Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/r5ZgGaHKIkFsDW5OTwwhK4tgAsQ.roa
File: r5ZgGaHKIkFsDW5OTwwhK4tgAsQ.roa (raw, json)
Hash identifier: jLmSUGri8N356kUEE/tygoNrVgGIX4EqiZgEZdk/J6k=
Subject key identifier: AF:96:60:19:A1:CA:22:41:6C:0D:6E:4E:4F:0C:21:2B:8B:60:02:C4
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 0194266C2199F2C29BC548E9CE28205CA1A9
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/r5ZgGaHKIkFsDW5OTwwhK4tgAsQ.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 2a07:bdc1::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:21:99:f2:c2:9b:c5:48:e9:ce:28:20:5c:a1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af966019a1ca22416c0d6e4e4f0c212b8b6002c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:92:36:86:dd:c6:19:04:b6:1a:4b:e3:3b:bc:
53:f5:d8:38:1b:02:3b:5f:ec:65:4b:01:ed:6a:ba:
0d:ed:77:f7:90:99:59:2f:01:d9:f1:4e:84:5c:87:
fd:bf:fe:67:0e:cd:8e:91:ba:df:f7:4f:b5:c7:94:
1e:56:1e:e0:d1:16:ff:29:29:01:7a:ba:2a:6c:0a:
62:bc:dc:43:5c:cc:e4:da:8a:da:27:58:a6:79:a8:
bd:44:f2:73:48:d4:e0:c6:f6:fd:98:d4:d7:9e:11:
8a:03:83:e3:9f:4d:be:2e:84:ff:60:ef:53:b2:54:
dd:4a:ea:6c:7b:9b:4a:fa:de:30:e7:37:e8:a8:2d:
c9:2b:f2:da:23:d1:e2:d0:99:5f:9e:66:73:f1:a2:
43:8e:e3:72:f0:b9:89:4b:e0:29:16:8b:e5:97:3c:
f0:b8:5a:43:7b:eb:a4:94:31:88:86:1d:37:07:05:
e6:4a:8c:76:1b:ee:dc:c2:d4:ba:20:d8:4b:db:62:
96:82:b3:4b:78:fa:ec:9a:ed:85:40:49:f7:6b:5f:
30:ad:bd:4e:60:c9:f8:57:f4:7c:08:a4:2e:69:1d:
02:7b:6b:a6:27:66:21:de:85:da:ef:82:07:0c:4e:
b3:3c:89:4e:3d:32:04:d4:8d:fb:b0:33:bb:d1:03:
cd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:96:60:19:A1:CA:22:41:6C:0D:6E:4E:4F:0C:21:2B:8B:60:02:C4
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/r5ZgGaHKIkFsDW5OTwwhK4tgAsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bdc1::/32
Signature Algorithm: sha256WithRSAEncryption
b9:9d:74:0d:46:98:5e:12:84:bc:de:83:ea:91:bb:de:aa:aa:
00:5c:89:4b:1e:7a:b7:40:af:66:4c:4f:25:f4:1a:3d:9e:3b:
ba:f1:56:0d:23:db:24:9e:28:c0:66:c5:c1:13:aa:d1:64:36:
09:b4:3a:c0:cc:80:5f:3b:78:65:c6:20:10:c8:06:de:93:53:
3b:89:f1:96:d8:e4:d7:03:af:be:36:7c:55:12:6c:4a:88:36:
e8:80:b2:27:fc:e9:7f:64:32:e1:7b:8d:86:5b:04:f9:d9:46:
46:44:4d:10:12:3f:63:ec:7f:37:bf:89:e5:2d:fd:0a:ac:ea:
64:59:88:8e:56:3a:3f:ba:95:4c:c5:8f:43:d5:0c:c5:4d:26:
f5:19:1d:81:cf:e6:1b:4c:36:75:4e:b6:04:96:1c:7c:f2:77:
0e:b8:55:df:b4:1d:87:cc:6b:c1:80:43:a6:06:06:e7:6a:15:
ee:0c:32:ea:93:18:9b:81:f8:18:a6:5f:18:42:b7:e8:aa:29:
08:04:7a:12:f2:4f:d3:89:a5:92:33:29:bf:b8:4c:55:15:e0:
30:96:6b:8f:77:95:dd:4b:9a:da:93:c6:07:44:11:6f:b1:c2:
98:bd:48:22:40:b0:01:69:13:0e:6d:b5:06:c7:93:76:3c:af:
fc:0c:70:a8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbCGZ8sKbxUjpziggXKGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk2NjAxOWExY2EyMjQxNmMwZDZlNGU0ZjBjMjEyYjhiNjAwMmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5I2ht3GGQS2GkvjO7xT9dg4GwI7
X+xlSwHtaroN7Xf3kJlZLwHZ8U6EXIf9v/5nDs2Okbrf90+1x5QeVh7g0Rb/KSkB
eroqbApivNxDXMzk2oraJ1imeai9RPJzSNTgxvb9mNTXnhGKA4Pjn02+LoT/YO9T
slTdSupse5tK+t4w5zfoqC3JK/LaI9Hi0JlfnmZz8aJDjuNy8LmJS+ApFovllzzw
uFpDe+uklDGIhh03BwXmSox2G+7cwtS6INhL22KWgrNLePrsmu2FQEn3a18wrb1O
YMn4V/R8CKQuaR0Ce2umJ2Yh3oXa74IHDE6zPIlOPTIE1I37sDO70QPNtwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK+WYBmhyiJBbA1uTk8MISuLYALEMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvcjVaZ0dhSEtJa0ZzRFc1T1R3d2hLNHRnQXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKge9wTAN
BgkqhkiG9w0BAQsFAAOCAQEAuZ10DUaYXhKEvN6D6pG73qqqAFyJSx56t0CvZkxP
JfQaPZ47uvFWDSPbJJ4owGbFwROq0WQ2CbQ6wMyAXzt4ZcYgEMgG3pNTO4nxltjk
1wOvvjZ8VRJsSog26ICyJ/zpf2Qy4XuNhlsE+dlGRkRNEBI/Y+x/N7+J5S39Cqzq
ZFmIjlY6P7qVTMWPQ9UMxU0m9Rkdgc/mG0w2dU62BJYcfPJ3DrhV37Qdh8xrwYBD
pgYG52oV7gwy6pMYm4H4GKZfGEK36KopCAR6EvJP04mlkjMpv7hMVRXgMJZrj3eV
3Uua2pPGB0QRb7HCmL1IIkCwAWkTDm21BseTdjyv/AxwqA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:57:28 2025 by rpki-client