Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/2ug6oXXs6B6_luh4rBvNpKOxz7g.roa
File: 2ug6oXXs6B6_luh4rBvNpKOxz7g.roa (raw, json)
Hash identifier: ZeiWWNw2BfUxlLzmKshngqQ54fJOBOM48CqsDZIDuiA=
Subject key identifier: DA:E8:3A:A1:75:EC:E8:1E:BF:96:E8:78:AC:1B:CD:A4:A3:B1:CF:B8
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422203A50E54CD9F4344F14433B8111F5
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/2ug6oXXs6B6_luh4rBvNpKOxz7g.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211498
IP address blocks: 2a0e:8f02:f021::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3a:50:e5:4c:d9:f4:34:4f:14:43:3b:81:11:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dae83aa175ece81ebf96e878ac1bcda4a3b1cfb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9a:11:3c:92:e4:65:32:6e:7b:cc:56:c3:3d:
75:d4:7b:06:d2:72:42:34:ee:fe:f0:be:d5:e2:d6:
da:d7:c5:6c:45:1a:fa:3a:7b:d5:ff:3b:e9:1f:fd:
b8:ab:cc:2d:5b:75:ef:85:01:31:62:c8:bb:a6:d5:
05:8d:3a:83:73:a2:af:0e:77:6e:9b:64:25:2f:33:
f9:bd:c9:7a:97:bb:bd:84:4b:4c:a0:51:ab:5c:5f:
c1:0a:23:d8:c6:24:57:54:7e:98:9f:3f:c2:d1:17:
da:47:db:49:de:7d:47:93:11:83:b8:04:a6:0c:08:
cb:71:3c:69:a5:35:04:0c:ff:f0:68:95:ac:f7:7d:
f8:09:6f:b7:5e:b6:53:98:ba:13:38:5d:d6:c4:54:
db:f1:c5:d6:9d:40:fb:59:95:9e:4e:5b:3c:48:08:
8e:93:07:10:2e:c7:4d:35:79:48:f3:5d:e9:6e:8f:
48:65:8d:67:99:52:cd:75:df:e8:ae:0a:33:e8:8d:
80:ab:02:53:8e:3e:d0:b4:39:87:57:89:3e:a5:49:
61:58:76:05:db:1e:3b:57:79:a6:73:b1:01:9c:61:
c3:b8:0f:29:02:e7:f1:b5:96:eb:b1:14:b7:68:f5:
8d:cd:a3:cc:a4:49:01:46:bd:ef:b5:70:55:72:b3:
33:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E8:3A:A1:75:EC:E8:1E:BF:96:E8:78:AC:1B:CD:A4:A3:B1:CF:B8
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/2ug6oXXs6B6_luh4rBvNpKOxz7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f021::/48
Signature Algorithm: sha256WithRSAEncryption
2f:fc:4a:3d:86:74:22:d6:a4:e0:70:d4:1d:ac:60:6e:7c:db:
50:b3:71:6f:ee:d4:c4:c2:0e:34:99:fc:68:66:36:f2:47:0a:
c1:a1:72:23:d6:0d:75:a5:5f:48:39:58:99:23:98:59:31:43:
c3:51:c7:08:4e:fa:9f:31:bc:2c:71:7d:3c:3b:23:1a:b8:ae:
77:d5:76:16:c8:6b:b3:12:52:56:4a:a2:c1:ee:82:c7:28:e9:
6e:c4:db:6e:cd:c8:63:6f:ef:5e:91:75:f9:03:56:d2:b7:43:
a6:86:3b:7e:0a:f5:f4:15:a8:27:49:85:a3:6d:12:83:74:4b:
df:a5:8a:8d:92:d7:0b:75:49:ce:2f:dc:89:f3:2f:bc:e8:27:
59:6c:ee:da:02:9e:e4:d4:89:79:68:20:15:fe:c2:cb:37:3e:
c2:4c:82:a8:b0:bf:da:78:f1:7a:0b:f2:1e:7a:d6:2a:fa:81:
03:b2:5e:a4:0a:cb:63:9f:e3:7f:9a:82:2c:ed:32:47:5f:a9:
ff:13:41:ac:af:af:43:39:68:92:09:59:d4:9c:82:90:34:24:
92:30:c9:e6:32:77:b4:e4:5d:a4:6a:ec:2d:52:48:c0:99:ca:
85:39:be:3f:de:73:4c:bf:97:e5:c7:75:84:d4:6c:e9:23:11:
65:9a:e2:29
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDpQ5UzZ9DRPFEM7gRH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWU4M2FhMTc1ZWNlODFlYmY5NmU4NzhhYzFiY2RhNGEzYjFjZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpoRPJLkZTJue8xWwz111HsG0nJC
NO7+8L7V4tba18VsRRr6OnvV/zvpH/24q8wtW3XvhQExYsi7ptUFjTqDc6KvDndu
m2QlLzP5vcl6l7u9hEtMoFGrXF/BCiPYxiRXVH6Ynz/C0RfaR9tJ3n1HkxGDuASm
DAjLcTxppTUEDP/waJWs9334CW+3XrZTmLoTOF3WxFTb8cXWnUD7WZWeTls8SAiO
kwcQLsdNNXlI813pbo9IZY1nmVLNdd/orgoz6I2AqwJTjj7QtDmHV4k+pUlhWHYF
2x47V3mmc7EBnGHDuA8pAufxtZbrsRS3aPWNzaPMpEkBRr3vtXBVcrMzHQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNroOqF17Ogev5boeKwbzaSjsc+4MB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvMnVnNm9YWHM2QjZfbHVoNHJCdk5wS094ejdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAh
MA0GCSqGSIb3DQEBCwUAA4IBAQAv/Eo9hnQi1qTgcNQdrGBufNtQs3Fv7tTEwg40
mfxoZjbyRwrBoXIj1g11pV9IOViZI5hZMUPDUccITvqfMbwscX08OyMauK531XYW
yGuzElJWSqLB7oLHKOluxNtuzchjb+9ekXX5A1bSt0Omhjt+CvX0FagnSYWjbRKD
dEvfpYqNktcLdUnOL9yJ8y+86CdZbO7aAp7k1Il5aCAV/sLLNz7CTIKosL/aePF6
C/IeetYq+oEDsl6kCstjn+N/moIs7TJHX6n/E0Gsr69DOWiSCVnUnIKQNCSSMMnm
Mne05F2kauwtUkjAmcqFOb4/3nNMv5flx3WE1GzpIxFlmuIp
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:48:43 2025 by rpki-client