Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/g545mcaaYn19HxLxL6AKsjsg-eY.roa
File: g545mcaaYn19HxLxL6AKsjsg-eY.roa (raw, json)
Hash identifier: 86Yw7K6zZY2/VL8oe7lJJdNGLRSmzB/dBjdSeXxusxI=
Subject key identifier: 83:9E:39:99:C6:9A:62:7D:7D:1F:12:F1:2F:A0:0A:B2:3B:20:F9:E6
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFAAC48545057252BF06CF194D3E517
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/g545mcaaYn19HxLxL6AKsjsg-eY.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213984
IP address blocks: 2a0c:b641:d50::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ac:48:54:50:57:25:2b:f0:6c:f1:94:d3:e5:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=839e3999c69a627d7d1f12f12fa00ab23b20f9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:76:6d:2c:b3:2a:7a:77:07:ec:e2:b4:2c:a1:
09:b7:a6:8f:03:8a:8b:3e:b7:b4:c3:61:6a:f2:cd:
35:7b:9a:45:65:dd:8d:9a:6c:90:dd:a8:bf:ef:64:
23:57:69:f7:bf:2e:71:b3:1c:ad:83:c8:84:f7:2e:
04:f1:6f:2f:a4:03:60:f3:68:5f:b4:e3:77:7d:c6:
0a:5d:c4:4c:13:76:5c:68:b7:88:4f:d8:3a:20:df:
c6:66:8d:a6:70:dd:6c:33:15:9c:8f:4a:38:79:d7:
3e:d7:30:a5:d3:5b:7b:25:1c:9f:d5:49:8c:cd:89:
56:1f:ab:33:c7:6c:fb:12:13:13:e7:23:68:85:e8:
e3:c2:ce:e7:91:5d:93:af:ed:3e:a3:85:3b:10:4c:
e9:02:20:29:b7:67:ac:4a:ee:ae:c8:d9:75:6a:b3:
7e:31:88:f2:ba:d1:49:20:64:44:97:38:bf:46:e1:
b8:ae:03:5b:e9:a3:8a:ce:dd:83:9d:97:88:fd:78:
e5:bc:b7:cd:4e:69:89:44:18:9c:ce:47:30:5f:27:
ee:51:c3:c5:60:b3:dc:dc:a3:cf:cb:25:77:c0:ab:
97:f9:10:e9:47:3c:01:5c:fd:c1:df:82:10:34:bd:
ce:8b:dc:76:2d:d2:29:94:ab:be:ad:53:22:d4:c3:
bd:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:9E:39:99:C6:9A:62:7D:7D:1F:12:F1:2F:A0:0A:B2:3B:20:F9:E6
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/g545mcaaYn19HxLxL6AKsjsg-eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:d50::/44
Signature Algorithm: sha256WithRSAEncryption
82:b0:c1:32:57:4a:c9:c6:14:de:9e:01:c9:e2:df:9f:f2:65:
2d:7b:39:41:61:50:fd:db:02:91:e7:54:a5:9a:1d:28:58:f2:
b9:a7:c1:d0:97:46:e7:cd:58:82:0a:6a:5f:eb:bc:e3:6a:1a:
6f:b8:08:03:6e:79:6f:ec:bb:99:b6:ce:5c:82:3b:e3:d9:90:
94:ec:e9:b7:71:84:09:bb:84:ea:2c:20:80:dd:f7:58:2f:3d:
a0:05:3f:bb:a8:c9:df:29:80:9e:5a:8d:24:ea:18:1c:d9:10:
48:3e:78:d8:f9:0d:46:8c:d3:ea:0d:a9:b1:5c:8d:bc:ef:30:
da:c4:74:c6:3a:1b:64:89:51:4d:f5:cf:94:af:f9:5d:a3:a9:
ce:45:25:08:5f:f7:60:93:8c:81:90:82:6e:bc:13:56:41:c0:
6f:1f:e6:1a:1f:3f:69:42:24:b9:a7:4b:f2:24:60:ba:c5:27:
d5:61:bb:e4:e7:7e:5f:6e:81:ed:b1:b0:1d:a3:e9:98:1b:ea:
4f:2a:21:e2:ec:a2:e2:5d:d6:85:de:cc:db:dc:a6:3b:de:7a:
1e:b7:e9:70:bd:32:36:09:5b:17:58:30:76:9f:a5:60:7c:a0:
09:f7:f3:54:1f:28:87:3a:6d:7d:34:84:92:4e:1f:65:0b:ba:
7d:fb:28:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+qxIVFBXJSvwbPGU0+UXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzllMzk5OWM2OWE2MjdkN2QxZjEyZjEyZmEwMGFiMjNiMjBmOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHZtLLMqencH7OK0LKEJt6aPA4qL
Pre0w2Fq8s01e5pFZd2NmmyQ3ai/72QjV2n3vy5xsxytg8iE9y4E8W8vpANg82hf
tON3fcYKXcRME3ZcaLeIT9g6IN/GZo2mcN1sMxWcj0o4edc+1zCl01t7JRyf1UmM
zYlWH6szx2z7EhMT5yNohejjws7nkV2Tr+0+o4U7EEzpAiApt2esSu6uyNl1arN+
MYjyutFJIGRElzi/RuG4rgNb6aOKzt2DnZeI/XjlvLfNTmmJRBiczkcwXyfuUcPF
YLPc3KPPyyV3wKuX+RDpRzwBXP3B34IQNL3Oi9x2LdIplKu+rVMi1MO9qQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIOeOZnGmmJ9fR8S8S+gCrI7IPnmMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZzU0NW1jYWFZbjE5SHhMeEw2QUtzanNnLWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQ1Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCCsMEyV0rJxhTengHJ4t+f8mUtezlBYVD92wKR
51Slmh0oWPK5p8HQl0bnzViCCmpf67zjahpvuAgDbnlv7LuZts5cgjvj2ZCU7Om3
cYQJu4TqLCCA3fdYLz2gBT+7qMnfKYCeWo0k6hgc2RBIPnjY+Q1GjNPqDamxXI28
7zDaxHTGOhtkiVFN9c+Ur/ldo6nORSUIX/dgk4yBkIJuvBNWQcBvH+YaHz9pQiS5
p0vyJGC6xSfVYbvk535fboHtsbAdo+mYG+pPKiHi7KLiXdaF3szb3KY73noet+lw
vTI2CVsXWDB2n6VgfKAJ9/NUHyiHOm19NISSTh9lC7p9+yiq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:58 2025 by rpki-client