Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/65cJ9RF-3Ficf4WnFnV3XPrWEFU.roa
File: 65cJ9RF-3Ficf4WnFnV3XPrWEFU.roa (raw, json)
Hash identifier: Jf3kRT5s0YEOgJVOR0p8QeGad8Sv3vBIb9OkBYkh+BI=
Subject key identifier: EB:97:09:F5:11:7E:DC:58:9C:7F:85:A7:16:75:77:5C:FA:D6:10:55
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222027258CE3E1CC39CF3DD00D2FF131
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/65cJ9RF-3Ficf4WnFnV3XPrWEFU.roa
Signing time: Wed 01 Jan 2025 13:48:40 +0000
ROA not before: Wed 01 Jan 2025 13:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198275
IP address blocks: 2a0e:8f02:2240::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:27:25:8c:e3:e1:cc:39:cf:3d:d0:0d:2f:f1:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb9709f5117edc589c7f85a71675775cfad61055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:45:95:6c:e6:c2:8a:92:b6:8d:6c:e9:c5:
0e:b5:96:2f:d7:25:98:ac:29:cd:47:fb:89:a1:fb:
fa:78:3e:a8:5b:43:99:9e:66:a5:04:c9:b1:cd:c4:
5e:96:1d:12:f0:5d:dd:d5:c0:14:fc:16:c6:5f:0f:
0c:28:e1:9a:3a:65:04:67:2e:86:dd:dc:eb:6b:07:
dc:fd:ef:cd:1c:f4:fc:74:5c:44:43:a0:53:e2:2f:
4d:22:80:96:d0:e4:03:50:a6:ae:ce:19:b2:1a:a7:
a9:63:09:37:cd:57:65:6f:98:ca:e7:5d:3d:63:67:
96:2f:ea:4a:90:e3:f6:50:66:eb:1c:21:c1:f2:50:
f9:c1:ae:67:2d:05:33:19:50:ee:dd:84:82:1d:4b:
5b:46:70:b4:c6:df:f4:72:e3:8b:3b:05:db:a9:1f:
21:78:da:a0:cb:a4:7e:10:70:c1:0e:6b:99:38:36:
54:81:d2:74:c1:ce:0f:b8:ee:5e:56:e6:99:5b:a2:
29:6f:40:72:f5:de:56:21:ef:28:c8:b0:b4:71:65:
d4:3b:9d:86:14:f1:1d:9e:8d:1e:ca:87:18:eb:ec:
d0:9b:a7:c3:c0:d0:51:b4:79:c6:89:1d:d1:5c:43:
f8:cf:94:71:5f:ab:41:48:50:62:86:ba:8b:9c:77:
ab:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:97:09:F5:11:7E:DC:58:9C:7F:85:A7:16:75:77:5C:FA:D6:10:55
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/65cJ9RF-3Ficf4WnFnV3XPrWEFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2240::/44
Signature Algorithm: sha256WithRSAEncryption
07:53:c1:c2:15:70:ad:21:c9:ae:6c:f5:25:0f:a1:d1:66:58:
79:6b:91:cb:2d:17:36:1f:57:88:cb:62:45:71:84:93:d4:11:
b1:29:ca:02:0b:33:80:10:58:d1:03:c6:0f:15:dd:92:31:5d:
78:fd:17:dc:44:55:d6:28:6a:14:d5:3e:05:d4:dc:c4:49:13:
f0:5d:fe:cd:2e:4a:98:0a:32:e3:bb:a7:ac:cc:f8:9a:82:f0:
a5:e3:af:85:2b:c9:a9:f3:1d:30:ad:5f:ed:d7:38:74:9d:0a:
f9:50:39:db:b8:8b:82:e2:d6:3b:fc:c0:90:78:bd:b2:c8:64:
20:03:00:39:4d:72:1f:2b:27:2f:a1:56:e8:3c:bf:e2:89:8c:
d4:91:b8:8c:8f:20:1c:5d:7a:40:54:38:61:4a:cd:17:f5:19:
10:62:ef:42:da:25:a8:e3:c3:1f:5d:79:07:b0:27:63:7d:17:
83:d6:93:18:3c:f6:98:f4:cf:93:ec:61:57:a0:a5:c5:77:e5:
11:a6:1c:ed:19:c2:c6:9f:6c:0b:81:f6:81:a5:a9:2b:0b:83:
b2:5c:a9:7d:ff:75:84:be:ca:b9:f4:50:b9:7a:d2:33:d6:a3:
c6:28:47:9b:97:f1:f7:90:76:80:4b:25:64:ff:d7:8e:0b:71:
f7:78:f4:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiICcljOPhzDnPPdANL/ExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk3MDlmNTExN2VkYzU4OWM3Zjg1YTcxNjc1Nzc1Y2ZhZDYxMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRBFlWzmwoqSto1s6cUOtZYv1yWY
rCnNR/uJofv6eD6oW0OZnmalBMmxzcRelh0S8F3d1cAU/BbGXw8MKOGaOmUEZy6G
3dzrawfc/e/NHPT8dFxEQ6BT4i9NIoCW0OQDUKauzhmyGqepYwk3zVdlb5jK5109
Y2eWL+pKkOP2UGbrHCHB8lD5wa5nLQUzGVDu3YSCHUtbRnC0xt/0cuOLOwXbqR8h
eNqgy6R+EHDBDmuZODZUgdJ0wc4PuO5eVuaZW6Ipb0By9d5WIe8oyLC0cWXUO52G
FPEdno0eyocY6+zQm6fDwNBRtHnGiR3RXEP4z5RxX6tBSFBihrqLnHerqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOuXCfURftxYnH+FpxZ1d1z61hBVMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvNjVjSjlSRi0zRmljZjRXbkZuVjNYUHJXRUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiJA
MA0GCSqGSIb3DQEBCwUAA4IBAQAHU8HCFXCtIcmubPUlD6HRZlh5a5HLLRc2H1eI
y2JFcYST1BGxKcoCCzOAEFjRA8YPFd2SMV14/RfcRFXWKGoU1T4F1NzESRPwXf7N
LkqYCjLju6eszPiagvCl46+FK8mp8x0wrV/t1zh0nQr5UDnbuIuC4tY7/MCQeL2y
yGQgAwA5TXIfKycvoVboPL/iiYzUkbiMjyAcXXpAVDhhSs0X9RkQYu9C2iWo48Mf
XXkHsCdjfReD1pMYPPaY9M+T7GFXoKXFd+URphztGcLGn2wLgfaBpakrC4OyXKl9
/3WEvsq59FC5etIz1qPGKEebl/H3kHaASyVk/9eOC3H3ePQ6
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:10:53 2025 by rpki-client