Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/CF1a1UBxkfp2m5ydWrf_y5_9MTI.roa
File: CF1a1UBxkfp2m5ydWrf_y5_9MTI.roa (raw, json)
Hash identifier: ms/4BaHm2+9zutw41K/YBruRfXfnpLYmZWkOr9KKWro=
Subject key identifier: 08:5D:5A:D5:40:71:91:FA:76:9B:9C:9D:5A:B7:FF:CB:9F:FD:31:32
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222054BDF757E84D16DCDB54764EF3C4
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/CF1a1UBxkfp2m5ydWrf_y5_9MTI.roa
Signing time: Wed 01 Jan 2025 13:48:51 +0000
ROA not before: Wed 01 Jan 2025 13:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 222222
IP address blocks: 2a0e:8f02:f054::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:54:bd:f7:57:e8:4d:16:dc:db:54:76:4e:f3:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=085d5ad5407191fa769b9c9d5ab7ffcb9ffd3132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:60:70:41:d2:b7:f2:66:1d:ad:aa:01:65:97:
fc:da:d4:07:3e:f2:23:78:d7:e7:a2:55:a6:44:37:
c6:e2:31:2b:0f:6b:0b:d8:8b:52:9a:49:0a:58:35:
93:c8:81:4a:6c:c2:36:d4:70:7d:f4:3c:27:d5:6f:
51:42:6c:b9:14:9a:37:4a:c7:69:da:80:35:a3:a6:
f4:7c:0b:6a:45:74:55:18:af:04:03:ca:71:db:0a:
6a:fc:c8:b7:b4:d5:43:5d:c8:2e:17:97:d2:78:f8:
0d:bc:0d:b4:6f:6d:6a:3c:2a:b8:40:59:e1:d8:c3:
2b:88:1b:b5:c3:78:44:3e:87:81:c3:df:a7:09:4e:
9d:6b:d5:bb:5d:2a:20:06:bb:2a:a2:23:32:2a:80:
57:8e:f3:c7:e2:25:86:a0:f5:2e:30:cd:78:5c:45:
bf:9a:1e:0e:39:f1:9c:be:a4:32:36:d4:92:51:9d:
7c:7d:17:82:4c:7d:55:94:f8:58:c8:be:80:76:95:
97:43:6b:92:0b:80:cb:70:c5:f4:d0:31:a9:72:8e:
bb:f0:3d:fa:39:b1:a0:fd:14:a4:e0:6f:df:5e:2e:
fd:a6:4a:22:b8:a3:a2:02:3a:6a:52:3f:f3:04:30:
5f:f4:89:9a:d1:e1:2c:a6:c4:54:b9:72:f6:19:e8:
f8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5D:5A:D5:40:71:91:FA:76:9B:9C:9D:5A:B7:FF:CB:9F:FD:31:32
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/CF1a1UBxkfp2m5ydWrf_y5_9MTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f054::/48
Signature Algorithm: sha256WithRSAEncryption
90:8e:00:34:b8:1f:9c:07:d5:a1:1f:b7:5d:82:58:ad:c7:06:
8f:74:c1:da:93:b7:36:ff:29:8f:6b:9b:87:3b:42:5a:ac:f5:
4a:2b:a9:97:22:8a:9a:46:0f:2a:90:f3:53:76:7d:47:4b:4f:
3b:8c:7c:e7:5f:bd:82:ff:cf:dd:a2:9c:86:d3:a8:98:21:5b:
1c:9e:01:89:0e:45:75:0b:80:92:d2:37:c6:d0:24:df:18:1c:
db:9b:ff:5d:10:78:70:b6:50:76:93:a6:85:b1:0d:41:7e:55:
78:88:27:f3:c8:c0:43:6e:d7:eb:cd:4f:5f:0a:e7:74:c0:ec:
9c:34:0f:1e:52:56:d4:4e:5a:1f:37:77:0c:0d:d2:ac:fc:f3:
4e:ba:10:c7:72:8c:0b:1a:43:8f:ac:78:a5:f4:7e:d3:94:d6:
14:63:f0:0d:7c:c1:ef:d3:4d:bd:36:45:7a:ee:ae:82:53:33:
3f:cf:83:d5:ff:a6:8f:9e:2a:a4:ea:50:86:4f:50:31:b3:2e:
87:f8:28:a0:a9:64:80:f4:60:ed:4c:7b:2c:88:12:b9:63:31:
9d:2b:ba:9e:da:b5:c5:d6:5f:8b:ff:1d:1e:60:da:3e:5e:9d:
fe:ab:f5:be:ec:65:6b:0b:87:69:f7:a7:e8:dd:fd:51:cf:0d:
e2:fc:71:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIFS991foTRbc21R2TvPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVkNWFkNTQwNzE5MWZhNzY5YjljOWQ1YWI3ZmZjYjlmZmQzMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmBwQdK38mYdraoBZZf82tQHPvIj
eNfnolWmRDfG4jErD2sL2ItSmkkKWDWTyIFKbMI21HB99Dwn1W9RQmy5FJo3Ssdp
2oA1o6b0fAtqRXRVGK8EA8px2wpq/Mi3tNVDXcguF5fSePgNvA20b21qPCq4QFnh
2MMriBu1w3hEPoeBw9+nCU6da9W7XSogBrsqoiMyKoBXjvPH4iWGoPUuMM14XEW/
mh4OOfGcvqQyNtSSUZ18fReCTH1VlPhYyL6AdpWXQ2uSC4DLcMX00DGpco678D36
ObGg/RSk4G/fXi79pkoiuKOiAjpqUj/zBDBf9Ima0eEspsRUuXL2Gej4ywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAhdWtVAcZH6dpucnVq3/8uf/TEyMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvQ0YxYTFVQnhrZnAybTV5ZFdyZl95NV85TVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBU
MA0GCSqGSIb3DQEBCwUAA4IBAQCQjgA0uB+cB9WhH7ddglitxwaPdMHak7c2/ymP
a5uHO0JarPVKK6mXIoqaRg8qkPNTdn1HS087jHznX72C/8/dopyG06iYIVscngGJ
DkV1C4CS0jfG0CTfGBzbm/9dEHhwtlB2k6aFsQ1BflV4iCfzyMBDbtfrzU9fCud0
wOycNA8eUlbUTlofN3cMDdKs/PNOuhDHcowLGkOPrHil9H7TlNYUY/ANfMHv0029
NkV67q6CUzM/z4PV/6aPniqk6lCGT1Axsy6H+CigqWSA9GDtTHssiBK5YzGdK7qe
2rXF1l+L/x0eYNo+Xp3+q/W+7GVrC4dp96fo3f1Rzw3i/HFY
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:44:49 2025 by rpki-client