Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0nbawP98h_WTT5LSwqS_SSqTeio.roa
File: 0nbawP98h_WTT5LSwqS_SSqTeio.roa (raw, json)
Hash identifier: VJe+UBWi4/AWu33Yx14lgycSv1ORuwbaO1orDrcCZMY=
Subject key identifier: D2:76:DA:C0:FF:7C:87:F5:93:4F:92:D2:C2:A4:BF:49:2A:93:7A:2A
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220349431E40FD2095847B9864D61F5
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0nbawP98h_WTT5LSwqS_SSqTeio.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207618
IP address blocks: 2a0e:8f02:21c0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:34:94:31:e4:0f:d2:09:58:47:b9:86:4d:61:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d276dac0ff7c87f5934f92d2c2a4bf492a937a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b6:50:6f:df:10:24:42:32:10:0b:06:b2:55:
fc:d1:16:52:78:b7:52:c8:82:fd:76:b4:11:1b:8b:
01:4e:41:32:76:b8:c7:48:5c:18:1b:ff:f4:06:6f:
9d:c6:c3:6a:2c:45:03:62:ca:35:ca:35:cd:9d:2c:
2b:9a:8d:73:c0:2e:0c:33:6e:23:6b:d2:52:30:07:
1a:e6:87:85:c4:e4:7d:c6:0a:17:20:ec:cb:2e:ef:
59:3a:f6:98:e2:9d:02:56:94:8a:fe:79:fc:8f:39:
14:27:b6:20:0b:c7:76:ef:6e:f8:f0:1b:d0:5b:ca:
11:28:7e:91:b5:44:49:bc:88:f0:30:0b:3a:e2:5d:
29:11:b8:a4:9a:06:33:2b:d7:ba:e5:3a:75:06:95:
83:c0:c5:7f:a8:32:1f:8a:d4:18:85:23:a8:85:7a:
bc:e6:7a:e3:5f:b3:b2:ed:a2:d5:ee:43:cd:8a:c0:
61:0d:bc:9e:44:6d:66:01:2e:58:2d:02:cb:b4:44:
33:6b:3c:5c:15:fd:5f:f9:5a:ad:bd:61:e1:e7:6a:
68:be:77:f6:e7:b4:7c:c6:2d:aa:b1:38:9f:1b:60:
e9:bc:c9:85:7c:6f:db:a3:4f:e0:ef:3d:c3:12:00:
a0:13:3d:b6:7c:a9:c4:af:84:98:40:3b:5b:f8:f9:
86:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:76:DA:C0:FF:7C:87:F5:93:4F:92:D2:C2:A4:BF:49:2A:93:7A:2A
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/0nbawP98h_WTT5LSwqS_SSqTeio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:21c0::/44
Signature Algorithm: sha256WithRSAEncryption
35:b2:cc:94:9c:d5:b1:11:c4:1b:7d:7e:81:76:15:33:4b:8d:
44:cc:44:f0:3e:1d:47:9e:a6:bd:1d:1a:ed:c1:79:a2:c0:4b:
62:f1:9c:0f:43:ff:39:4c:6c:bc:55:81:39:d5:f4:fa:12:d2:
f8:b3:61:47:47:b5:95:b1:dc:5a:c8:d0:e7:4a:ef:bc:ed:02:
07:49:ca:54:44:32:a8:eb:9a:5c:47:88:4d:00:99:33:3e:d1:
ba:c8:52:5d:cb:9e:8f:8f:34:30:8b:a7:b2:70:ee:4f:0e:ae:
06:50:7e:0f:df:76:e2:28:cc:71:34:32:e2:d3:00:5d:09:69:
a1:bc:93:22:0a:7f:16:39:3f:15:ab:08:92:7d:a6:25:d6:c7:
83:76:3d:f4:ad:2b:cf:05:3f:a7:2b:f5:23:c6:c0:7a:06:2e:
50:26:3f:c2:c9:a8:6e:2e:74:67:7e:b1:4f:52:f1:9e:7f:d2:
28:8f:60:c9:f0:18:de:03:95:d8:9c:e6:3b:aa:36:33:fe:d8:
59:3f:3c:e9:b6:67:1a:0b:34:69:64:82:2e:68:dc:e2:8b:9f:
4e:2e:cd:cd:7f:d7:d5:8e:0c:8e:2b:2b:52:9a:6c:70:ef:2d:
cd:e4:ae:a1:9d:f5:67:49:02:3d:ca:31:7e:ba:01:8d:d2:bf:
9c:b1:fa:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDSUMeQP0glYR7mGTWH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc2ZGFjMGZmN2M4N2Y1OTM0ZjkyZDJjMmE0YmY0OTJhOTM3YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rZQb98QJEIyEAsGslX80RZSeLdS
yIL9drQRG4sBTkEydrjHSFwYG//0Bm+dxsNqLEUDYso1yjXNnSwrmo1zwC4MM24j
a9JSMAca5oeFxOR9xgoXIOzLLu9ZOvaY4p0CVpSK/nn8jzkUJ7YgC8d272748BvQ
W8oRKH6RtURJvIjwMAs64l0pEbikmgYzK9e65Tp1BpWDwMV/qDIfitQYhSOohXq8
5nrjX7Oy7aLV7kPNisBhDbyeRG1mAS5YLQLLtEQzazxcFf1f+VqtvWHh52povnf2
57R8xi2qsTifG2DpvMmFfG/bo0/g7z3DEgCgEz22fKnEr4SYQDtb+PmGcQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNJ22sD/fIf1k0+S0sKkv0kqk3oqMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMG5iYXdQOThoX1dUVDVMU3dxU19TU3FUZWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiHA
MA0GCSqGSIb3DQEBCwUAA4IBAQA1ssyUnNWxEcQbfX6BdhUzS41EzETwPh1Hnqa9
HRrtwXmiwEti8ZwPQ/85TGy8VYE51fT6EtL4s2FHR7WVsdxayNDnSu+87QIHScpU
RDKo65pcR4hNAJkzPtG6yFJdy56PjzQwi6eycO5PDq4GUH4P33biKMxxNDLi0wBd
CWmhvJMiCn8WOT8VqwiSfaYl1seDdj30rSvPBT+nK/UjxsB6Bi5QJj/CyahuLnRn
frFPUvGef9Ioj2DJ8BjeA5XYnOY7qjYz/thZPzzptmcaCzRpZIIuaNzii59OLs3N
f9fVjgyOKytSmmxw7y3N5K6hnfVnSQI9yjF+ugGN0r+csfpW
-----END CERTIFICATE-----
Generated at Sun Apr 6 22:53:24 2025 by rpki-client