Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/SFjPIfH1nbedmyNCltvasCOrPA8.roa
File: SFjPIfH1nbedmyNCltvasCOrPA8.roa (raw, json)
Hash identifier: YgXgYtX07pCNBIG/hqt4AN5o5xTiYLhBNo71F1QqytI=
Subject key identifier: 48:58:CF:21:F1:F5:9D:B7:9D:9B:23:42:96:DB:DA:B0:23:AB:3C:0F
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222035AD6B995912ED20A774E020D805
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/SFjPIfH1nbedmyNCltvasCOrPA8.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208763
IP address blocks: 2a0e:8f02:21a0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:35:ad:6b:99:59:12:ed:20:a7:74:e0:20:d8:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4858cf21f1f59db79d9b234296dbdab023ab3c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:54:ea:3a:a0:a3:47:df:69:96:09:2d:e1:3a:
0e:94:26:82:dd:1e:61:2d:a4:6a:73:68:e2:80:7a:
76:bb:40:0b:9a:ac:90:36:3e:97:bd:c0:d2:64:72:
de:3b:dc:07:cf:8f:16:62:25:92:98:70:a7:fc:96:
b7:df:37:7c:bc:5f:2a:5b:16:53:84:7f:e2:83:ce:
04:0d:ba:a3:7e:71:04:dd:0a:8d:53:b6:94:9a:0d:
64:a4:57:5b:1f:1f:07:da:fc:63:85:2b:6f:96:9a:
81:51:b5:ff:b1:e6:14:d7:1f:09:9e:fe:00:bb:c2:
d3:81:d4:b7:00:db:15:40:6b:17:35:84:37:0d:36:
8c:4d:85:b8:93:2d:33:ed:0e:bd:e1:12:9c:ad:37:
cc:01:41:7b:8e:de:26:a5:ef:d9:36:0e:32:8a:22:
9d:92:08:f8:1e:53:31:e5:9c:dd:cb:c7:82:52:13:
79:d9:d8:d3:49:cb:65:0a:0a:34:3a:f6:34:44:83:
31:73:b7:d4:a7:70:d7:0a:56:0c:ae:44:7b:ca:b6:
fd:a6:a3:c0:26:17:16:58:f1:bf:74:2c:29:6e:79:
01:3b:f2:81:75:21:2c:c1:d7:89:52:89:4f:29:74:
34:d5:f5:65:63:1f:84:e6:3e:f6:be:d6:ba:63:4b:
47:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:58:CF:21:F1:F5:9D:B7:9D:9B:23:42:96:DB:DA:B0:23:AB:3C:0F
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/SFjPIfH1nbedmyNCltvasCOrPA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:21a0::/44
Signature Algorithm: sha256WithRSAEncryption
3f:58:ae:1f:a7:b5:81:2a:e8:17:c0:de:de:43:8f:51:d9:ab:
e2:ef:b6:92:df:82:e9:fb:76:6a:a1:e9:72:1b:30:dd:37:74:
e2:61:da:88:23:af:91:f1:de:6f:fd:96:7d:59:5c:02:fa:45:
1e:82:43:c1:cc:6e:33:56:b0:3d:16:9b:39:d0:97:17:ab:33:
6e:3c:80:ca:d5:79:1f:9c:f1:bc:9e:0a:b6:de:e1:45:d9:15:
41:d8:5f:c9:4f:7c:ec:61:54:d0:57:d1:06:0c:8f:e6:55:37:
34:5c:42:3a:fa:69:01:54:85:02:3a:43:5d:14:b4:dc:a0:c6:
bf:be:57:e1:88:6a:1d:97:b5:2d:2e:3c:86:78:57:f2:43:fa:
ec:ce:ae:68:00:e3:b9:06:ee:32:db:c9:8a:0e:c1:d6:6c:66:
99:f4:db:af:9a:5f:10:43:28:48:b7:e6:81:de:e9:17:f1:f4:
e9:f7:77:eb:5b:5a:69:bf:46:0b:52:b0:3f:b1:fd:43:3e:61:
5d:17:b0:ea:40:cf:0f:43:3e:1e:93:be:6c:46:bd:bc:e3:6c:
e5:e5:dc:56:1c:ec:e9:fa:5e:01:15:47:d0:3f:7d:3c:e2:8d:
7e:c5:de:2e:8a:73:b6:c2:8c:97:f9:dc:f8:f8:e6:87:fb:17:
03:40:78:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDWta5lZEu0gp3TgINgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODU4Y2YyMWYxZjU5ZGI3OWQ5YjIzNDI5NmRiZGFiMDIzYWIzYzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolTqOqCjR99plgkt4ToOlCaC3R5h
LaRqc2jigHp2u0ALmqyQNj6XvcDSZHLeO9wHz48WYiWSmHCn/Ja33zd8vF8qWxZT
hH/ig84EDbqjfnEE3QqNU7aUmg1kpFdbHx8H2vxjhStvlpqBUbX/seYU1x8Jnv4A
u8LTgdS3ANsVQGsXNYQ3DTaMTYW4ky0z7Q694RKcrTfMAUF7jt4mpe/ZNg4yiiKd
kgj4HlMx5Zzdy8eCUhN52djTSctlCgo0OvY0RIMxc7fUp3DXClYMrkR7yrb9pqPA
JhcWWPG/dCwpbnkBO/KBdSEswdeJUolPKXQ01fVlYx+E5j72vta6Y0tH3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEhYzyHx9Z23nZsjQpbb2rAjqzwPMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvU0ZqUElmSDFuYmVkbXlOQ2x0dmFzQ09yUEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiGg
MA0GCSqGSIb3DQEBCwUAA4IBAQA/WK4fp7WBKugXwN7eQ49R2avi77aS34Lp+3Zq
oelyGzDdN3TiYdqII6+R8d5v/ZZ9WVwC+kUegkPBzG4zVrA9Fps50JcXqzNuPIDK
1XkfnPG8ngq23uFF2RVB2F/JT3zsYVTQV9EGDI/mVTc0XEI6+mkBVIUCOkNdFLTc
oMa/vlfhiGodl7UtLjyGeFfyQ/rszq5oAOO5Bu4y28mKDsHWbGaZ9Nuvml8QQyhI
t+aB3ukX8fTp93frW1ppv0YLUrA/sf1DPmFdF7DqQM8PQz4ek75sRr2842zl5dxW
HOzp+l4BFUfQP3084o1+xd4uinO2woyX+dz4+OaH+xcDQHjd
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:41 2025 by rpki-client