Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/OpFAeTRH8twDdR45uyhPlWcE2nM.roa
File: OpFAeTRH8twDdR45uyhPlWcE2nM.roa (raw, json)
Hash identifier: ZyBOwmKkslOft04qu0PUHQ9hdyMLEinZnLtufWR4Ccw=
Subject key identifier: 3A:91:40:79:34:47:F2:DC:03:75:1E:39:BB:28:4F:95:67:04:DA:73
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422203371808F022FC9BC55C381C239DA
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/OpFAeTRH8twDdR45uyhPlWcE2nM.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207212
IP address blocks: 2a0e:8f02:f040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:33:71:80:8f:02:2f:c9:bc:55:c3:81:c2:39:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a9140793447f2dc03751e39bb284f956704da73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5b:38:dc:16:97:92:41:98:0f:f6:ca:36:57:
9a:47:1c:87:b4:36:dc:1f:20:f9:2b:87:a1:a8:50:
51:bf:e0:fd:63:a1:5f:ab:30:ce:2e:98:67:a3:f3:
ba:54:aa:2e:3d:12:31:27:bc:e7:85:eb:6f:3d:e1:
42:d2:93:b0:20:3c:99:8d:35:29:cd:73:f6:8b:6e:
6e:12:0a:d8:4a:52:f8:3c:63:44:e3:d3:07:af:96:
43:0f:21:86:46:b1:06:7d:0c:29:94:bc:c8:10:fd:
d1:38:35:ca:7e:5b:3a:94:af:c1:b2:3f:f9:f3:96:
42:b2:11:b7:51:86:08:ba:7e:a8:c1:ae:08:d1:f7:
4d:2c:4a:f7:cf:34:ec:01:3e:f9:ed:be:2e:17:85:
15:37:d9:61:01:66:17:b6:5b:3c:fb:7b:f7:04:e1:
4a:8e:c2:51:b2:78:04:40:d7:91:3a:86:49:93:9b:
51:4b:bf:f9:57:b9:e1:9f:d4:7a:ff:a5:65:a4:f1:
88:52:4d:d4:be:5f:34:c7:da:33:44:c5:9a:a0:70:
58:65:09:91:ae:d6:7a:bc:f1:26:b3:02:82:f0:0d:
d3:da:11:3c:5f:c9:b9:04:c3:94:50:66:3d:ad:f2:
19:58:d1:17:25:93:59:0e:19:b8:14:76:e0:fd:bd:
0c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:91:40:79:34:47:F2:DC:03:75:1E:39:BB:28:4F:95:67:04:DA:73
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/OpFAeTRH8twDdR45uyhPlWcE2nM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f040::/48
Signature Algorithm: sha256WithRSAEncryption
14:4e:90:93:8b:85:90:97:e1:7a:9b:1f:ce:c2:22:95:54:7a:
87:38:3d:e7:5e:23:96:a9:fd:57:54:9a:c0:75:17:f0:19:38:
76:7c:ae:d4:57:6b:7f:26:fb:94:6a:35:75:f9:a6:5e:d5:1f:
b4:ab:a7:bd:88:ae:57:10:58:00:13:d4:ae:df:74:5c:76:ac:
a2:92:9e:20:32:6c:77:58:9b:b4:0c:14:79:f5:9c:5e:7a:c8:
32:b5:91:a3:8e:c4:fe:56:d4:03:8f:fb:0e:28:33:2c:1a:e7:
dd:19:06:0c:a8:81:20:82:14:19:85:02:33:3c:64:db:4e:86:
7b:98:4a:c0:33:c0:b0:26:34:60:e1:eb:60:65:f6:be:94:24:
6a:8f:83:42:0a:43:d3:d7:0b:1e:2f:b8:0e:09:4b:1b:41:78:
27:94:1d:6e:97:27:2f:fb:0d:a7:31:85:b2:35:48:55:00:2a:
61:9d:13:2a:16:56:3c:99:50:cb:a7:2d:3b:4b:9d:86:ec:f1:
73:63:90:b5:7e:e0:f8:45:06:79:86:29:e7:9f:2f:77:af:c1:
b9:4c:2c:8e:b7:f6:5e:71:a8:20:a7:3c:b2:d9:15:81:74:c4:
65:ec:19:66:20:37:51:4e:96:32:d2:4f:4a:b8:fe:3d:78:bf:
4e:58:ae:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDNxgI8CL8m8VcOBwjnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkxNDA3OTM0NDdmMmRjMDM3NTFlMzliYjI4NGY5NTY3MDRkYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Vs43BaXkkGYD/bKNleaRxyHtDbc
HyD5K4ehqFBRv+D9Y6FfqzDOLphno/O6VKouPRIxJ7znhetvPeFC0pOwIDyZjTUp
zXP2i25uEgrYSlL4PGNE49MHr5ZDDyGGRrEGfQwplLzIEP3RODXKfls6lK/Bsj/5
85ZCshG3UYYIun6owa4I0fdNLEr3zzTsAT757b4uF4UVN9lhAWYXtls8+3v3BOFK
jsJRsngEQNeROoZJk5tRS7/5V7nhn9R6/6VlpPGIUk3Uvl80x9ozRMWaoHBYZQmR
rtZ6vPEmswKC8A3T2hE8X8m5BMOUUGY9rfIZWNEXJZNZDhm4FHbg/b0MBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDqRQHk0R/LcA3UeObsoT5VnBNpzMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvT3BGQWVUUkg4dHdEZFI0NXV5aFBsV2NFMm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBA
MA0GCSqGSIb3DQEBCwUAA4IBAQAUTpCTi4WQl+F6mx/OwiKVVHqHOD3nXiOWqf1X
VJrAdRfwGTh2fK7UV2t/JvuUajV1+aZe1R+0q6e9iK5XEFgAE9Su33Rcdqyikp4g
Mmx3WJu0DBR59ZxeesgytZGjjsT+VtQDj/sOKDMsGufdGQYMqIEgghQZhQIzPGTb
ToZ7mErAM8CwJjRg4etgZfa+lCRqj4NCCkPT1wseL7gOCUsbQXgnlB1ulycv+w2n
MYWyNUhVACphnRMqFlY8mVDLpy07S52G7PFzY5C1fuD4RQZ5hinnny93r8G5TCyO
t/Zecaggpzyy2RWBdMRl7BlmIDdRTpYy0k9KuP49eL9OWK5T
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:49 2025 by rpki-client