Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/aOf6clX59Dq1w8Kz_QNCPdG13JY.roa
File: aOf6clX59Dq1w8Kz_QNCPdG13JY.roa (raw, json)
Hash identifier: js36c5t3X3yrgZ8LAMcFPB5fQIilugV8v12nOHTkuzQ=
Subject key identifier: 68:E7:FA:72:55:F9:F4:3A:B5:C3:C2:B3:FD:03:42:3D:D1:B5:DC:96
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422203EEA043609396E325A728A2328A8
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/aOf6clX59Dq1w8Kz_QNCPdG13JY.roa
Signing time: Wed 01 Jan 2025 13:48:45 +0000
ROA not before: Wed 01 Jan 2025 13:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211747
IP address blocks: 2a0e:8f02:f01d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:3e:ea:04:36:09:39:6e:32:5a:72:8a:23:28:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68e7fa7255f9f43ab5c3c2b3fd03423dd1b5dc96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7b:8a:89:97:50:ee:fc:dd:20:3a:91:5e:7e:
87:e4:2f:77:42:74:74:70:c0:45:8a:f7:f6:bf:d9:
1f:66:0f:c1:a3:d8:34:92:d7:9b:e5:0d:84:9c:9a:
7e:52:00:5f:5b:06:9d:fe:ff:e0:96:73:36:4c:fb:
c3:e3:4f:70:e3:d2:79:96:07:20:60:b0:08:f8:9e:
4b:3a:de:5d:af:9e:89:2d:b0:ed:53:eb:81:8e:09:
55:3d:a8:9a:c1:be:fb:64:6b:7f:77:04:6f:c7:fd:
ae:ee:8e:73:7c:d7:b9:f7:ca:84:93:b2:19:96:80:
a8:6e:a6:2c:18:84:4f:74:9a:85:73:8d:3e:80:c8:
68:8b:9e:34:41:12:18:9e:2d:9d:dd:ad:c6:7d:ae:
51:91:a5:44:83:b4:2b:9f:27:26:62:c6:35:f1:18:
8f:9c:4c:29:f4:7b:82:0e:31:db:28:33:81:97:6f:
9d:44:fe:be:11:6c:6c:1f:0d:a2:72:e9:c6:e5:0f:
86:a3:31:e4:2b:9a:73:eb:dd:1a:89:30:a7:70:f8:
33:af:a8:41:01:1c:01:89:62:3a:1c:33:51:0b:f3:
a4:7b:dc:a6:26:c3:ec:d8:6d:7d:81:58:ab:21:44:
05:91:25:b3:86:51:a1:79:ca:3a:7a:0c:1a:01:69:
e5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:E7:FA:72:55:F9:F4:3A:B5:C3:C2:B3:FD:03:42:3D:D1:B5:DC:96
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/aOf6clX59Dq1w8Kz_QNCPdG13JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f01d::/48
Signature Algorithm: sha256WithRSAEncryption
32:84:4d:40:7c:ed:80:12:47:16:9f:4a:98:1c:3c:b5:86:99:
ae:ef:ca:63:c4:90:bd:8c:77:dd:a6:1e:5c:fc:4b:0d:17:73:
00:05:72:81:f8:dd:5c:1a:71:5a:c7:4f:a1:7a:82:9f:fe:87:
89:52:08:a3:90:17:37:b5:58:0b:e4:5c:53:48:8c:14:b8:89:
6a:4b:d0:37:30:7f:a3:00:40:ae:94:8f:62:be:5a:55:42:c4:
82:dd:a0:04:ab:5e:8f:dc:3f:92:6b:3c:b3:f0:64:fd:fb:ee:
d8:02:c4:74:79:bd:d7:c9:cb:a5:23:9d:17:61:f3:26:56:f2:
44:40:d8:fe:76:b5:6f:74:c0:2c:f7:3c:ec:45:2f:48:6c:4f:
25:dd:3a:04:dd:3d:77:f6:02:1c:62:d1:97:ce:59:e4:1e:49:
a9:6b:19:9c:41:78:12:e4:28:b7:3a:31:91:59:79:23:3d:74:
ae:ea:61:41:ee:89:0d:e1:26:e5:e7:ca:b0:64:88:32:bc:0a:
3c:cd:7d:cd:e7:db:c3:3e:8d:1c:f4:4e:a4:a2:cb:84:1d:27:
d3:f6:e7:9d:db:bb:7f:41:7f:a1:46:74:27:e3:84:bb:36:3e:
75:5d:5a:a3:1e:d7:fb:50:37:95:6c:74:39:6d:75:bb:c6:99:
98:8a:fb:fa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiID7qBDYJOW4yWnKKIyioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGU3ZmE3MjU1ZjlmNDNhYjVjM2MyYjNmZDAzNDIzZGQxYjVkYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXuKiZdQ7vzdIDqRXn6H5C93QnR0
cMBFivf2v9kfZg/Bo9g0kteb5Q2EnJp+UgBfWwad/v/glnM2TPvD409w49J5lgcg
YLAI+J5LOt5dr56JLbDtU+uBjglVPaiawb77ZGt/dwRvx/2u7o5zfNe598qEk7IZ
loCobqYsGIRPdJqFc40+gMhoi540QRIYni2d3a3Gfa5RkaVEg7QrnycmYsY18RiP
nEwp9HuCDjHbKDOBl2+dRP6+EWxsHw2icunG5Q+GozHkK5pz690aiTCncPgzr6hB
ARwBiWI6HDNRC/Oke9ymJsPs2G19gVirIUQFkSWzhlGheco6egwaAWnl6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGjn+nJV+fQ6tcPCs/0DQj3RtdyWMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvYU9mNmNsWDU5RHExdzhLel9RTkNQZEcxM0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAd
MA0GCSqGSIb3DQEBCwUAA4IBAQAyhE1AfO2AEkcWn0qYHDy1hpmu78pjxJC9jHfd
ph5c/EsNF3MABXKB+N1cGnFax0+heoKf/oeJUgijkBc3tVgL5FxTSIwUuIlqS9A3
MH+jAECulI9ivlpVQsSC3aAEq16P3D+Sazyz8GT9++7YAsR0eb3XyculI50XYfMm
VvJEQNj+drVvdMAs9zzsRS9IbE8l3ToE3T139gIcYtGXzlnkHkmpaxmcQXgS5Ci3
OjGRWXkjPXSu6mFB7okN4Sbl58qwZIgyvAo8zX3N59vDPo0c9E6kosuEHSfT9ued
27t/QX+hRnQn44S7Nj51XVqjHtf7UDeVbHQ5bXW7xpmYivv6
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:57 2025 by rpki-client