Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ClQMYxjPHEGKlKuN1iuLjR6kdQ0.roa
File: ClQMYxjPHEGKlKuN1iuLjR6kdQ0.roa (raw, json)
Hash identifier: yeOmPnhLIHgHXszT44Mi+NBVm3AIpEDwIHLJhp8S4MM=
Subject key identifier: 0A:54:0C:63:18:CF:1C:41:8A:94:AB:8D:D6:2B:8B:8D:1E:A4:75:0D
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFAA39123F8D3FBDBA7FF503AAD312B
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ClQMYxjPHEGKlKuN1iuLjR6kdQ0.roa
Signing time: Wed 01 Jan 2025 03:48:26 +0000
ROA not before: Wed 01 Jan 2025 03:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212832
IP address blocks: 2a0c:b641:5f0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a3:91:23:f8:d3:fb:db:a7:ff:50:3a:ad:31:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a540c6318cf1c418a94ab8dd62b8b8d1ea4750d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8f:47:b5:c5:61:2e:0b:51:b9:d4:7c:31:ac:
54:f6:c5:11:cc:c4:d9:6d:de:e9:a7:e0:9a:5b:55:
99:0c:c3:a9:2f:a8:c3:9f:7e:1c:ee:81:2b:50:01:
0b:23:06:58:78:69:a9:dd:c4:f5:4e:d7:51:51:67:
f0:d5:a1:62:4c:67:0a:25:b1:78:4c:47:d6:e4:c9:
cd:e7:56:4e:e3:61:0a:17:7d:2c:a4:18:f5:9a:9e:
74:b3:df:e7:3e:fc:d1:44:12:96:31:c5:08:82:8c:
35:bd:ff:8a:6c:1b:b7:a0:4e:19:00:a1:ce:8a:42:
dc:b2:71:17:7a:a1:26:05:a9:8f:c8:86:06:a8:09:
3f:67:a5:e0:7f:79:43:40:ff:24:32:3a:62:c4:7e:
a1:9d:ff:11:33:45:46:ae:14:9b:f8:25:ec:74:f4:
66:8b:3d:5c:bb:f3:3b:74:5a:7a:27:78:17:86:d6:
e1:54:f3:19:25:9f:86:55:a5:4e:d7:f2:f9:7b:b7:
52:61:6f:ea:dd:e6:a8:61:c9:df:13:3b:86:f0:d2:
21:bb:54:e9:f8:93:30:ae:06:4d:cd:03:c6:64:71:
17:86:29:12:78:ac:db:34:c2:38:a8:3d:bb:45:54:
91:49:81:79:00:42:f7:49:b7:45:b9:2e:cc:f5:d9:
d4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:54:0C:63:18:CF:1C:41:8A:94:AB:8D:D6:2B:8B:8D:1E:A4:75:0D
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ClQMYxjPHEGKlKuN1iuLjR6kdQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:5f0::/44
Signature Algorithm: sha256WithRSAEncryption
45:2b:eb:d9:3d:85:3a:6e:c0:0f:38:6a:7c:52:72:15:f5:81:
ab:d0:1c:15:7a:0f:1b:a6:94:92:a3:98:55:f7:13:30:6a:e2:
d1:b2:47:9b:e2:26:c5:42:15:0a:0e:a5:07:91:fc:7b:f5:40:
81:10:35:e7:b9:07:25:e7:c9:6f:ea:57:01:a0:24:ef:0d:d0:
98:51:93:a6:1a:f9:bb:37:5a:8f:5d:73:b8:06:bf:d5:00:67:
79:16:ab:d7:8a:6e:39:3a:a8:d8:66:6c:26:e3:69:0d:ef:a8:
94:1f:66:11:8c:6c:9f:51:6c:5a:db:5d:05:c5:9c:ba:f6:5b:
f7:aa:ce:03:9e:a7:86:4c:f8:26:4e:f9:3b:b6:6f:98:da:0f:
0f:53:26:cf:49:af:2b:bc:9c:7c:91:24:d6:ab:50:f4:09:84:
e6:49:0e:9b:44:9c:6d:be:a8:a2:c4:f5:bd:3e:e2:bd:ea:9f:
17:ce:22:8f:c6:b0:2b:a0:62:83:8f:38:c1:91:2a:6e:09:79:
a2:b4:a5:13:98:50:05:2d:a8:cc:dc:9f:06:8f:23:7a:16:4f:
e6:3a:df:43:ae:f0:94:dd:5c:6a:0b:22:d8:0a:bf:45:c3:e4:
fa:7d:24:47:eb:86:82:42:53:fe:dc:2d:75:3c:e9:e0:95:6b:
cc:49:90:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+qORI/jT+9un/1A6rTErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU0MGM2MzE4Y2YxYzQxOGE5NGFiOGRkNjJiOGI4ZDFlYTQ3NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz49HtcVhLgtRudR8MaxU9sURzMTZ
bd7pp+CaW1WZDMOpL6jDn34c7oErUAELIwZYeGmp3cT1TtdRUWfw1aFiTGcKJbF4
TEfW5MnN51ZO42EKF30spBj1mp50s9/nPvzRRBKWMcUIgow1vf+KbBu3oE4ZAKHO
ikLcsnEXeqEmBamPyIYGqAk/Z6Xgf3lDQP8kMjpixH6hnf8RM0VGrhSb+CXsdPRm
iz1cu/M7dFp6J3gXhtbhVPMZJZ+GVaVO1/L5e7dSYW/q3eaoYcnfEzuG8NIhu1Tp
+JMwrgZNzQPGZHEXhikSeKzbNMI4qD27RVSRSYF5AEL3SbdFuS7M9dnUPwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFApUDGMYzxxBipSrjdYri40epHUNMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvQ2xRTVl4alBIRUdLbEt1TjFpdUxqUjZrZFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQXw
MA0GCSqGSIb3DQEBCwUAA4IBAQBFK+vZPYU6bsAPOGp8UnIV9YGr0BwVeg8bppSS
o5hV9xMwauLRskeb4ibFQhUKDqUHkfx79UCBEDXnuQcl58lv6lcBoCTvDdCYUZOm
Gvm7N1qPXXO4Br/VAGd5FqvXim45OqjYZmwm42kN76iUH2YRjGyfUWxa210FxZy6
9lv3qs4DnqeGTPgmTvk7tm+Y2g8PUybPSa8rvJx8kSTWq1D0CYTmSQ6bRJxtvqii
xPW9PuK96p8XziKPxrAroGKDjzjBkSpuCXmitKUTmFAFLajM3J8GjyN6Fk/mOt9D
rvCU3VxqCyLYCr9Fw+T6fSRH64aCQlP+3C11POnglWvMSZAX
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:04:37 2025 by rpki-client