Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/GbDOIWuDR8WZ-BYENq51ar0aP5k.roa
File: GbDOIWuDR8WZ-BYENq51ar0aP5k.roa (raw, json)
Hash identifier: CJzAJfHWSIZwrXGtd5lfTfuDJWDAheSFeEbvk8VGSio=
Subject key identifier: 19:B0:CE:21:6B:83:47:C5:99:F8:16:04:36:AE:75:6A:BD:1A:3F:99
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 01942144085A8CE0BE2F3FDE891FA58A726A
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/GbDOIWuDR8WZ-BYENq51ar0aP5k.roa
Signing time: Wed 01 Jan 2025 09:48:14 +0000
ROA not before: Wed 01 Jan 2025 09:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29290
IP address blocks: 2a00:f10:141::/48 maxlen: 48
2a0b:8f80:100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:08:5a:8c:e0:be:2f:3f:de:89:1f:a5:8a:72:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 09:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19b0ce216b8347c599f8160436ae756abd1a3f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dd:6e:9b:71:c3:5d:e7:ef:c6:84:36:83:2e:
ee:e7:fe:b8:54:d6:a0:d0:18:98:1a:02:91:97:b4:
c3:dd:c0:6b:14:27:f6:3d:a3:a1:1a:e6:cb:27:79:
52:f4:96:bb:c0:96:90:22:79:45:fb:b3:a1:9d:c5:
c1:9b:9f:70:3c:1a:8d:87:10:b3:b6:b4:c1:70:42:
89:b9:9d:89:78:22:49:c1:c4:73:64:55:73:c7:39:
f5:a9:8d:f0:ee:b6:56:77:d3:51:35:9f:f0:1b:85:
57:48:19:72:b5:c7:85:2a:a1:0d:da:3a:65:29:dd:
e3:dc:4e:15:8a:2c:09:60:d9:34:2a:72:1b:fc:2d:
b4:29:66:de:2b:f9:65:54:98:40:23:93:58:a6:d3:
0d:93:3c:26:5d:48:84:f6:89:73:d6:d0:09:e1:79:
6c:6c:0b:b6:7d:43:53:34:02:f6:37:9f:27:22:3f:
97:4d:c8:97:a2:ad:65:6d:e0:4f:ee:8f:52:90:b4:
42:77:05:ad:31:93:b3:0a:72:fc:10:f2:e8:fc:44:
f7:46:4f:62:b4:60:ad:5c:2d:0d:b6:67:ec:8b:23:
2b:a7:22:ff:d5:c5:d2:37:6f:3b:ad:24:82:9c:c2:
55:e1:71:00:62:b0:38:cf:7d:30:b7:8d:10:4e:be:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:B0:CE:21:6B:83:47:C5:99:F8:16:04:36:AE:75:6A:BD:1A:3F:99
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/GbDOIWuDR8WZ-BYENq51ar0aP5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f10:141::/48
2a0b:8f80:100::/40
Signature Algorithm: sha256WithRSAEncryption
5f:96:f9:d8:f7:22:a3:3d:a0:99:0a:fe:b8:98:28:c5:05:c8:
7b:1f:45:e9:ac:74:d3:86:4a:a2:8f:eb:f6:a5:a2:9f:d8:33:
dc:ba:59:34:21:da:41:89:24:49:f9:3b:b2:28:dd:14:7f:c1:
93:c8:83:a6:85:b2:17:d5:98:69:5d:2c:47:10:79:3d:f2:45:
94:7b:22:03:fe:c3:2c:62:92:7f:de:25:d4:a7:91:7a:60:b0:
aa:78:88:39:66:b5:f8:8f:75:9d:92:9d:ea:32:35:0f:4f:ad:
0d:55:5e:0a:89:86:4a:8f:9d:e5:c9:d2:9a:fe:9f:10:2c:01:
a2:90:71:4d:92:6d:0f:60:fe:e2:ef:90:d9:e9:cc:74:32:87:
83:93:84:01:e3:e6:36:75:5e:1f:22:a5:ee:0a:98:de:21:3a:
03:ca:0a:88:c5:20:47:f9:f4:b9:a8:2f:76:0d:8c:22:14:e4:
d2:4d:13:08:31:b4:15:3b:85:d8:5d:fb:59:32:57:8f:50:f8:
28:7a:9c:ed:ff:c0:32:fa:61:15:a4:3a:e6:1e:3b:68:25:97:
31:97:97:c9:0c:79:68:ae:74:4e:d4:bf:64:1c:4a:01:e5:7b:
83:d0:1b:c0:15:97:72:a7:c3:fe:f3:3b:11:ee:bf:54:f6:38:
82:ac:81:95
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQhRAhajOC+Lz/eiR+linJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAxMDk0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWIwY2UyMTZiODM0N2M1OTlmODE2MDQzNmFlNzU2YWJkMWEzZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt1um3HDXefvxoQ2gy7u5/64VNag
0BiYGgKRl7TD3cBrFCf2PaOhGubLJ3lS9Ja7wJaQInlF+7OhncXBm59wPBqNhxCz
trTBcEKJuZ2JeCJJwcRzZFVzxzn1qY3w7rZWd9NRNZ/wG4VXSBlytceFKqEN2jpl
Kd3j3E4ViiwJYNk0KnIb/C20KWbeK/llVJhAI5NYptMNkzwmXUiE9olz1tAJ4Xls
bAu2fUNTNAL2N58nIj+XTciXoq1lbeBP7o9SkLRCdwWtMZOzCnL8EPLo/ET3Rk9i
tGCtXC0NtmfsiyMrpyL/1cXSN287rSSCnMJV4XEAYrA4z30wt40QTr7BsQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFBmwziFrg0fFmfgWBDaudWq9Gj+ZMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvR2JET0lXdURSOFdaLUJZRU5xNTFhcjBhUDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgAPEAFB
AwYAKguPgAEwDQYJKoZIhvcNAQELBQADggEBAF+W+dj3IqM9oJkK/riYKMUFyHsf
RemsdNOGSqKP6/alop/YM9y6WTQh2kGJJEn5O7Io3RR/wZPIg6aFshfVmGldLEcQ
eT3yRZR7IgP+wyxikn/eJdSnkXpgsKp4iDlmtfiPdZ2SneoyNQ9PrQ1VXgqJhkqP
neXJ0pr+nxAsAaKQcU2SbQ9g/uLvkNnpzHQyh4OThAHj5jZ1Xh8ipe4KmN4hOgPK
CojFIEf59LmoL3YNjCIU5NJNEwgxtBU7hdhd+1kyV49Q+Ch6nO3/wDL6YRWkOuYe
O2gllzGXl8kMeWiudE7Uv2QcSgHle4PQG8AVl3Knw/7zOxHuv1T2OIKsgZU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:49:19 2025 by rpki-client