Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/DBK9l2G1Y1RQ5PjyPxL_4I1OMHc.roa
File: DBK9l2G1Y1RQ5PjyPxL_4I1OMHc.roa (raw, json)
Hash identifier: 3ebqdm6jhi27iGWijCrC+ujaLCSP8YdtxyMrgT6MGh0=
Subject key identifier: 0C:12:BD:97:61:B5:63:54:50:E4:F8:F2:3F:12:FF:E0:8D:4E:30:77
Certificate issuer: /CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Certificate serial: 01942747E2460FB8656ADA993F59FED90804
Authority key identifier: 7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/DBK9l2G1Y1RQ5PjyPxL_4I1OMHc.roa
Signing time: Thu 02 Jan 2025 13:50:09 +0000
ROA not before: Thu 02 Jan 2025 13:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210951
IP address blocks: 2a04:ff00:700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e2:46:0f:b8:65:6a:da:99:3f:59:fe:d9:08:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d04c25c2f8b47e5daf52d1c4c5a50999dd0a0a9
Validity
Not Before: Jan 2 13:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c12bd9761b5635450e4f8f23f12ffe08d4e3077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cf:49:98:d5:28:a4:a6:6a:5c:f4:d6:b9:f2:
12:2c:c0:a5:53:76:99:cc:d8:f3:0d:44:12:84:cc:
2f:0d:ef:c4:27:3d:af:36:53:2d:9d:38:7f:89:42:
49:81:e4:e8:ae:2b:35:26:c4:10:f5:94:3f:47:f6:
75:56:b2:fa:60:2c:e6:ef:0c:73:2a:74:76:e0:6f:
61:c3:1b:8f:95:b0:82:1c:91:c8:81:95:8d:6e:8f:
52:79:a6:49:d8:a4:79:9c:a9:e5:c7:e3:9c:f7:29:
c8:bc:7b:fc:bc:dd:c1:9c:72:c0:e9:08:6f:85:29:
11:94:92:ff:e7:6f:c8:cd:9c:7d:e2:c0:67:30:b0:
8b:9b:20:0e:0b:fe:38:51:50:1a:99:5b:c4:27:4b:
71:35:44:3f:a3:5c:fc:0c:ad:f3:8e:6e:04:2d:4e:
2d:ee:c5:26:4f:ae:01:dd:f6:33:72:71:9c:2b:eb:
06:11:31:3f:52:2d:94:ac:5e:a0:51:2e:57:0f:f1:
9a:52:86:fa:5b:eb:70:ac:61:44:c9:65:50:59:06:
0d:04:05:c0:7b:a9:8f:18:21:0c:d7:ec:f1:74:b0:
66:e0:13:cc:69:0b:5d:9f:54:43:a9:9e:ed:90:16:
e5:e7:65:f2:17:53:9e:5d:f5:c4:6f:0e:a6:65:76:
f6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:12:BD:97:61:B5:63:54:50:E4:F8:F2:3F:12:FF:E0:8D:4E:30:77
X509v3 Authority Key Identifier:
keyid:7D:04:C2:5C:2F:8B:47:E5:DA:F5:2D:1C:4C:5A:50:99:9D:D0:A0:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/DBK9l2G1Y1RQ5PjyPxL_4I1OMHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/971cc4-54d5-4c28-a1c3-e63e94cba09f/1/fQTCXC-LR-Xa9S0cTFpQmZ3QoKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:ff00:700::/40
Signature Algorithm: sha256WithRSAEncryption
