Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/DftoQUQn4Xzq-Zop7A3iZwVRWAM.roa
File: DftoQUQn4Xzq-Zop7A3iZwVRWAM.roa (raw, json)
Hash identifier: PK9d4sm9fmU7eLoZYPro4XRXKpOO/TU8UDLG+RyKLGs=
Subject key identifier: 0D:FB:68:41:44:27:E1:7C:EA:F9:9A:29:EC:0D:E2:67:05:51:58:03
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFAA6E9C48A1F6E8FA11F83771514A5
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/DftoQUQn4Xzq-Zop7A3iZwVRWAM.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213190
IP address blocks: 2a0c:b642:fc0::/43 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a6:e9:c4:8a:1f:6e:8f:a1:1f:83:77:15:14:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dfb68414427e17ceaf99a29ec0de26705515803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a8:10:87:b7:0c:67:bf:b9:76:a9:19:9b:1a:
f2:67:9a:9b:be:a0:6d:d2:0b:db:61:6c:04:0a:16:
e8:5f:bc:52:fa:d8:67:bf:4b:44:9d:9d:8f:ab:a9:
fa:d3:60:32:0a:6b:3e:49:75:ee:8c:89:c4:75:39:
03:d8:21:28:68:18:e3:f7:8a:ea:be:f0:19:cf:b0:
a3:60:60:cc:06:23:66:f7:63:0f:a0:29:12:32:fe:
dc:48:a1:57:65:2b:26:81:56:42:f3:01:c0:06:36:
23:b5:73:e4:90:5b:82:9f:4e:99:f0:72:34:99:cd:
96:93:a5:43:13:85:ab:50:43:3d:5d:49:d1:0f:00:
84:cb:d1:4d:4e:75:ea:8b:87:09:a7:2f:eb:87:f6:
d5:48:3c:dc:6e:da:3e:d8:aa:5e:06:b7:ac:a4:61:
7f:39:f6:08:af:ec:dc:85:76:c1:bb:df:cf:cb:fe:
d3:de:15:75:2d:6a:df:44:3a:5f:23:01:11:1f:90:
70:eb:ac:30:55:6d:d7:0b:8e:03:41:9c:52:92:26:
15:cf:c0:91:bb:96:b1:d6:43:c0:40:1b:32:b1:b1:
89:21:8d:1f:50:b1:f2:7d:24:6f:33:38:84:98:08:
f3:b1:82:d4:aa:b0:c2:77:7e:fc:9e:bc:86:40:39:
95:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:FB:68:41:44:27:E1:7C:EA:F9:9A:29:EC:0D:E2:67:05:51:58:03
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/DftoQUQn4Xzq-Zop7A3iZwVRWAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b642:fc0::/43
Signature Algorithm: sha256WithRSAEncryption
6c:03:bf:4d:b4:a5:5d:67:bd:5a:f6:53:b9:29:72:f6:86:37:
5c:4d:55:fd:5a:85:eb:db:93:4c:ff:f2:e3:56:b8:8c:26:b8:
ad:de:08:de:6b:44:50:53:a4:5f:14:46:98:9f:91:81:bb:75:
49:60:95:cf:7b:7f:d8:1e:cf:c8:ea:63:9d:11:77:23:8f:dc:
9a:03:38:c2:0b:37:a9:c9:ba:1d:e8:04:3d:e5:05:0d:1b:ef:
cc:64:ca:d9:da:11:40:23:ed:76:86:2c:31:94:e6:ae:11:17:
74:e3:08:f1:2f:91:37:39:c4:98:d1:65:c0:c9:a4:cc:99:49:
a7:97:33:ab:55:02:5f:49:5b:0d:72:10:a4:8b:85:1f:c5:03:
0f:15:b2:e9:0d:12:19:d2:63:89:96:17:07:ef:fd:d1:68:02:
63:d5:c6:36:a4:13:58:55:3f:cf:46:52:89:6c:2a:91:f5:1f:
21:24:bb:a9:01:b0:c7:56:b1:58:35:60:59:9a:c5:21:c4:c6:
cd:13:03:90:ad:37:7a:7d:87:68:84:47:2a:82:04:52:f9:52:
cf:13:5d:06:9f:56:f4:3a:81:2b:18:57:9d:10:7e:12:99:b6:
d5:ff:4d:49:db:58:15:dd:c4:f9:53:30:44:f4:fc:65:fd:db:
ab:96:ab:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+qbpxIofbo+hH4N3FRSlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGZiNjg0MTQ0MjdlMTdjZWFmOTlhMjllYzBkZTI2NzA1NTE1ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6gQh7cMZ7+5dqkZmxryZ5qbvqBt
0gvbYWwEChboX7xS+thnv0tEnZ2Pq6n602AyCms+SXXujInEdTkD2CEoaBjj94rq
vvAZz7CjYGDMBiNm92MPoCkSMv7cSKFXZSsmgVZC8wHABjYjtXPkkFuCn06Z8HI0
mc2Wk6VDE4WrUEM9XUnRDwCEy9FNTnXqi4cJpy/rh/bVSDzcbto+2KpeBrespGF/
OfYIr+zchXbBu9/Py/7T3hV1LWrfRDpfIwERH5Bw66wwVW3XC44DQZxSkiYVz8CR
u5ax1kPAQBsysbGJIY0fULHyfSRvMziEmAjzsYLUqrDCd378nryGQDmV/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA37aEFEJ+F86vmaKewN4mcFUVgDMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvRGZ0b1FVUW40WHpxLVpvcDdBM2lad1ZSV0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKgy2Qg/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBsA79NtKVdZ71a9lO5KXL2hjdcTVX9WoXr25NM
//LjVriMJrit3gjea0RQU6RfFEaYn5GBu3VJYJXPe3/YHs/I6mOdEXcjj9yaAzjC
Czepybod6AQ95QUNG+/MZMrZ2hFAI+12hiwxlOauERd04wjxL5E3OcSY0WXAyaTM
mUmnlzOrVQJfSVsNchCki4UfxQMPFbLpDRIZ0mOJlhcH7/3RaAJj1cY2pBNYVT/P
RlKJbCqR9R8hJLupAbDHVrFYNWBZmsUhxMbNEwOQrTd6fYdohEcqggRS+VLPE10G
n1b0OoErGFedEH4SmbbV/01J21gV3cT5UzBE9Pxl/durlqsz
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:12:17 2025 by rpki-client