Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ooYzTxL2aK_EppQ_lxNxC-5d3-M.roa
File: ooYzTxL2aK_EppQ_lxNxC-5d3-M.roa (raw, json)
Hash identifier: lfkGbxPMbLb3YnVGD+qxoWtekEHRj636i21c3WG/sVQ=
Subject key identifier: A2:86:33:4F:12:F6:68:AF:C4:A6:94:3F:97:13:71:0B:EE:5D:DF:E3
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFA998C222727935A11B90028CE71B0
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ooYzTxL2aK_EppQ_lxNxC-5d3-M.roa
Signing time: Wed 01 Jan 2025 03:48:24 +0000
ROA not before: Wed 01 Jan 2025 03:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210546
IP address blocks: 2a0c:b641:540::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:99:8c:22:27:27:93:5a:11:b9:00:28:ce:71:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a286334f12f668afc4a6943f9713710bee5ddfe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:99:79:44:62:d2:25:8a:41:13:5c:24:41:
77:0f:59:fb:a7:e4:4d:4f:78:e7:18:13:b1:97:07:
b0:0e:32:c0:a8:66:e1:74:6a:09:2e:e3:1f:b2:fa:
7a:97:0d:84:b4:08:18:d0:3f:df:a1:32:6d:61:65:
bc:50:f4:5d:13:7e:d4:cd:8e:bd:2b:2d:37:4d:9e:
0a:40:59:e1:09:8e:52:41:5d:5a:ef:7b:9e:df:3d:
a3:2f:f2:e1:2b:77:2e:c4:c0:bb:13:30:6f:d6:f3:
1c:64:71:81:2d:ac:47:99:9a:3d:b4:38:df:60:69:
49:01:d0:29:71:a7:af:44:94:c3:82:66:75:96:5d:
40:11:88:01:54:70:10:a2:b6:5b:dd:83:c5:e8:f1:
f7:ee:c5:96:1b:48:e0:7e:2f:de:60:d4:31:78:d2:
92:5d:b2:f9:e7:56:ff:8d:47:17:a6:b9:db:50:b3:
b7:d1:d8:de:2b:2d:4e:20:63:5a:50:e3:ff:91:e0:
25:e2:8b:81:70:37:e9:d7:be:58:ff:15:38:3c:3b:
8a:1a:a0:3b:03:08:72:69:ae:59:86:3d:f5:1b:3b:
9a:4c:b0:82:a1:b2:d4:f7:10:be:20:25:53:5a:5b:
4f:ee:eb:44:47:df:6e:d5:04:10:f0:58:d6:99:13:
56:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:86:33:4F:12:F6:68:AF:C4:A6:94:3F:97:13:71:0B:EE:5D:DF:E3
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ooYzTxL2aK_EppQ_lxNxC-5d3-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:540::/44
Signature Algorithm: sha256WithRSAEncryption
38:9e:b3:7e:ce:b2:19:d8:10:a7:e0:5d:b0:f6:5f:be:c1:f2:
5d:11:d2:d4:59:3b:75:c9:8a:1c:8b:b3:a8:0a:ee:f6:35:b8:
f0:38:50:14:68:03:e8:aa:1a:42:68:f0:1e:9b:7d:b7:82:d7:
36:57:21:62:22:2d:62:c4:02:09:c8:96:24:6f:1a:3f:82:e5:
fa:32:ee:2c:7e:65:51:04:0b:17:a5:30:12:79:5e:d0:76:70:
8f:9a:0e:87:06:e4:b5:5e:9e:9a:11:5a:ee:61:6e:35:1b:ce:
90:8a:85:92:39:7e:fa:26:eb:35:e0:7f:07:63:d2:5d:ca:f6:
8e:23:a6:49:f6:2e:d9:c0:87:39:0d:9e:6f:f3:8b:40:b5:02:
28:74:f5:c6:97:9c:8d:16:82:94:b6:82:3a:ab:ab:af:25:6c:
e8:17:4c:9d:af:18:2b:e6:42:a8:3a:c9:13:4d:0f:57:e9:cc:
24:37:2a:73:78:79:19:7d:72:94:2d:a1:18:36:40:af:2a:2b:
a2:fb:ef:27:3a:0f:68:2a:84:7e:5b:77:89:05:d8:31:89:67:
35:30:50:36:f2:2b:d6:fb:ac:c1:68:29:e0:ce:f5:70:16:00:
42:21:71:b8:5c:2e:48:d3:8f:5e:95:a5:00:07:1b:c4:ba:9e:
f4:0f:81:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+pmMIicnk1oRuQAoznGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjg2MzM0ZjEyZjY2OGFmYzRhNjk0M2Y5NzEzNzEwYmVlNWRkZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYSZeURi0iWKQRNcJEF3D1n7p+RN
T3jnGBOxlwewDjLAqGbhdGoJLuMfsvp6lw2EtAgY0D/foTJtYWW8UPRdE37UzY69
Ky03TZ4KQFnhCY5SQV1a73ue3z2jL/LhK3cuxMC7EzBv1vMcZHGBLaxHmZo9tDjf
YGlJAdApcaevRJTDgmZ1ll1AEYgBVHAQorZb3YPF6PH37sWWG0jgfi/eYNQxeNKS
XbL551b/jUcXprnbULO30djeKy1OIGNaUOP/keAl4ouBcDfp175Y/xU4PDuKGqA7
Awhyaa5Zhj31GzuaTLCCobLU9xC+ICVTWltP7utER99u1QQQ8FjWmRNWOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKKGM08S9mivxKaUP5cTcQvuXd/jMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvb29ZelR4TDJhS19FcHBRX2x4TnhDLTVkMy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQVA
MA0GCSqGSIb3DQEBCwUAA4IBAQA4nrN+zrIZ2BCn4F2w9l++wfJdEdLUWTt1yYoc
i7OoCu72NbjwOFAUaAPoqhpCaPAem323gtc2VyFiIi1ixAIJyJYkbxo/guX6Mu4s
fmVRBAsXpTASeV7QdnCPmg6HBuS1Xp6aEVruYW41G86QioWSOX76Jus14H8HY9Jd
yvaOI6ZJ9i7ZwIc5DZ5v84tAtQIodPXGl5yNFoKUtoI6q6uvJWzoF0ydrxgr5kKo
OskTTQ9X6cwkNypzeHkZfXKULaEYNkCvKiui++8nOg9oKoR+W3eJBdgxiWc1MFA2
8ivW+6zBaCngzvVwFgBCIXG4XC5I049elaUABxvEup70D4Gr
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:52:00 2025 by rpki-client