Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/vgfSdOAK6p5qPkACS2TooG4ErJ4.roa
File: vgfSdOAK6p5qPkACS2TooG4ErJ4.roa (raw, json)
Hash identifier: lfx0z5OhBems3NUEVsFAGhx2dmFTuk5Qv5SuD6mqIKE=
Subject key identifier: BE:07:D2:74:E0:0A:EA:9E:6A:3E:40:02:4B:64:E8:A0:6E:04:AC:9E
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 0194222038A1697E6118D9FEB0D7E6014A50
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/vgfSdOAK6p5qPkACS2TooG4ErJ4.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211242
IP address blocks: 2a0e:8f02:f032::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:38:a1:69:7e:61:18:d9:fe:b0:d7:e6:01:4a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be07d274e00aea9e6a3e40024b64e8a06e04ac9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5e:26:25:ff:36:4f:68:3a:3d:ec:d7:f2:5b:
fc:c9:5c:9b:0f:59:63:82:58:6e:d1:c5:58:8b:47:
c4:96:fe:ab:15:ae:29:b7:f2:a2:4f:dd:3c:4a:03:
da:18:b8:a2:ac:b4:09:3a:86:4a:b2:f0:df:74:1b:
ed:55:6f:c7:57:17:23:5c:45:13:1f:b1:ab:29:a6:
55:16:f5:02:48:c4:94:4c:48:8c:90:c6:e6:4f:6f:
2b:1c:61:71:e7:8b:29:68:fd:f5:ef:0f:d0:e7:27:
2f:4d:70:21:2f:f4:57:d8:74:99:7e:43:0b:fc:3c:
97:b9:79:7e:68:75:14:b0:84:26:08:3c:8a:c4:f2:
2d:6b:b8:36:08:ce:93:ee:da:29:bb:04:f7:f8:c7:
ec:b4:11:fa:28:81:fd:88:94:19:b2:48:4b:5b:6a:
06:6c:64:36:02:2b:71:2a:ee:38:04:1b:fb:53:a9:
f9:0e:7f:f1:2e:3a:31:21:f5:a8:e8:07:18:05:49:
3d:ae:a5:32:26:7b:98:6c:01:12:5e:4f:b1:75:de:
60:7f:8e:9c:ac:b3:cc:4e:1e:1f:2c:d1:7f:8f:96:
7f:1e:46:3a:62:50:d9:f2:7d:04:58:04:a3:65:be:
dc:ad:b7:fb:e5:ba:97:d2:56:c9:4b:e2:11:e6:94:
4d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:07:D2:74:E0:0A:EA:9E:6A:3E:40:02:4B:64:E8:A0:6E:04:AC:9E
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/vgfSdOAK6p5qPkACS2TooG4ErJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f032::/48
Signature Algorithm: sha256WithRSAEncryption
13:eb:3d:99:15:d8:98:4e:03:e0:a7:32:93:43:9c:df:0b:88:
32:46:43:77:67:4e:67:c8:2e:2a:19:a9:9a:b4:df:29:0b:2d:
ee:68:20:e0:5b:15:55:40:0c:cd:ef:7c:0b:a0:20:1b:6b:8f:
88:b9:cf:a1:e4:a5:9e:c5:de:e9:71:69:93:bd:39:dc:9b:e5:
4e:86:f2:7a:bf:88:6f:e8:63:a9:5d:d7:a7:a8:2a:bd:24:66:
ae:fe:1d:fa:ce:3b:e7:c8:c1:ef:4e:0c:a6:27:12:f5:54:ff:
21:d2:59:0c:9d:17:ee:24:0f:01:a0:83:bd:49:4b:e3:21:b2:
05:52:fb:f5:4b:3f:09:b4:2e:87:99:04:12:0f:e6:2b:c3:19:
cd:a0:4e:2a:40:b4:05:55:d8:6e:3b:9e:fa:55:05:6b:78:75:
c7:d9:94:26:54:b8:ee:8c:d5:32:ca:b3:79:a3:a5:1b:e9:e2:
25:75:ca:14:a2:9e:e1:f5:ac:e4:7c:dc:8d:69:8f:10:31:a7:
68:e5:93:79:26:0f:aa:cd:ee:b1:25:b7:ee:6a:10:ad:e1:2b:
4e:f8:25:53:cf:64:6f:e9:52:ad:34:c4:5f:91:92:dd:03:f7:
f8:8b:16:05:20:07:fb:1d:82:8c:ec:7c:7b:3e:68:30:3f:70:
56:d7:41:3e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIDihaX5hGNn+sNfmAUpQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTA3ZDI3NGUwMGFlYTllNmEzZTQwMDI0YjY0ZThhMDZlMDRhYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArV4mJf82T2g6PezX8lv8yVybD1lj
glhu0cVYi0fElv6rFa4pt/KiT908SgPaGLiirLQJOoZKsvDfdBvtVW/HVxcjXEUT
H7GrKaZVFvUCSMSUTEiMkMbmT28rHGFx54spaP317w/Q5ycvTXAhL/RX2HSZfkML
/DyXuXl+aHUUsIQmCDyKxPIta7g2CM6T7topuwT3+MfstBH6KIH9iJQZskhLW2oG
bGQ2AitxKu44BBv7U6n5Dn/xLjoxIfWo6AcYBUk9rqUyJnuYbAESXk+xdd5gf46c
rLPMTh4fLNF/j5Z/HkY6YlDZ8n0EWASjZb7crbf75bqX0lbJS+IR5pRNDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL4H0nTgCuqeaj5AAktk6KBuBKyeMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvdmdmU2RPQUs2cDVxUGtBQ1MyVG9vRzRFcko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvAy
MA0GCSqGSIb3DQEBCwUAA4IBAQAT6z2ZFdiYTgPgpzKTQ5zfC4gyRkN3Z05nyC4q
GamatN8pCy3uaCDgWxVVQAzN73wLoCAba4+Iuc+h5KWexd7pcWmTvTncm+VOhvJ6
v4hv6GOpXdenqCq9JGau/h36zjvnyMHvTgymJxL1VP8h0lkMnRfuJA8BoIO9SUvj
IbIFUvv1Sz8JtC6HmQQSD+YrwxnNoE4qQLQFVdhuO576VQVreHXH2ZQmVLjujNUy
yrN5o6Ub6eIldcoUop7h9azkfNyNaY8QMado5ZN5Jg+qze6xJbfuahCt4StO+CVT
z2Rv6VKtNMRfkZLdA/f4ixYFIAf7HYKM7Hx7PmgwP3BW10E+
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:33 2025 by rpki-client