IwLRtWYHNyV6SLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGIt
YjIwZTI4ZjUxODhmLzEvamZRb25YdFBadGNEQnRlMkZYZ0c3WjJyc1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83NTgzY2ItZDMxZS00ZTAzLWIxNGItYjIwZTI4ZjUxODhm
LzEvT2dzRjlBcHBGamxIZ2pBdEcxWmdjM0pYcElzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9lgAEI
MA0GCSqGSIb3DQEBCwUAA4IBAQAXdQUNDorh1VAHSniOCo/U6hbWsMBZ+8SXWWEE
w8u5HTF3cK+XwhgLH4eIjeVRp6GdUmNcxV/jFFaKidsDa4T0d0negNbNjovpi2RT
o5fzJpMFkzQmFJRtJ+Qj2+qU5cRUEqiN8PlCPFIJPpkvnY8njDfLBL2atjhMPFHK
V/B6/tDjzAc4sQPFd2kcymeSAT+nqE8a8OcYTimzlM7BXcXHfHAk2Bz/quDVRgJ0
2zIjcJerwmLcDYabKE8LdUBCWHpQ4Mj7WlGpm/h01+nbfSCWyvKN9uT42rlpZI7K
nmkRrsTFmntUJdjb+feTvPBcmoiBJmp2Xx3SzmbgH5S/wjVN
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:52 2025 by rpki-client