Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1-dnVXqS0FV8HzyIoGrizT3wLrKA.roa
File: 1-dnVXqS0FV8HzyIoGrizT3wLrKA.roa (raw, json)
Hash identifier: 9IcMg+dFMsIYTugOUKChjDa4y0wFm4OS3HHCaegH0hI=
Subject key identifier: F9:D9:D5:5E:A4:B4:15:5F:07:CF:22:28:1A:B8:B3:4F:7C:0B:AC:A0
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019424453920A434D00286E71C1078A1B2A8
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1-dnVXqS0FV8HzyIoGrizT3wLrKA.roa
Signing time: Wed 01 Jan 2025 23:48:23 +0000
ROA not before: Wed 01 Jan 2025 23:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a0e:7300::/29 maxlen: 29
2a12:6100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:39:20:a4:34:d0:02:86:e7:1c:10:78:a1:b2:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jan 1 23:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9d9d55ea4b4155f07cf22281ab8b34f7c0baca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:73:b1:b1:eb:df:a6:ef:54:75:1c:0e:94:2b:
78:7c:cd:a4:ec:e5:57:63:22:88:e0:22:7a:3b:ea:
7e:bf:0b:0b:c1:30:45:ea:63:ae:ad:bc:3c:02:f9:
dd:10:cd:aa:61:df:9e:cf:e3:f7:2e:e9:de:86:fa:
6f:ff:85:a2:e6:6d:ce:35:3c:fd:e1:75:1b:f0:e7:
78:45:22:27:56:60:9b:81:52:61:80:4f:4e:e5:e0:
c0:59:f6:b1:40:19:4d:6c:28:eb:f8:d1:e9:53:e6:
bc:3a:3b:e8:72:0c:2a:5e:6a:e1:c7:88:ec:97:91:
ae:7e:d8:0e:15:b5:2c:5b:47:e7:a0:82:e2:3c:e8:
85:95:66:3a:b9:98:bd:db:80:a0:7f:51:71:73:07:
04:11:bc:7b:21:7f:a6:2e:bf:9e:d1:e6:ce:08:c7:
6e:08:75:22:d0:5a:1f:a8:f7:b3:6c:d5:8b:65:d6:
16:22:c5:1a:3b:6c:27:3b:91:8f:d4:5b:d9:4a:8e:
2a:fc:2d:ef:4c:c5:ef:ed:26:df:1f:d8:a1:7b:9e:
03:5e:d9:9e:d0:6d:2b:9a:f2:39:9d:c0:b4:2c:85:
da:1c:d7:e5:84:39:8c:c4:08:f8:ec:14:40:e4:66:
4a:4f:b1:a0:7d:d0:ca:48:98:a8:5b:85:ef:5e:55:
19:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D9:D5:5E:A4:B4:15:5F:07:CF:22:28:1A:B8:B3:4F:7C:0B:AC:A0
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/1-dnVXqS0FV8HzyIoGrizT3wLrKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:7300::/29
2a12:6100::/29
Signature Algorithm: sha256WithRSAEncryption
90:5f:2f:b6:4e:81:ea:ee:7e:fc:1b:5e:7d:f7:c9:f9:57:6f:
5e:d7:fa:1d:d0:3f:65:ee:18:26:8e:fb:12:9a:54:93:78:ec:
f0:c2:a0:b2:2f:2b:b3:2e:e5:a8:47:da:24:4b:ee:bd:bc:b0:
4d:07:ad:66:9e:c0:6b:ed:53:1b:e8:35:38:7f:fc:ac:2f:07:
3f:57:9f:21:47:c5:12:f3:3e:ef:18:f2:cc:13:f2:f0:a1:0f:
29:2c:bc:ef:4e:34:97:24:c1:04:95:09:88:2b:74:64:75:65:
80:9d:8b:66:0a:31:83:71:36:52:5c:4c:c1:28:dc:35:71:e2:
bd:30:17:de:9f:3a:d8:df:e4:88:3a:50:95:f1:6f:28:a8:9b:
a5:97:f7:8a:c0:6f:67:11:12:94:50:27:0e:27:00:c8:d0:4d:
e7:ae:7b:26:cd:a7:cc:91:04:dc:e8:8b:19:a9:0f:4f:77:09:
58:07:29:72:01:86:5a:71:7e:e6:83:69:8f:bf:3f:83:a3:0c:
90:61:7d:4f:c1:c2:11:a0:28:d7:05:f9:6e:58:af:14:fc:be:
ac:c2:2d:bf:a7:27:06:f7:16:b3:ce:da:e0:20:22:3d:0c:4e:
3b:b5:3a:a1:da:6a:a7:66:aa:f9:be:1b:71:79:45:f1:2c:25:
d6:aa:35:3a
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZQkRTkgpDTQAobnHBB4obKoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMTAxMjM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ5ZDU1ZWE0YjQxNTVmMDdjZjIyMjgxYWI4YjM0ZjdjMGJhY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHOxsevfpu9UdRwOlCt4fM2k7OVX
YyKI4CJ6O+p+vwsLwTBF6mOurbw8AvndEM2qYd+ez+P3Lunehvpv/4Wi5m3ONTz9
4XUb8Od4RSInVmCbgVJhgE9O5eDAWfaxQBlNbCjr+NHpU+a8OjvocgwqXmrhx4js
l5GuftgOFbUsW0fnoILiPOiFlWY6uZi924Cgf1FxcwcEEbx7IX+mLr+e0ebOCMdu
CHUi0FofqPezbNWLZdYWIsUaO2wnO5GP1FvZSo4q/C3vTMXv7SbfH9ihe54DXtme
0G0rmvI5ncC0LIXaHNflhDmMxAj47BRA5GZKT7GgfdDKSJioW4XvXlUZ7QIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPnZ1V6ktBVfB88iKBq4s098C6ygMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMS1kblZYcVMwRlY4SHp5SW9Hcml6VDN3THJLQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzYvYTViZmI2LTZhMTAtNGZiYy1hZjQ4LThiZmJkZDQ1Y2I2
Mi8xLzEydTBqcFBvb0FXTVhIS29Hb2VaUlZNSDdsWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoOcwAD
BQMqEmEAMA0GCSqGSIb3DQEBCwUAA4IBAQCQXy+2ToHq7n78G15998n5V29e1/od
0D9l7hgmjvsSmlSTeOzwwqCyLyuzLuWoR9okS+69vLBNB61mnsBr7VMb6DU4f/ys
Lwc/V58hR8US8z7vGPLME/LwoQ8pLLzvTjSXJMEElQmIK3RkdWWAnYtmCjGDcTZS
XEzBKNw1ceK9MBfenzrY3+SIOlCV8W8oqJull/eKwG9nERKUUCcOJwDI0E3nrnsm
zafMkQTc6IsZqQ9PdwlYBylyAYZacX7mg2mPvz+DowyQYX1PwcIRoCjXBfluWK8U
/L6swi2/pycG9xazztrgICI9DE47tTqh2mqnZqr5vhtxeUXxLCXWqjU6
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:36:41 2025 by rpki-client