Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/854UOcWqriTDthlFu6bGOW0F-c8.roa
File: 854UOcWqriTDthlFu6bGOW0F-c8.roa (raw, json)
Hash identifier: g2d4X1Rhzo23Wt/AS/vcW9vk8AitpXqfbune/m4zOt8=
Subject key identifier: F3:9E:14:39:C5:AA:AE:24:C3:B6:19:45:BB:A6:C6:39:6D:05:F9:CF
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA974BB6CBC8D05AC5A61C02E7FB1B
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/854UOcWqriTDthlFu6bGOW0F-c8.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210339
IP address blocks: 2a0c:b641:630::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:97:4b:b6:cb:c8:d0:5a:c5:a6:1c:02:e7:fb:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f39e1439c5aaae24c3b61945bba6c6396d05f9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c9:71:c3:a9:20:b9:e3:5a:0d:58:4e:28:86:
49:24:63:f1:8b:e8:30:ca:37:1a:96:94:31:de:59:
7e:a8:5d:51:ba:e1:01:64:52:37:42:dc:e6:69:b7:
ae:e8:0c:44:bb:9a:76:0b:68:59:dc:72:71:67:19:
86:2c:73:72:c4:73:86:5d:50:09:64:ae:30:be:da:
74:cd:38:68:3d:7d:e0:23:43:8a:79:58:57:c3:0f:
9a:0c:b9:31:91:e5:a1:3d:1b:63:a2:2d:2c:c3:12:
41:6d:a3:df:b0:62:dd:35:78:0e:6c:e0:3a:af:fd:
c8:cd:12:64:7e:77:4d:f7:d6:71:1a:7e:d0:db:31:
8a:6f:84:f7:6a:75:b7:ad:b3:7c:33:09:9b:d2:bc:
ff:b9:20:0d:23:77:d8:a7:cf:9a:14:f1:02:f8:e6:
55:06:aa:19:87:2b:68:2b:68:32:ce:c3:c7:7a:d1:
3d:e0:eb:06:a3:e0:67:39:88:6c:5d:f2:b2:83:99:
b9:37:26:c4:49:18:c8:c6:bc:66:45:5d:64:b7:66:
6c:21:75:3a:15:8b:4d:73:5f:e3:13:6f:a4:8a:96:
c7:c7:83:1d:45:34:46:a0:ee:f3:12:f0:23:4f:88:
3d:d8:5a:32:a7:4b:4d:e2:12:61:5d:e4:70:b9:a8:
94:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9E:14:39:C5:AA:AE:24:C3:B6:19:45:BB:A6:C6:39:6D:05:F9:CF
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/854UOcWqriTDthlFu6bGOW0F-c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:630::/44
Signature Algorithm: sha256WithRSAEncryption
46:88:02:a3:d4:ad:24:fc:2f:55:c1:3f:bd:5d:ef:b3:9d:31:
51:a5:0c:6c:31:2e:6b:6d:3b:94:d5:ef:6d:c2:5d:29:f5:b5:
be:ff:f1:d7:72:f9:a7:30:40:f9:db:7e:dd:e6:07:4d:c2:a8:
43:ef:1f:84:da:e9:35:f7:50:91:23:7c:06:6c:04:bd:02:e0:
1f:7c:36:f9:1b:a7:df:89:6e:ee:e1:28:a7:37:79:4e:3d:a7:
a2:26:58:47:04:e8:17:35:46:0a:2f:35:3a:0e:31:15:fb:05:
5a:5e:15:60:90:9a:77:65:bf:14:71:76:8b:50:10:e3:ab:50:
05:2f:08:f8:17:d0:03:24:18:6d:21:61:a2:9c:ae:5a:0f:5d:
68:7f:4f:f8:f3:47:78:3e:4a:4c:87:db:6b:fd:0c:d5:ae:06:
82:05:59:14:7f:32:9c:1f:35:41:4f:78:b8:9a:ef:79:ed:45:
d3:ad:bd:8c:98:c7:52:92:28:e4:73:0a:12:01:3a:be:ad:ff:
d4:55:fe:68:dd:d7:ba:45:e1:ce:8c:42:99:82:f2:8a:c1:89:
62:de:d1:8f:30:be:27:12:a0:fa:69:8b:64:f1:b1:97:d1:d6:
31:88:ff:d2:08:2d:4e:cd:c2:39:de:c0:6e:c6:4d:a3:4b:34:
67:24:5a:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+pdLtsvI0FrFphwC5/sbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzllMTQzOWM1YWFhZTI0YzNiNjE5NDViYmE2YzYzOTZkMDVmOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsclxw6kgueNaDVhOKIZJJGPxi+gw
yjcalpQx3ll+qF1RuuEBZFI3Qtzmabeu6AxEu5p2C2hZ3HJxZxmGLHNyxHOGXVAJ
ZK4wvtp0zThoPX3gI0OKeVhXww+aDLkxkeWhPRtjoi0swxJBbaPfsGLdNXgObOA6
r/3IzRJkfndN99ZxGn7Q2zGKb4T3anW3rbN8Mwmb0rz/uSANI3fYp8+aFPEC+OZV
BqoZhytoK2gyzsPHetE94OsGo+BnOYhsXfKyg5m5NybESRjIxrxmRV1kt2ZsIXU6
FYtNc1/jE2+kipbHx4MdRTRGoO7zEvAjT4g92Foyp0tN4hJhXeRwuaiUpQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPOeFDnFqq4kw7YZRbumxjltBfnPMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvODU0VU9jV3FyaVREdGhsRnU2YkdPVzBGLWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQYw
MA0GCSqGSIb3DQEBCwUAA4IBAQBGiAKj1K0k/C9VwT+9Xe+znTFRpQxsMS5rbTuU
1e9twl0p9bW+//HXcvmnMED5237d5gdNwqhD7x+E2uk191CRI3wGbAS9AuAffDb5
G6ffiW7u4SinN3lOPaeiJlhHBOgXNUYKLzU6DjEV+wVaXhVgkJp3Zb8UcXaLUBDj
q1AFLwj4F9ADJBhtIWGinK5aD11of0/480d4PkpMh9tr/QzVrgaCBVkUfzKcHzVB
T3i4mu957UXTrb2MmMdSkijkcwoSATq+rf/UVf5o3de6ReHOjEKZgvKKwYli3tGP
ML4nEqD6aYtk8bGX0dYxiP/SCC1OzcI53sBuxk2jSzRnJFoM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:19 2025 by rpki-client