13:25:95:27:31:8c:76:fe:d5:07:1e:87:c4:5e:01:e3:a6:bc:
86:ed:2e:5e:3d:a8:24:d1:54:7f:fe:fe:d6:47:d4:6c:1d:50:
3f:1e:ac:39:0a:33:ed:f1:a3:6b:29:a6:10:37:d6:57:45:39:
ab:7d:2a:f1:7b:c7:47:f6:fd:dd:29:3c:82:52:e4:6a:c1:c1:
6b:a1:91:bc:44:31:de:dc:6c:ab:d2:11:dc:bf:34:70:bf:0c:
34:f2:33:e0:3b:7a:59:b2:b4:d3:61:c0:35:09:f2:d6:40:c5:
2f:9b:e1:47:4a:f9:cd:01:1d:60:04:08:0f:f2:e4:68:00:e0:
4a:88:fc:05:fc:99:0d:c9:3e:c3:57:e6:b9:29:8d:3c:4d:0b:
be:e3:b4:13:cf:00:66:12:3e:12:21:a7:07:b2:aa:84:dc:58:
cc:f3:72:9d:c2:38:d3:34:e3:44:92:dc:61:e2:7f:b7:3f:b4:
c9:40:ca:65:31:ab:51:cd:6a:64:d6:5c:5f:f2:c1:54:9b:86:
68:ae:20:9e:e2:41:ab:d8:46:cd:74:2d:8c:5a:1c:3a:1b:ec:
38:64:fa:51:7a:fc:a3:47:b4:10:59:70:2f:e7:f4:e1:0f:29:
0e:d0:c9:66:50:8e:6e:8b:b0:63:dc:09:e7:10:04:66:cb:07:
6f:87:35:1b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQnR+JGD7hlatqZP1n+2QgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDRjMjVjMmY4YjQ3ZTVkYWY1MmQxYzRjNWE1MDk5OWRk
MGEwYTkwHhcNMjUwMTAyMTM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzEyYmQ5NzYxYjU2MzU0NTBlNGY4ZjIzZjEyZmZlMDhkNGUzMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM9JmNUopKZqXPTWufISLMClU3aZ
zNjzDUQShMwvDe/EJz2vNlMtnTh/iUJJgeToris1JsQQ9ZQ/R/Z1VrL6YCzm7wxz
KnR24G9hwxuPlbCCHJHIgZWNbo9SeaZJ2KR5nKnlx+Oc9ynIvHv8vN3BnHLA6Qhv
hSkRlJL/52/IzZx94sBnMLCLmyAOC/44UVAamVvEJ0txNUQ/o1z8DK3zjm4ELU4t
7sUmT64B3fYzcnGcK+sGETE/Ui2UrF6gUS5XD/GaUob6W+twrGFEyWVQWQYNBAXA
e6mPGCEM1+zxdLBm4BPMaQtdn1RDqZ7tkBbl52XyF1OeXfXEbw6mZXb25QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAwSvZdhtWNUUOT48j8S/+CNTjB3MB8GA1UdIwQY
MBaAFH0Ewlwvi0fl2vUtHExaUJmd0KCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMt
ZTYzZTk0Y2JhMDlmLzEvREJLOWwyRzFZMVJRNVBqeVB4TF80STFPTUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC85NzFjYzQtNTRkNS00YzI4LWExYzMtZTYzZTk0Y2JhMDlm
LzEvZlFUQ1hDLUxSLVhhOVMwY1RGcFFtWjNRb0trLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgT/AAcw
DQYJKoZIhvcNAQELBQADggEBABMllScxjHb+1Qceh8ReAeOmvIbtLl49qCTRVH/+
/tZH1GwdUD8erDkKM+3xo2spphA31ldFOat9KvF7x0f2/d0pPIJS5GrBwWuhkbxE
Md7cbKvSEdy/NHC/DDTyM+A7elmytNNhwDUJ8tZAxS+b4UdK+c0BHWAECA/y5GgA
4EqI/AX8mQ3JPsNX5rkpjTxNC77jtBPPAGYSPhIhpweyqoTcWMzzcp3CONM040SS
3GHif7c/tMlAymUxq1HNamTWXF/ywVSbhmiuIJ7iQavYRs10LYxaHDob7Dhk+lF6
/KNHtBBZcC/n9OEPKQ7QyWZQjm6LsGPcCecQBGbLB2+HNRs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:40 2025 by rpki-client