Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1z2Ck6etB-1htJIJDezY87mEz9w.roa
File: 1z2Ck6etB-1htJIJDezY87mEz9w.roa (raw, json)
Hash identifier: FXZSQfWuAITRVOTsYkUgWizi98XXwxJhRCNvKg//7l0=
Subject key identifier: D7:3D:82:93:A7:AD:07:ED:61:B4:92:09:0D:EC:D8:F3:B9:84:CF:DC
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220252EB87FA2A95BB73C252B020217
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1z2Ck6etB-1htJIJDezY87mEz9w.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49933
IP address blocks: 2a0e:8f00:f100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:25:2e:b8:7f:a2:a9:5b:b7:3c:25:2b:02:02:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d73d8293a7ad07ed61b492090decd8f3b984cfdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:21:2c:b4:95:80:9c:0d:65:e3:74:ea:75:26:
b1:9f:70:56:29:8e:8e:66:ba:2b:3c:65:45:71:aa:
65:ab:4c:04:40:0a:3d:41:bd:d9:67:92:14:49:47:
f0:8f:2d:48:3e:cc:c8:a4:57:84:32:25:01:29:e0:
cc:29:12:2d:44:4c:77:32:9b:a0:09:3d:2f:bd:87:
9b:97:d9:c0:65:b3:9f:0d:7a:18:4e:a8:c3:bc:cf:
66:96:e6:a2:4c:a1:6c:4e:50:fb:1b:df:c6:9e:8a:
09:1d:39:13:c4:52:c4:de:89:8c:87:2c:19:21:44:
23:20:82:2d:a6:22:ae:8d:6d:cd:a8:9e:f5:f2:fb:
0d:5e:21:8e:28:9a:f0:48:4f:2a:15:60:d1:da:8f:
6f:59:c1:90:78:7d:2f:00:1c:00:50:41:eb:6d:cf:
55:8d:81:c9:3b:8b:86:ae:f5:86:d6:94:b8:e6:5c:
14:29:01:15:75:db:0f:16:38:f9:a0:b2:3d:2d:b5:
40:17:2e:ec:bc:c5:97:5f:6c:0e:d8:87:a5:53:56:
3a:f0:fb:e1:8e:98:03:bc:3d:db:a1:62:fe:58:f3:
1e:21:10:da:46:91:63:3c:45:e3:c0:c9:7c:d0:d4:
bb:9c:72:b0:d9:16:6e:e1:e3:3f:8b:fe:18:2f:ed:
3d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3D:82:93:A7:AD:07:ED:61:B4:92:09:0D:EC:D8:F3:B9:84:CF:DC
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1z2Ck6etB-1htJIJDezY87mEz9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f00:f100::/40
Signature Algorithm: sha256WithRSAEncryption
4c:3c:83:54:2e:10:73:ed:6c:09:3b:58:39:15:97:ab:61:52:
a7:55:73:61:a2:2f:30:be:93:88:68:41:e7:ec:e3:5d:f9:28:
56:27:03:23:82:72:72:97:17:05:42:0c:1a:20:8f:8b:8b:cc:
46:47:b9:d8:b0:3d:36:67:b9:c2:1c:2c:80:22:16:14:6f:17:
40:8a:8a:f2:b6:3e:2a:d0:26:80:fc:d8:51:83:31:b6:80:a1:
28:ba:64:10:83:55:e0:7c:9c:aa:56:4e:af:4d:98:0b:c9:4b:
eb:fe:51:fd:bc:23:a2:e2:71:df:86:4d:80:56:de:90:0b:ab:
97:c7:af:c5:fb:31:e5:bf:f1:ec:fe:5a:e8:e4:89:56:3d:2a:
07:c7:30:af:d5:57:68:a0:8a:6a:29:e8:80:c9:96:78:85:d2:
4c:d6:86:d2:9b:02:56:2e:88:72:21:a8:f1:41:b4:e4:85:a5:
75:41:82:7f:91:5f:f3:b5:2e:28:ab:0c:5a:27:71:95:41:00:
10:71:26:00:62:25:3f:17:85:d8:0e:fe:1d:9b:03:76:59:1b:
04:27:d6:62:e1:6e:56:c5:33:77:9d:9e:73:b1:05:bc:2d:c0:
ea:81:b8:c2:4d:50:cf:70:d4:05:66:be:b3:d6:da:98:b3:93:
c3:cb:4a:66
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQiICUuuH+iqVu3PCUrAgIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNkODI5M2E3YWQwN2VkNjFiNDkyMDkwZGVjZDhmM2I5ODRjZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSEstJWAnA1l43TqdSaxn3BWKY6O
ZrorPGVFcaplq0wEQAo9Qb3ZZ5IUSUfwjy1IPszIpFeEMiUBKeDMKRItREx3Mpug
CT0vvYebl9nAZbOfDXoYTqjDvM9mluaiTKFsTlD7G9/GnooJHTkTxFLE3omMhywZ
IUQjIIItpiKujW3NqJ718vsNXiGOKJrwSE8qFWDR2o9vWcGQeH0vABwAUEHrbc9V
jYHJO4uGrvWG1pS45lwUKQEVddsPFjj5oLI9LbVAFy7svMWXX2wO2IelU1Y68Pvh
jpgDvD3boWL+WPMeIRDaRpFjPEXjwMl80NS7nHKw2RZu4eM/i/4YL+09NwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNc9gpOnrQftYbSSCQ3s2PO5hM/cMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMXoyQ2s2ZXRCLTFodEpJSkRlelk4N21Fejl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6PAPEw
DQYJKoZIhvcNAQELBQADggEBAEw8g1QuEHPtbAk7WDkVl6thUqdVc2GiLzC+k4ho
Qefs4135KFYnAyOCcnKXFwVCDBogj4uLzEZHudiwPTZnucIcLIAiFhRvF0CKivK2
PirQJoD82FGDMbaAoSi6ZBCDVeB8nKpWTq9NmAvJS+v+Uf28I6Licd+GTYBW3pAL
q5fHr8X7MeW/8ez+WujkiVY9KgfHMK/VV2igimop6IDJlniF0kzWhtKbAlYuiHIh
qPFBtOSFpXVBgn+RX/O1LiirDFoncZVBABBxJgBiJT8XhdgO/h2bA3ZZGwQn1mLh
blbFM3ednnOxBbwtwOqBuMJNUM9w1AVmvrPW2pizk8PLSmY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:01:17 2025 by rpki-client