Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/v-amXveq1BhfUjoKmo6qb3vhHR4.roa
File: v-amXveq1BhfUjoKmo6qb3vhHR4.roa (raw, json)
Hash identifier: 7kw8j7P587m0ejyw30sMJlgAOD0cyorVYyrZ8yUVSBc=
Subject key identifier: BF:E6:A6:5E:F7:AA:D4:18:5F:52:3A:0A:9A:8E:AA:6F:7B:E1:1D:1E
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220426C73F009B88DFC9E44E6537362
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/v-amXveq1BhfUjoKmo6qb3vhHR4.roa
Signing time: Wed 01 Jan 2025 13:48:46 +0000
ROA not before: Wed 01 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212268
IP address blocks: 2a0e:8f02:f014::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:42:6c:73:f0:09:b8:8d:fc:9e:44:e6:53:73:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfe6a65ef7aad4185f523a0a9a8eaa6f7be11d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e3:a7:d6:0d:a9:2c:6d:7b:a2:d1:b5:c7:5d:
93:2b:42:fb:2d:f0:54:fc:c7:db:20:22:53:f3:41:
03:69:e9:ee:db:ba:39:34:45:8c:e6:39:f4:15:b2:
60:ba:2e:78:38:33:cd:14:50:7a:db:82:fc:39:f7:
8a:3b:3e:15:df:44:30:6c:c5:83:fe:0a:28:b8:0e:
83:87:c2:92:bf:42:b1:2f:de:b2:87:aa:62:4a:12:
63:94:18:84:65:af:d0:bd:33:57:3c:aa:d4:d4:d5:
9e:ee:23:13:14:eb:d2:55:e7:4c:2a:f6:3d:07:c5:
ed:74:2b:17:a6:0c:d6:8f:bc:e7:37:d1:dd:17:4a:
f0:40:74:ca:f4:76:cc:12:93:50:ab:c8:42:30:8e:
f6:a0:ba:72:57:b5:a8:08:a3:92:be:59:55:8a:03:
5b:a0:70:92:28:a2:04:da:55:3b:21:e1:84:77:87:
f1:90:87:87:f0:90:71:cb:6b:7d:ab:a4:08:ea:c7:
10:ce:66:9e:53:60:23:2c:39:f1:d4:49:68:b3:da:
49:22:13:4b:be:35:cd:35:ed:a4:86:b8:14:dc:83:
1c:bd:56:b1:bd:5e:32:96:52:11:67:19:fb:04:7f:
e3:34:66:c5:77:65:ba:f6:94:18:df:87:ee:09:d4:
68:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E6:A6:5E:F7:AA:D4:18:5F:52:3A:0A:9A:8E:AA:6F:7B:E1:1D:1E
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/v-amXveq1BhfUjoKmo6qb3vhHR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f014::/48
Signature Algorithm: sha256WithRSAEncryption
42:a7:18:f9:4e:dc:9d:df:46:24:8a:0f:34:fc:96:09:d7:ba:
be:e0:59:7c:93:b1:e5:fc:98:53:c7:1e:37:3f:40:ad:c7:20:
78:4a:61:a2:8a:80:01:cd:cd:67:92:a8:d2:83:52:92:4e:35:
83:ba:9a:be:38:00:9d:80:ca:30:76:be:10:d1:27:4f:82:78:
cd:ea:35:ec:db:71:4e:26:5d:bb:da:2e:92:6a:b3:6e:31:b1:
d8:92:56:9e:7e:68:d0:e3:33:8c:91:e1:b9:aa:74:12:33:49:
8c:91:63:01:60:d2:14:8a:0d:bf:3b:88:ce:19:3a:fb:2c:4f:
ec:b1:93:f2:12:94:16:a0:44:4f:b6:9b:c4:2d:63:bd:7a:41:
dc:22:22:dc:99:d5:96:4a:3f:e0:93:20:77:5b:8e:ce:09:e3:
d9:65:48:a5:1c:34:78:24:18:6c:9d:86:9a:15:72:63:d6:b2:
dd:af:6a:e0:92:f8:2e:6e:28:6a:4a:23:1a:0c:42:b4:84:5e:
05:33:79:b7:48:78:3a:40:15:71:b8:59:ac:dc:8d:19:15:df:
5b:f7:91:a4:6e:b9:25:44:ff:73:a1:4c:95:70:78:7d:f8:f9:
ab:ef:68:fd:d6:c2:97:2c:5c:11:bf:42:fd:ae:56:95:8d:ba:
e0:c6:d5:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIEJsc/AJuI38nkTmU3NiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmU2YTY1ZWY3YWFkNDE4NWY1MjNhMGE5YThlYWE2ZjdiZTExZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuOn1g2pLG17otG1x12TK0L7LfBU
/MfbICJT80EDaenu27o5NEWM5jn0FbJgui54ODPNFFB624L8OfeKOz4V30QwbMWD
/goouA6Dh8KSv0KxL96yh6piShJjlBiEZa/QvTNXPKrU1NWe7iMTFOvSVedMKvY9
B8XtdCsXpgzWj7znN9HdF0rwQHTK9HbMEpNQq8hCMI72oLpyV7WoCKOSvllVigNb
oHCSKKIE2lU7IeGEd4fxkIeH8JBxy2t9q6QI6scQzmaeU2AjLDnx1Elos9pJIhNL
vjXNNe2khrgU3IMcvVaxvV4yllIRZxn7BH/jNGbFd2W69pQY34fuCdRo5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL/mpl73qtQYX1I6CpqOqm974R0eMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvdi1hbVh2ZXExQmhmVWpvS21vNnFiM3ZoSFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAU
MA0GCSqGSIb3DQEBCwUAA4IBAQBCpxj5Ttyd30Ykig80/JYJ17q+4Fl8k7Hl/JhT
xx43P0CtxyB4SmGiioABzc1nkqjSg1KSTjWDupq+OACdgMowdr4Q0SdPgnjN6jXs
23FOJl272i6SarNuMbHYklaefmjQ4zOMkeG5qnQSM0mMkWMBYNIUig2/O4jOGTr7
LE/ssZPyEpQWoERPtpvELWO9ekHcIiLcmdWWSj/gkyB3W47OCePZZUilHDR4JBhs
nYaaFXJj1rLdr2rgkvgubihqSiMaDEK0hF4FM3m3SHg6QBVxuFms3I0ZFd9b95Gk
brklRP9zoUyVcHh9+Pmr72j91sKXLFwRv0L9rlaVjbrgxtXj
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:47 2025 by rpki-client