Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/w34LaZxHr30DmnmFefv2yS7Pga8.roa
File: w34LaZxHr30DmnmFefv2yS7Pga8.roa (raw, json)
Hash identifier: 7A5/LYkMILreAibOWzT9JtzEJPHyAt4xjBOpMNMB330=
Subject key identifier: C3:7E:0B:69:9C:47:AF:7D:03:9A:79:85:79:FB:F6:C9:2E:CF:81:AF
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 01942220520884E7990ED46A241033469932
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/w34LaZxHr30DmnmFefv2yS7Pga8.roa
Signing time: Wed 01 Jan 2025 13:48:50 +0000
ROA not before: Wed 01 Jan 2025 13:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215448
IP address blocks: 2a0e:8f02:f068::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:52:08:84:e7:99:0e:d4:6a:24:10:33:46:99:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c37e0b699c47af7d039a798579fbf6c92ecf81af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a5:5c:e7:d8:bd:79:7e:0b:b4:87:1f:19:b8:
2f:f2:27:10:3a:63:d9:5f:f2:4c:a3:82:44:af:1c:
9a:33:66:dc:ee:31:57:79:d4:0b:8e:43:6c:72:24:
f6:f3:55:e8:ea:cf:4f:d9:6b:3f:f5:1e:39:06:24:
24:2a:ae:df:17:82:bd:e2:74:7a:e7:b4:14:04:49:
ee:bb:9a:b6:04:8f:96:00:32:ea:c6:55:60:c7:41:
33:40:32:61:63:30:eb:f9:01:82:4c:a3:72:54:78:
25:a5:68:01:bd:5e:26:b1:b1:cb:0d:a4:5c:2a:a9:
49:1f:ec:62:11:c2:d4:9d:32:e2:ff:84:cc:bb:2e:
62:cd:67:e2:84:8b:75:4c:29:2d:0d:13:0e:7b:5c:
35:1a:96:2a:4d:a6:70:70:99:74:0a:b0:4f:aa:3d:
ea:f6:30:48:8d:f4:d9:e7:be:a6:43:af:1d:e7:79:
d1:94:70:d4:c2:bd:fb:3d:98:21:0f:e7:5a:b1:1c:
48:a4:20:f9:2e:6c:a8:58:f3:19:9a:8d:b0:14:69:
85:7f:8d:54:d1:f3:df:93:5b:ae:4a:14:78:2a:6f:
73:71:28:00:a0:9e:32:81:1a:26:18:77:c8:2f:65:
fd:ca:a1:e0:a9:29:20:a9:82:5e:b2:f0:eb:e6:9f:
29:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7E:0B:69:9C:47:AF:7D:03:9A:79:85:79:FB:F6:C9:2E:CF:81:AF
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/w34LaZxHr30DmnmFefv2yS7Pga8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:f068::/48
Signature Algorithm: sha256WithRSAEncryption
62:c5:f0:cf:46:b9:22:d9:36:82:89:5d:c1:91:a1:8d:81:fe:
b6:f3:4a:89:b2:8e:ea:6c:8a:f1:87:3c:34:96:bb:12:08:2c:
24:46:3b:4a:27:d0:2d:5c:ef:4e:0b:54:20:92:9f:bb:4e:98:
b2:54:77:a3:1e:f8:6a:e5:38:e7:76:df:65:2c:41:3f:79:09:
77:ca:2a:c7:56:55:ef:2c:4e:98:04:02:83:f9:0a:cf:b2:42:
91:f2:0f:b2:30:5e:71:8f:8a:4c:91:6f:1e:85:04:b0:aa:37:
20:9b:5e:61:72:81:df:44:25:2f:e2:77:6e:78:fd:25:42:90:
67:12:a8:c6:cf:63:91:fc:64:e6:ae:cd:25:40:c2:3a:e7:36:
c2:b0:64:67:d7:c6:72:80:3b:41:57:74:8b:61:5a:84:df:83:
a7:6a:f6:5c:6a:5a:8c:a5:40:fe:df:cf:d1:ac:eb:58:fc:1b:
9f:dc:1a:73:30:b4:05:c8:e6:7d:1e:55:96:84:a2:45:06:07:
42:8a:ef:51:52:3d:88:37:16:84:3f:9c:ae:99:cc:da:5c:c0:
75:f6:28:4a:c3:c2:84:2e:cd:26:6a:65:1f:7b:5c:d3:a2:18:
4c:eb:2b:4e:44:59:77:0e:8b:2e:76:96:2b:83:04:ea:7c:9e:
74:18:7e:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIFIIhOeZDtRqJBAzRpkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzdlMGI2OTljNDdhZjdkMDM5YTc5ODU3OWZiZjZjOTJlY2Y4MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KVc59i9eX4LtIcfGbgv8icQOmPZ
X/JMo4JErxyaM2bc7jFXedQLjkNsciT281Xo6s9P2Ws/9R45BiQkKq7fF4K94nR6
57QUBEnuu5q2BI+WADLqxlVgx0EzQDJhYzDr+QGCTKNyVHglpWgBvV4msbHLDaRc
KqlJH+xiEcLUnTLi/4TMuy5izWfihIt1TCktDRMOe1w1GpYqTaZwcJl0CrBPqj3q
9jBIjfTZ576mQ68d53nRlHDUwr37PZghD+dasRxIpCD5LmyoWPMZmo2wFGmFf41U
0fPfk1uuShR4Km9zcSgAoJ4ygRomGHfIL2X9yqHgqSkgqYJesvDr5p8pTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMN+C2mcR699A5p5hXn79skuz4GvMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEvdzM0TGFaeEhyMzBEbW5tRmVmdjJ5UzdQZ2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6PAvBo
MA0GCSqGSIb3DQEBCwUAA4IBAQBixfDPRrki2TaCiV3BkaGNgf6280qJso7qbIrx
hzw0lrsSCCwkRjtKJ9AtXO9OC1Qgkp+7TpiyVHejHvhq5Tjndt9lLEE/eQl3yirH
VlXvLE6YBAKD+QrPskKR8g+yMF5xj4pMkW8ehQSwqjcgm15hcoHfRCUv4ndueP0l
QpBnEqjGz2OR/GTmrs0lQMI65zbCsGRn18ZygDtBV3SLYVqE34OnavZcalqMpUD+
38/RrOtY/Buf3BpzMLQFyOZ9HlWWhKJFBgdCiu9RUj2INxaEP5yumczaXMB19ihK
w8KELs0mamUfe1zTohhM6ytORFl3DosudpYrgwTqfJ50GH6M
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:09:35 2025 by rpki-client