Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1WEatWNvY3Dtw9KGtL74jrbxzhw.roa
File: 1WEatWNvY3Dtw9KGtL74jrbxzhw.roa (raw, json)
Hash identifier: sXjibApDmySJ6jGpwKkEr+El0mb0wZZLXYAPKGxyVSY=
Subject key identifier: D5:61:1A:B5:63:6F:63:70:ED:C3:D2:86:B4:BE:F8:8E:B6:F1:CE:1C
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0185711E5DA9AC810728969D73E4615E82DC
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1WEatWNvY3Dtw9KGtL74jrbxzhw.roa
Signing time: Mon 02 Jan 2023 06:14:53 +0000
ROA not before: Mon 02 Jan 2023 06:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207268
IP address blocks: 2a0c:b641:7a0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:5d:a9:ac:81:07:28:96:9d:73:e4:61:5e:82:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 06:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5611ab5636f6370edc3d286b4bef88eb6f1ce1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bd:63:2a:a4:b3:07:57:ad:6d:49:4a:f3:f7:
79:b7:83:d9:b4:5b:5a:6c:83:c1:9f:e1:81:0e:fb:
16:9e:f8:98:1f:d6:36:bf:5a:3d:c2:36:a8:cf:3d:
44:81:93:98:9a:fa:71:35:7f:26:79:e2:91:44:f0:
db:a4:1b:7c:bc:9c:e3:45:e5:6b:19:07:bf:79:dd:
6a:a2:76:a9:e2:43:23:10:cc:2e:81:56:7c:16:b5:
63:cc:8b:9b:2d:3d:63:ef:89:4e:6f:d3:d0:27:be:
76:ad:2d:6f:4f:50:8f:e4:ff:a0:8f:99:d4:5d:a6:
50:e4:58:a8:16:93:c0:86:f0:09:fa:a3:41:98:2b:
57:99:83:36:dc:97:da:1e:6a:e3:f8:38:4a:2a:17:
6a:2d:60:3e:82:fd:7b:2d:76:e0:d8:eb:9d:45:c2:
e5:aa:49:85:34:1c:b3:e4:8b:93:a4:92:e0:52:bf:
43:3e:ea:3d:18:94:f6:c4:65:89:7d:91:3c:75:88:
c9:ff:b0:9d:20:74:d5:76:4c:08:34:35:1d:a2:2c:
bc:e3:28:de:8d:13:e9:13:93:df:33:02:f9:0c:1d:
0a:24:ab:84:63:c1:16:57:35:bb:52:6c:4f:29:6f:
7c:04:b1:f6:81:aa:36:e4:82:79:18:df:0a:be:2f:
8e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:61:1A:B5:63:6F:63:70:ED:C3:D2:86:B4:BE:F8:8E:B6:F1:CE:1C
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/1WEatWNvY3Dtw9KGtL74jrbxzhw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:7a0::/44
Signature Algorithm: sha256WithRSAEncryption
84:be:e1:26:aa:a4:90:93:82:d5:2c:de:ce:6e:bb:1c:d6:c8:
54:ee:58:19:bc:1b:98:f4:4c:3a:6c:79:29:60:e7:9a:3c:30:
f6:ef:d9:96:03:db:06:44:78:21:66:9c:47:e8:a1:00:0e:66:
2e:13:15:de:0a:fc:f5:09:8c:53:2e:c2:d0:8c:80:82:3c:ad:
84:c2:df:9b:b5:27:b1:27:5c:1a:d5:07:b2:51:5e:ab:26:fc:
73:46:e0:23:1b:7e:72:b1:da:23:ea:dc:eb:35:42:67:0d:25:
34:f3:0f:c4:de:25:34:26:c6:39:23:de:ae:74:fd:1c:5f:f5:
55:c1:eb:b1:ca:1a:0b:53:0e:b8:6d:06:be:e6:70:77:49:55:
74:0e:be:9e:99:61:68:e5:6f:36:bd:09:0f:86:26:d5:54:41:
bc:7f:e7:7f:4b:73:1f:cd:9f:c8:25:c1:ce:4b:00:c5:05:38:
df:34:72:91:4f:aa:96:d9:7a:1f:35:c1:88:37:d5:0c:58:3b:
95:95:5f:44:cc:18:62:fc:92:de:86:4c:de:9b:49:08:dd:e9:
95:f4:06:3a:a9:7d:50:23:35:a1:2c:f5:ca:dd:3d:02:c2:cd:
9a:8e:6f:d9:bf:66:d1:ca:b4:14:99:0f:31:ec:5b:71:71:0c:
f2:2f:23:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxHl2prIEHKJadc+RhXoLcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjMwMTAyMDYxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTYxMWFiNTYzNmY2MzcwZWRjM2QyODZiNGJlZjg4ZWI2ZjFjZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb1jKqSzB1etbUlK8/d5t4PZtFta
bIPBn+GBDvsWnviYH9Y2v1o9wjaozz1EgZOYmvpxNX8meeKRRPDbpBt8vJzjReVr
GQe/ed1qonap4kMjEMwugVZ8FrVjzIubLT1j74lOb9PQJ752rS1vT1CP5P+gj5nU
XaZQ5FioFpPAhvAJ+qNBmCtXmYM23JfaHmrj+DhKKhdqLWA+gv17LXbg2OudRcLl
qkmFNByz5IuTpJLgUr9DPuo9GJT2xGWJfZE8dYjJ/7CdIHTVdkwINDUdoiy84yje
jRPpE5PfMwL5DB0KJKuEY8EWVzW7UmxPKW98BLH2gao25IJ5GN8Kvi+ORwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNVhGrVjb2Nw7cPShrS++I628c4cMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvMVdFYXRXTnZZM0R0dzlLR3RMNzRqcmJ4emh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQeg
MA0GCSqGSIb3DQEBCwUAA4IBAQCEvuEmqqSQk4LVLN7Obrsc1shU7lgZvBuY9Ew6
bHkpYOeaPDD279mWA9sGRHghZpxH6KEADmYuExXeCvz1CYxTLsLQjICCPK2Ewt+b
tSexJ1wa1QeyUV6rJvxzRuAjG35ysdoj6tzrNUJnDSU08w/E3iU0JsY5I96udP0c
X/VVweuxyhoLUw64bQa+5nB3SVV0Dr6emWFo5W82vQkPhibVVEG8f+d/S3MfzZ/I
JcHOSwDFBTjfNHKRT6qW2XofNcGIN9UMWDuVlV9EzBhi/JLehkzem0kI3emV9AY6
qX1QIzWhLPXK3T0Cws2ajm/Zv2bRyrQUmQ8x7FtxcQzyLyN6
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:56:51 2025 by rpki-client