Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/lKsvcaULybRm31tCFyN8vR7pZDY.roa
File: lKsvcaULybRm31tCFyN8vR7pZDY.roa (raw, json)
Hash identifier: 8vN1/oO/oyn4ZwCSbHq1R93pQHU7uo560qtgxf4Zgno=
Subject key identifier: 94:AB:2F:71:A5:0B:C9:B4:66:DF:5B:42:17:23:7C:BD:1E:E9:64:36
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA9D6F665AC3D49E24A687EB014BEA
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/lKsvcaULybRm31tCFyN8vR7pZDY.roa
Signing time: Wed 01 Jan 2025 03:48:25 +0000
ROA not before: Wed 01 Jan 2025 03:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211754
IP address blocks: 2a0c:b641:890::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:9d:6f:66:5a:c3:d4:9e:24:a6:87:eb:01:4b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94ab2f71a50bc9b466df5b4217237cbd1ee96436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:12:99:68:3e:f7:dc:0d:5b:95:ec:58:f1:6a:
af:1e:d9:a0:05:1d:be:1e:89:a3:c8:4e:99:4f:27:
a9:cc:df:45:a7:5c:c4:39:2d:b5:4a:b2:8c:5c:15:
c3:1c:d5:eb:48:79:8d:cf:3c:ad:94:95:c5:57:51:
10:e9:a9:28:57:04:3b:1c:9f:1c:39:ae:3c:7c:9c:
e1:be:47:8a:63:32:95:ff:fc:44:74:5d:b9:4d:4d:
65:89:46:3b:3f:94:eb:3a:45:f8:26:cc:71:55:51:
c4:fc:e6:13:4a:b6:1e:57:14:6f:e3:b0:ab:3a:c9:
be:59:f7:19:72:4b:0c:4e:31:fb:47:00:8f:27:c5:
86:62:32:28:d9:6b:22:dd:28:60:49:1c:1a:21:ee:
2a:f5:68:e9:c8:5e:44:b2:8f:e6:da:dd:43:e2:cc:
07:38:cc:a2:43:5a:d4:1d:7a:aa:37:fc:7a:3f:12:
a9:5f:3e:fd:29:19:29:91:4c:f4:c7:71:4a:06:d3:
91:d4:45:b7:6c:79:b4:33:11:74:e7:09:20:72:b5:
92:4e:73:bb:dc:b6:0b:11:13:40:e7:90:fd:1f:33:
4b:ad:07:ff:4a:43:56:78:4b:02:7f:6a:09:b5:23:
d0:7e:20:db:1c:35:34:78:49:c1:80:06:b2:3f:b8:
43:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AB:2F:71:A5:0B:C9:B4:66:DF:5B:42:17:23:7C:BD:1E:E9:64:36
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/lKsvcaULybRm31tCFyN8vR7pZDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:890::/44
Signature Algorithm: sha256WithRSAEncryption
31:4e:df:73:38:ef:94:cb:53:dc:b2:be:0d:b8:59:44:cf:a2:
b4:73:df:4b:59:9a:87:2e:fc:c2:60:9c:0b:e1:07:89:04:d0:
2d:db:ee:d5:76:5d:d5:9b:fe:a7:37:1b:58:95:2a:34:6a:70:
85:4e:83:33:5c:67:ba:ed:d7:b9:80:60:55:f4:40:e0:93:8c:
dc:cd:4c:ee:82:e4:a9:85:56:e6:6e:13:64:83:fd:e3:94:bd:
0a:c8:ef:b1:43:71:da:89:29:f4:9d:59:e2:07:05:1a:94:da:
a5:3e:e0:c3:ba:13:0a:6e:95:7c:5c:ff:af:64:a8:d3:41:10:
87:55:61:07:d7:6e:96:fa:6f:dd:ea:ff:65:77:b9:0f:ee:61:
76:6f:3a:92:7b:06:82:1f:56:74:85:ec:c7:51:19:76:65:2f:
06:28:51:40:f1:28:17:a6:9e:17:fe:dc:e8:16:62:2a:5a:51:
ac:a8:0b:5d:0b:99:44:a0:72:f3:36:70:dc:7a:15:7f:23:fa:
d9:c9:54:2c:9b:93:61:bf:22:d6:69:a6:db:b0:58:ae:b6:f9:
5e:e6:88:1b:29:27:ad:f3:b8:0d:24:36:55:2f:54:e2:b6:51:
42:6d:5b:e3:fb:2a:7d:2b:22:d9:dd:32:14:f2:dd:dc:13:1b:
b5:88:02:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+p1vZlrD1J4kpofrAUvqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFiMmY3MWE1MGJjOWI0NjZkZjViNDIxNzIzN2NiZDFlZTk2NDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxKZaD733A1blexY8WqvHtmgBR2+
HomjyE6ZTyepzN9Fp1zEOS21SrKMXBXDHNXrSHmNzzytlJXFV1EQ6akoVwQ7HJ8c
Oa48fJzhvkeKYzKV//xEdF25TU1liUY7P5TrOkX4JsxxVVHE/OYTSrYeVxRv47Cr
Osm+WfcZcksMTjH7RwCPJ8WGYjIo2Wsi3ShgSRwaIe4q9WjpyF5Eso/m2t1D4swH
OMyiQ1rUHXqqN/x6PxKpXz79KRkpkUz0x3FKBtOR1EW3bHm0MxF05wkgcrWSTnO7
3LYLERNA55D9HzNLrQf/SkNWeEsCf2oJtSPQfiDbHDU0eEnBgAayP7hD2QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJSrL3GlC8m0Zt9bQhcjfL0e6WQ2MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvbEtzdmNhVUx5YlJtMzF0Q0Z5Tjh2UjdwWkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQiQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAxTt9zOO+Uy1Pcsr4NuFlEz6K0c99LWZqHLvzC
YJwL4QeJBNAt2+7Vdl3Vm/6nNxtYlSo0anCFToMzXGe67de5gGBV9EDgk4zczUzu
guSphVbmbhNkg/3jlL0KyO+xQ3HaiSn0nVniBwUalNqlPuDDuhMKbpV8XP+vZKjT
QRCHVWEH126W+m/d6v9ld7kP7mF2bzqSewaCH1Z0hezHURl2ZS8GKFFA8SgXpp4X
/tzoFmIqWlGsqAtdC5lEoHLzNnDcehV/I/rZyVQsm5NhvyLWaabbsFiutvle5ogb
KSet87gNJDZVL1TitlFCbVvj+yp9KyLZ3TIU8t3cExu1iAIO
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:44 2025 by rpki-client