Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Don0TPKAmNo5BS8-E-GyMOu6hkI.roa
File: Don0TPKAmNo5BS8-E-GyMOu6hkI.roa (raw, json)
Hash identifier: dHcsFhOh2Wuc60BwNAAa1Gxg7mbCFT+/9ZLRwd/QRi0=
Subject key identifier: 0E:89:F4:4C:F2:80:98:DA:39:05:2F:3E:13:E1:B2:30:EB:BA:86:42
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195C9CDE9E809AA1FCD161ED0896024D78B
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Don0TPKAmNo5BS8-E-GyMOu6hkI.roa
Signing time: Mon 24 Mar 2025 20:17:49 +0000
ROA not before: Mon 24 Mar 2025 20:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60223
IP address blocks: 2a14:62c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:cd:e9:e8:09:aa:1f:cd:16:1e:d0:89:60:24:d7:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 24 20:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e89f44cf28098da39052f3e13e1b230ebba8642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3d:fd:01:75:24:a7:d7:13:e7:f7:39:22:0d:
86:b5:b6:54:c0:c5:2a:4f:25:65:89:fd:dd:d5:92:
f9:eb:44:d1:4c:97:41:a1:93:a1:fa:b2:f8:b3:23:
10:47:2c:95:ec:24:9a:80:1a:1b:35:2a:cb:df:9e:
68:4b:bb:72:a7:cd:e2:b8:32:55:83:bf:c9:b3:20:
15:96:06:94:cf:5b:a4:70:ee:ce:1a:f7:66:87:6b:
44:c4:c2:85:94:51:d8:42:7c:b3:08:b6:e6:22:55:
eb:fe:b7:d7:41:35:71:8d:88:e1:1e:10:71:68:71:
ac:19:41:a8:67:20:c4:6c:ff:52:75:68:88:ed:f8:
c7:74:2c:bb:6d:f6:2b:00:c4:db:66:70:e7:f7:b9:
a7:e4:34:61:d0:72:5d:07:ef:e6:6f:bd:24:fd:b7:
d6:37:f6:d0:81:6d:c8:72:a8:c6:74:37:0b:b4:b8:
00:ce:4d:24:a3:e1:63:42:d8:ee:c6:82:dd:38:c3:
fc:9a:e7:c5:e6:40:fc:0f:0b:e2:e5:6b:46:d0:aa:
9f:5b:02:4d:7a:21:05:8d:db:28:fd:0f:19:db:ae:
03:13:51:02:54:23:7a:7c:14:06:b7:61:34:60:a5:
81:ca:2a:8f:ee:81:a3:7b:86:84:da:84:2e:29:81:
72:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:89:F4:4C:F2:80:98:DA:39:05:2F:3E:13:E1:B2:30:EB:BA:86:42
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Don0TPKAmNo5BS8-E-GyMOu6hkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:62c0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:d0:c7:c3:5b:51:6b:92:01:f3:8f:af:e0:7b:42:b9:d4:95:
b8:28:72:64:9c:6f:a0:d6:86:96:54:88:68:2c:ad:05:2a:bc:
af:46:72:de:0c:63:c9:d6:8c:e7:b6:dd:90:1c:15:46:fe:0e:
6c:15:18:47:6c:8e:ca:35:8b:cb:10:ed:ca:f1:fb:3e:23:0b:
3f:5e:cf:20:42:fc:83:15:5b:fb:d2:75:86:55:c4:60:02:31:
90:f2:d9:de:48:85:29:28:39:b9:87:8d:f5:5c:a8:21:1b:b0:
b4:71:da:41:02:f9:f8:dd:9b:27:db:18:5c:df:3d:e7:1e:7e:
a0:40:72:88:16:9b:3d:ec:f3:ba:40:c6:c1:b4:6e:cb:c5:e8:
9e:de:d9:22:32:0c:07:71:a1:ba:bf:2f:4b:03:b8:66:c3:9a:
9b:1c:f6:94:1d:8a:c6:32:5e:d2:02:4f:dd:21:63:92:ee:43:
52:07:38:31:9f:d9:96:13:e0:4c:bb:c8:2e:ed:15:2b:9b:f4:
16:21:82:d4:de:af:8a:25:a5:3f:cb:f7:92:38:2c:7a:52:92:
5c:35:22:ee:77:65:37:d5:97:4b:df:cf:f9:15:1a:a8:f2:74:
de:6b:10:4a:db:a9:c9:9e:a1:03:8e:0d:64:bb:1f:0a:36:2b:
0a:a4:65:2b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXJzenoCaofzRYe0IlgJNeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzI0MjAxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTg5ZjQ0Y2YyODA5OGRhMzkwNTJmM2UxM2UxYjIzMGViYmE4NjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj39AXUkp9cT5/c5Ig2GtbZUwMUq
TyVlif3d1ZL560TRTJdBoZOh+rL4syMQRyyV7CSagBobNSrL355oS7typ83iuDJV
g7/JsyAVlgaUz1ukcO7OGvdmh2tExMKFlFHYQnyzCLbmIlXr/rfXQTVxjYjhHhBx
aHGsGUGoZyDEbP9SdWiI7fjHdCy7bfYrAMTbZnDn97mn5DRh0HJdB+/mb70k/bfW
N/bQgW3IcqjGdDcLtLgAzk0ko+FjQtjuxoLdOMP8mufF5kD8Dwvi5WtG0KqfWwJN
eiEFjdso/Q8Z264DE1ECVCN6fBQGt2E0YKWByiqP7oGje4aE2oQuKYFypQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA6J9EzygJjaOQUvPhPhsjDruoZCMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvRG9uMFRQS0FtTm81QlM4LUUtR3lNT3U2aGtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRiwDAN
BgkqhkiG9w0BAQsFAAOCAQEAGtDHw1tRa5IB84+v4HtCudSVuChyZJxvoNaGllSI
aCytBSq8r0Zy3gxjydaM57bdkBwVRv4ObBUYR2yOyjWLyxDtyvH7PiMLP17PIEL8
gxVb+9J1hlXEYAIxkPLZ3kiFKSg5uYeN9VyoIRuwtHHaQQL5+N2bJ9sYXN895x5+
oEByiBabPezzukDGwbRuy8Xont7ZIjIMB3Ghur8vSwO4ZsOamxz2lB2KxjJe0gJP
3SFjku5DUgc4MZ/ZlhPgTLvILu0VK5v0FiGC1N6viiWlP8v3kjgselKSXDUi7ndl
N9WXS9/P+RUaqPJ03msQStupyZ6hA44NZLsfCjYrCqRlKw==
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:27:10 2025 by rpki-client