Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4dUQId_mbdWfidFHnTqm86eMKH0.roa
File: 4dUQId_mbdWfidFHnTqm86eMKH0.roa (raw, json)
Hash identifier: QyGgAS7Pr08OpbOGzAaHWWzvWNwJKx6IlcNw3w3zd6I=
Subject key identifier: E1:D5:10:21:DF:E6:6D:D5:9F:89:D1:47:9D:3A:A6:F3:A7:8C:28:7D
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA9EFCA5D281740EC2ECA916FBA10F
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4dUQId_mbdWfidFHnTqm86eMKH0.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212201
IP address blocks: 2a0c:b641:c0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9e:fc:a5:d2:81:74:0e:c2:ec:a9:16:fb:a1:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1d51021dfe66dd59f89d1479d3aa6f3a78c287d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ff:57:52:bd:12:db:23:22:2b:36:9a:60:b7:
35:ce:c1:8a:86:14:f7:f2:42:60:2f:91:f3:3d:e5:
77:7a:45:4f:b8:cc:e6:bd:ef:09:14:07:ce:7f:90:
ac:5d:d3:b0:a3:7b:1f:28:c4:9c:1d:c1:0d:89:79:
0b:cc:d1:66:2b:30:06:27:5f:57:66:71:49:53:64:
64:1b:80:b4:72:27:ff:b6:45:f7:ac:fc:d7:35:fd:
37:d9:09:7c:4d:03:24:83:9e:0b:bb:48:72:d7:c2:
2d:b4:5e:ff:35:c5:b3:d2:18:ef:39:e8:7f:8f:be:
2d:6e:e4:71:ab:6b:76:f9:91:41:4d:b9:fe:eb:7e:
b3:5a:61:c7:46:a7:34:a4:c1:3f:ac:bb:0f:32:b1:
09:b8:bb:f1:45:06:7d:ca:a4:fc:13:54:77:ba:6d:
7e:4d:02:b5:7c:74:a8:19:38:0d:3c:70:c2:d7:fe:
ef:df:4f:20:c8:90:92:ac:b7:42:3e:cd:bf:90:df:
19:e8:c3:c1:1f:93:20:12:be:ff:3d:b4:45:67:c4:
cf:17:7d:29:5a:88:b9:7e:8b:e9:9e:83:86:09:9a:
26:6e:d5:38:40:8e:48:ce:bb:9b:0a:ff:f5:62:56:
4b:7d:bc:68:b4:6b:cc:31:cc:98:3f:7d:46:49:43:
22:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D5:10:21:DF:E6:6D:D5:9F:89:D1:47:9D:3A:A6:F3:A7:8C:28:7D
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/4dUQId_mbdWfidFHnTqm86eMKH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:c0::/44
Signature Algorithm: sha256WithRSAEncryption
32:7a:0c:c2:ae:c6:c1:bc:c0:e8:0c:35:0b:2a:37:1b:c5:8b:
0b:6b:fa:06:d3:1d:44:0b:37:58:2a:e3:77:63:8a:fc:88:39:
bf:db:2f:70:fd:48:8f:8c:7b:b4:dd:61:83:08:38:e4:63:b9:
38:aa:c6:14:b8:4f:7f:d7:de:43:5a:48:bd:44:db:99:9a:86:
fd:fb:5c:50:f9:f5:95:11:3c:b3:78:3a:9e:5e:2f:02:4f:27:
b8:c9:d7:9a:ed:f8:7c:f0:bf:68:59:bb:4f:87:58:cc:4d:b9:
77:18:1f:b3:08:1f:ec:d0:f5:fe:83:81:ba:d0:36:1c:fe:7f:
1b:55:13:73:c1:7d:b7:3b:d5:ec:ec:05:34:60:97:b4:d1:8b:
64:70:de:a7:83:a8:cd:47:56:a6:51:cf:5c:7b:cb:22:f9:e3:
7b:c5:fb:76:84:93:a2:72:87:e9:4b:e6:ba:05:ef:90:4a:ec:
07:56:84:b1:f1:48:0e:99:0d:27:28:fa:7c:a5:1c:2e:0e:9d:
07:01:47:78:31:60:1b:b3:81:a6:f4:00:15:8a:85:c6:0d:6a:
02:f8:91:34:86:35:47:ae:2c:6f:a7:89:43:41:28:46:15:e9:
31:83:8d:32:30:12:36:50:d6:77:f5:20:d2:3d:96:ff:18:fd:
9f:51:12:76
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+p78pdKBdA7C7KkW+6EPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWQ1MTAyMWRmZTY2ZGQ1OWY4OWQxNDc5ZDNhYTZmM2E3OGMyODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzf9XUr0S2yMiKzaaYLc1zsGKhhT3
8kJgL5HzPeV3ekVPuMzmve8JFAfOf5CsXdOwo3sfKMScHcENiXkLzNFmKzAGJ19X
ZnFJU2RkG4C0cif/tkX3rPzXNf032Ql8TQMkg54Lu0hy18IttF7/NcWz0hjvOeh/
j74tbuRxq2t2+ZFBTbn+636zWmHHRqc0pME/rLsPMrEJuLvxRQZ9yqT8E1R3um1+
TQK1fHSoGTgNPHDC1/7v308gyJCSrLdCPs2/kN8Z6MPBH5MgEr7/PbRFZ8TPF30p
Woi5fovpnoOGCZombtU4QI5IzrubCv/1YlZLfbxotGvMMcyYP31GSUMiSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOHVECHf5m3Vn4nRR506pvOnjCh9MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvNGRVUUlkX21iZFdmaWRGSG5UcW04NmVNS0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQDA
MA0GCSqGSIb3DQEBCwUAA4IBAQAyegzCrsbBvMDoDDULKjcbxYsLa/oG0x1ECzdY
KuN3Y4r8iDm/2y9w/UiPjHu03WGDCDjkY7k4qsYUuE9/195DWki9RNuZmob9+1xQ
+fWVETyzeDqeXi8CTye4ydea7fh88L9oWbtPh1jMTbl3GB+zCB/s0PX+g4G60DYc
/n8bVRNzwX23O9Xs7AU0YJe00YtkcN6ng6jNR1amUc9ce8si+eN7xft2hJOicofp
S+a6Be+QSuwHVoSx8UgOmQ0nKPp8pRwuDp0HAUd4MWAbs4Gm9AAVioXGDWoC+JE0
hjVHrixvp4lDQShGFekxg40yMBI2UNZ39SDSPZb/GP2fURJ2
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:43:39 2025 by rpki-client