Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ROeNmH2eSZnZhIrqiu6Xg69qplA.roa
File: ROeNmH2eSZnZhIrqiu6Xg69qplA.roa (raw, json)
Hash identifier: QPxYLo9psVIeqCBKyheUjMgzTkRBj44O4gFuhVykkKI=
Subject key identifier: 44:E7:8D:98:7D:9E:49:99:D9:84:8A:EA:8A:EE:97:83:AF:6A:A6:50
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222026BE71F012F48FACE062C2698C4C
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ROeNmH2eSZnZhIrqiu6Xg69qplA.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139317
IP address blocks: 2a0e:8f02:f058::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:26:be:71:f0:12:f4:8f:ac:e0:62:c2:69:8c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44e78d987d9e4999d9848aea8aee9783af6aa650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bb:6e:8e:ab:6a:f4:83:a0:63:02:38:de:ae:
00:17:6b:66:f2:35:86:25:3e:75:13:4f:9b:45:00:
97:c5:8e:95:4f:a5:68:74:57:e5:bd:cc:4e:a2:c1:
89:e8:38:28:9e:2f:74:d1:e2:3a:0d:26:3d:e5:c9:
d6:df:90:cf:96:2e:5d:5c:f9:2d:36:f4:48:8d:de:
8b:94:cd:5e:18:a9:c5:d1:5a:69:a1:4a:9b:fa:e7:
08:8a:66:65:9b:72:26:03:73:eb:a5:5b:2d:01:3a:
08:0b:53:07:bf:13:53:b8:0b:ff:0d:d8:e3:39:2f:
db:f9:ed:b5:25:ff:df:13:94:cc:f4:33:92:3b:44:
55:c7:8d:b5:72:64:24:6d:22:0b:48:33:ad:0b:8a:
5c:2b:17:24:f4:51:65:e6:4a:f5:b3:f7:cc:23:09:
53:59:45:75:c0:5b:3f:b3:b1:26:18:3c:aa:c0:43:
47:60:b8:d2:4f:15:b2:6e:e3:a9:77:ff:b5:c5:df:
61:7d:89:d0:03:1d:0e:9a:f5:8d:55:ba:a4:40:76:
a2:52:b7:06:eb:5c:3a:fb:22:6c:ab:6a:4e:47:62:
fc:44:45:06:db:bc:2d:6b:66:43:d9:53:11:2b:c7:
f7:bf:84:b6:6b:48:59:6c:54:57:3c:24:a9:fc:8b:
ca:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E7:8D:98:7D:9E:49:99:D9:84:8A:EA:8A:EE:97:83:AF:6A:A6:50
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/ROeNmH2eSZnZhIrqiu6Xg69qplA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f058::/48
Signature Algorithm: sha256WithRSAEncryption
67:45:f0:57:ce:a0:b2:3c:7d:e9:53:89:7b:93:9a:be:67:01:
5e:ba:78:e5:d4:ba:25:54:c2:42:45:c1:87:3d:dc:cc:1d:19:
25:0a:06:fc:9e:a5:d0:31:20:ea:f8:97:f8:19:81:b3:e2:5e:
00:6f:15:1b:a3:5a:b9:35:e0:d5:03:a7:08:d7:f1:a3:09:a3:
53:d9:d0:c9:f5:2e:3d:af:cc:13:3f:1a:f6:71:53:04:a3:90:
61:a0:1f:58:54:ed:ea:99:52:c2:16:68:ce:85:9e:5d:d9:2f:
4c:1b:4e:d3:2c:c0:8d:d3:94:ce:2d:50:8f:f7:05:d5:73:d8:
2f:62:85:ff:94:0d:6c:27:c1:3b:06:7e:bd:86:b4:9d:54:55:
5e:a5:f4:37:6d:ed:bb:ea:90:72:85:9e:83:e0:18:fe:13:72:
62:b7:32:6f:be:94:c2:65:02:de:a8:67:9a:f0:b2:a6:2e:01:
87:59:eb:4b:35:cf:c4:0e:40:00:b6:51:51:f5:2f:74:13:0a:
8b:59:b2:64:40:bd:ed:0e:da:26:4f:3f:cb:d7:eb:9c:b5:80:
b3:d7:57:b0:9b:50:5a:fe:98:97:6d:a7:fd:8c:fb:3c:4d:de:
69:64:5c:a4:02:5a:1f:a6:47:e2:e9:ee:8a:73:6a:b2:cd:09:
50:18:fe:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiICa+cfAS9I+s4GLCaYxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGU3OGQ5ODdkOWU0OTk5ZDk4NDhhZWE4YWVlOTc4M2FmNmFhNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurtujqtq9IOgYwI43q4AF2tm8jWG
JT51E0+bRQCXxY6VT6VodFflvcxOosGJ6Dgoni900eI6DSY95cnW35DPli5dXPkt
NvRIjd6LlM1eGKnF0VppoUqb+ucIimZlm3ImA3PrpVstAToIC1MHvxNTuAv/Ddjj
OS/b+e21Jf/fE5TM9DOSO0RVx421cmQkbSILSDOtC4pcKxck9FFl5kr1s/fMIwlT
WUV1wFs/s7EmGDyqwENHYLjSTxWybuOpd/+1xd9hfYnQAx0OmvWNVbqkQHaiUrcG
61w6+yJsq2pOR2L8REUG27wta2ZD2VMRK8f3v4S2a0hZbFRXPCSp/IvKwwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFETnjZh9nkmZ2YSK6orul4OvaqZQMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvUk9lTm1IMmVTWm5aaElycWl1NlhnNjlxcGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBY
MA0GCSqGSIb3DQEBCwUAA4IBAQBnRfBXzqCyPH3pU4l7k5q+ZwFeunjl1LolVMJC
RcGHPdzMHRklCgb8nqXQMSDq+Jf4GYGz4l4AbxUbo1q5NeDVA6cI1/GjCaNT2dDJ
9S49r8wTPxr2cVMEo5BhoB9YVO3qmVLCFmjOhZ5d2S9MG07TLMCN05TOLVCP9wXV
c9gvYoX/lA1sJ8E7Bn69hrSdVFVepfQ3be276pByhZ6D4Bj+E3JitzJvvpTCZQLe
qGea8LKmLgGHWetLNc/EDkAAtlFR9S90EwqLWbJkQL3tDtomTz/L1+uctYCz11ew
m1Ba/piXbaf9jPs8Td5pZFykAlofpkfi6e6Kc2qyzQlQGP7X
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:37:18 2025 by rpki-client