Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/tKcv6qY-2NgT2Wxybi1Tw8aoZEw.roa
File: tKcv6qY-2NgT2Wxybi1Tw8aoZEw.roa (raw, json)
Hash identifier: 4VbRMlUbty0vgagAS+AvcM7P+BBYrfwFXzGVSnwf4FA=
Subject key identifier: B4:A7:2F:EA:A6:3E:D8:D8:13:D9:6C:72:6E:2D:53:C3:C6:A8:64:4C
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220367EC355C3A1DD32C3995D3B7DDA
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/tKcv6qY-2NgT2Wxybi1Tw8aoZEw.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210714
IP address blocks: 2a0e:8f02:2180::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:36:7e:c3:55:c3:a1:dd:32:c3:99:5d:3b:7d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4a72feaa63ed8d813d96c726e2d53c3c6a8644c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0f:5b:50:84:ec:34:56:50:23:66:56:e9:2c:
97:1b:7e:a9:0a:7e:94:5d:04:a8:40:59:c2:8a:94:
64:78:13:be:7d:fd:44:d7:75:f9:0b:1e:d1:a8:38:
3e:d1:da:ad:b8:61:63:cb:25:41:c3:e6:29:c3:3b:
36:89:91:9c:6c:78:57:06:99:7b:1a:b6:b3:ab:dc:
d7:29:29:9e:4c:f8:de:35:33:86:70:79:01:f3:77:
e6:bf:b2:39:d6:af:2b:91:ba:e3:92:98:bc:9d:8a:
a5:7a:b8:85:cb:2b:64:9b:ce:e5:af:5c:5b:21:ae:
19:e8:03:53:70:09:50:6b:6e:b8:e7:90:9b:f0:cf:
0b:de:31:ae:b3:d1:e0:19:18:5b:80:03:13:86:0d:
06:19:17:64:e1:fe:96:42:89:ac:a2:58:50:26:b0:
f1:d2:64:9c:8a:16:7f:b9:dc:e2:78:08:7e:b7:cc:
ae:32:08:e2:65:12:ff:1a:b9:1d:cb:13:13:8d:77:
b7:91:62:ec:a8:82:e2:cc:a5:7c:6d:31:f9:ec:95:
b8:33:5f:6a:0b:e5:b8:3b:02:41:34:f0:41:84:83:
2e:54:aa:ca:b4:4c:13:22:92:61:35:14:7e:ee:ff:
ca:11:16:55:db:79:91:26:db:60:70:46:64:e7:2f:
99:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A7:2F:EA:A6:3E:D8:D8:13:D9:6C:72:6E:2D:53:C3:C6:A8:64:4C
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/tKcv6qY-2NgT2Wxybi1Tw8aoZEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:2180::/44
Signature Algorithm: sha256WithRSAEncryption
03:d3:37:d9:02:d9:e0:28:25:6a:49:39:bf:6f:31:c2:19:db:
d0:c7:b6:da:06:f2:52:71:0c:5e:7e:a2:ab:6c:9a:fa:ce:7c:
86:fa:e6:e0:f7:71:ff:0d:fd:ff:ee:2f:a8:bd:28:92:d3:fe:
cb:d5:2e:2a:72:90:44:67:33:78:0b:22:c8:ef:ec:0b:23:9b:
e4:ab:0b:d0:d8:5a:10:2a:a4:2d:4e:16:e6:d3:5d:28:d5:d6:
38:35:d4:af:c5:16:ce:00:07:14:d1:4d:82:65:0e:86:f0:67:
70:8f:5c:89:5e:2d:77:90:94:49:b1:3a:a7:7b:d1:d3:7b:81:
2d:aa:b7:79:dd:72:a5:5c:9a:5a:ff:90:14:69:a0:68:e9:68:
a5:ca:d4:f3:59:6c:71:ea:a7:e4:ef:fe:0c:54:0d:32:e8:61:
f1:b7:f9:db:e4:d8:56:65:3c:b9:d5:cf:31:f7:a6:10:0e:d5:
63:ed:e1:5b:75:58:a9:6d:59:85:25:ba:19:1f:90:e2:c3:21:
11:54:8a:d9:84:6d:7c:4b:0f:76:1c:dc:b1:98:e0:75:55:97:
74:6d:14:35:41:8e:8c:49:0a:67:b3:0e:2b:ac:b8:15:21:c5:
34:67:65:b6:cc:93:69:a7:8a:6e:8c:9e:f3:32:ac:55:10:0f:
b6:42:ac:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDZ+w1XDod0yw5ldO33aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE3MmZlYWE2M2VkOGQ4MTNkOTZjNzI2ZTJkNTNjM2M2YTg2NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw9bUITsNFZQI2ZW6SyXG36pCn6U
XQSoQFnCipRkeBO+ff1E13X5Cx7RqDg+0dqtuGFjyyVBw+Ypwzs2iZGcbHhXBpl7
Grazq9zXKSmeTPjeNTOGcHkB83fmv7I51q8rkbrjkpi8nYqleriFyytkm87lr1xb
Ia4Z6ANTcAlQa26455Cb8M8L3jGus9HgGRhbgAMThg0GGRdk4f6WQomsolhQJrDx
0mScihZ/udzieAh+t8yuMgjiZRL/GrkdyxMTjXe3kWLsqILizKV8bTH57JW4M19q
C+W4OwJBNPBBhIMuVKrKtEwTIpJhNRR+7v/KERZV23mRJttgcEZk5y+ZdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLSnL+qmPtjYE9lscm4tU8PGqGRMMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvdEtjdjZxWS0yTmdUMld4eWJpMVR3OGFvWkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiGA
MA0GCSqGSIb3DQEBCwUAA4IBAQAD0zfZAtngKCVqSTm/bzHCGdvQx7baBvJScQxe
fqKrbJr6znyG+ubg93H/Df3/7i+ovSiS0/7L1S4qcpBEZzN4CyLI7+wLI5vkqwvQ
2FoQKqQtThbm010o1dY4NdSvxRbOAAcU0U2CZQ6G8Gdwj1yJXi13kJRJsTqne9HT
e4Etqrd53XKlXJpa/5AUaaBo6WilytTzWWxx6qfk7/4MVA0y6GHxt/nb5NhWZTy5
1c8x96YQDtVj7eFbdVipbVmFJboZH5DiwyERVIrZhG18Sw92HNyxmOB1VZd0bRQ1
QY6MSQpnsw4rrLgVIcU0Z2W2zJNpp4pujJ7zMqxVEA+2Qqwz
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:58:03 2025 by rpki-client