Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3D1f4nct2xs4Cvx2WuxHdKUawPc.roa
File: 3D1f4nct2xs4Cvx2WuxHdKUawPc.roa (raw, json)
Hash identifier: jFvDxhjZUBLHKKyIhdZqBJFK/NyMdiTBbnL74SRKosY=
Subject key identifier: DC:3D:5F:E2:77:2D:DB:1B:38:0A:FC:76:5A:EC:47:74:A5:1A:C0:F7
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0195BD958EDD77B9E88164580ACFA550C18D
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3D1f4nct2xs4Cvx2WuxHdKUawPc.roa
Signing time: Sat 22 Mar 2025 11:20:50 +0000
ROA not before: Sat 22 Mar 2025 11:20:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 2a0c:b641:330::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bd:95:8e:dd:77:b9:e8:81:64:58:0a:cf:a5:50:c1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Mar 22 11:20:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc3d5fe2772ddb1b380afc765aec4774a51ac0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:c0:8b:07:93:e2:4f:7f:dd:59:4b:0f:d6:
05:aa:d9:e7:2e:fb:79:5c:b2:69:6d:34:60:cd:3c:
e3:7e:55:2f:93:7c:58:86:9c:41:ee:45:05:6a:c7:
4a:f7:7b:13:15:3d:3f:1c:1c:ab:c3:e4:7e:82:a9:
48:09:73:00:67:81:22:71:b4:fc:89:50:c9:38:6d:
18:46:7a:eb:5a:b8:9e:ff:af:94:31:bd:2a:dd:87:
c8:b4:e4:b2:61:81:8f:bc:6b:cd:4e:05:46:d3:2e:
cb:d9:76:28:07:fd:24:f8:40:be:a8:e4:f0:b8:6c:
31:58:e1:0f:9e:a1:ee:25:b2:f0:63:22:78:d0:d9:
1f:f3:8a:8d:12:23:97:c7:0e:05:3b:9d:fc:56:3c:
e0:6f:9b:72:01:c5:d0:da:e0:08:eb:e2:3a:3e:3b:
42:db:a3:8c:6c:91:74:7d:37:a2:f6:9b:dc:d3:81:
a2:cd:fc:19:24:43:4f:52:65:2c:8b:9b:96:7a:d2:
12:2c:7d:2c:43:97:cb:c7:8a:72:15:34:fb:ee:a7:
bc:10:22:8f:c0:a2:36:14:d5:ec:b1:ef:fe:fc:c2:
87:fe:4e:5b:63:c3:02:23:f7:dd:02:b1:ea:a5:b3:
97:d3:6c:18:b9:0d:22:46:89:df:20:cf:74:ed:8a:
22:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3D:5F:E2:77:2D:DB:1B:38:0A:FC:76:5A:EC:47:74:A5:1A:C0:F7
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/3D1f4nct2xs4Cvx2WuxHdKUawPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:330::/44
Signature Algorithm: sha256WithRSAEncryption
79:aa:28:25:cc:b2:86:af:fc:00:95:41:b3:83:cc:8a:5e:29:
9d:06:85:72:25:c1:43:07:db:59:9d:ac:9d:7c:cd:b5:de:5e:
e5:e9:c2:35:59:a8:ea:9d:a3:6f:5b:33:2b:22:b9:e0:1d:9c:
de:2b:e4:48:9b:de:8c:7a:e0:5e:0c:de:92:9d:c0:83:50:b4:
e1:02:70:58:ed:9d:69:cc:ea:1a:e8:1c:ef:77:3f:1b:93:15:
c0:05:6e:c1:72:67:b1:a0:ad:53:ff:17:44:df:e1:5a:75:1e:
8c:a2:ab:33:4e:4f:c5:b5:65:da:41:fb:99:ab:68:5d:55:1a:
bc:de:74:c7:75:e8:2d:78:4e:5f:e9:ad:03:f4:c0:62:db:41:
6b:6d:de:4c:91:40:73:b9:79:39:a5:3c:00:61:cb:50:3b:5a:
49:7b:74:f3:11:cf:4e:35:91:dc:f0:39:5c:09:56:f4:72:55:
6f:ee:28:aa:f4:91:23:bf:c0:1c:b0:d7:96:1f:92:d5:8b:d9:
c9:8a:76:c9:0f:a8:c9:a4:5e:58:3c:3b:8a:15:c2:9b:36:57:
e2:e1:4c:4d:fe:80:92:d7:11:cb:09:e5:78:b9:36:a2:bd:4d:
f4:c3:af:a0:83:8f:e1:5d:6b:01:14:be:49:fa:88:0e:ac:33:
c0:78:75:c9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZW9lY7dd7nogWRYCs+lUMGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMzIyMTEyMDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNkNWZlMjc3MmRkYjFiMzgwYWZjNzY1YWVjNDc3NGE1MWFjMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9bAiweT4k9/3VlLD9YFqtnnLvt5
XLJpbTRgzTzjflUvk3xYhpxB7kUFasdK93sTFT0/HByrw+R+gqlICXMAZ4EicbT8
iVDJOG0YRnrrWrie/6+UMb0q3YfItOSyYYGPvGvNTgVG0y7L2XYoB/0k+EC+qOTw
uGwxWOEPnqHuJbLwYyJ40Nkf84qNEiOXxw4FO538Vjzgb5tyAcXQ2uAI6+I6PjtC
26OMbJF0fTei9pvc04GizfwZJENPUmUsi5uWetISLH0sQ5fLx4pyFTT77qe8ECKP
wKI2FNXsse/+/MKH/k5bY8MCI/fdArHqpbOX02wYuQ0iRonfIM907YoiOwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNw9X+J3LdsbOAr8dlrsR3SlGsD3MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvM0QxZjRuY3QyeHM0Q3Z4Mld1eEhkS1Vhd1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQMw
MA0GCSqGSIb3DQEBCwUAA4IBAQB5qiglzLKGr/wAlUGzg8yKXimdBoVyJcFDB9tZ
naydfM213l7l6cI1WajqnaNvWzMrIrngHZzeK+RIm96MeuBeDN6SncCDULThAnBY
7Z1pzOoa6Bzvdz8bkxXABW7BcmexoK1T/xdE3+FadR6MoqszTk/FtWXaQfuZq2hd
VRq83nTHdegteE5f6a0D9MBi20Frbd5MkUBzuXk5pTwAYctQO1pJe3TzEc9ONZHc
8DlcCVb0clVv7iiq9JEjv8AcsNeWH5LVi9nJinbJD6jJpF5YPDuKFcKbNlfi4UxN
/oCS1xHLCeV4uTaivU30w6+gg4/hXWsBFL5J+ogOrDPAeHXJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:58 2025 by rpki-client