Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/DeGtb7yujTyTVa3OH4DyZgT0oXs.roa
File: DeGtb7yujTyTVa3OH4DyZgT0oXs.roa (raw, json)
Hash identifier: nw8jgAJXgkkRIoQf1v0bYUYfpASn5VshZprEj2zsrkk=
Subject key identifier: 0D:E1:AD:6F:BC:AE:8D:3C:93:55:AD:CE:1F:80:F2:66:04:F4:A1:7B
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 01958C4BC149FF0DEB9A59878795CB9F238D
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/DeGtb7yujTyTVa3OH4DyZgT0oXs.roa
Signing time: Wed 12 Mar 2025 21:38:49 +0000
ROA not before: Wed 12 Mar 2025 21:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21170
IP address blocks: 2a09:2b80:15::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8c:4b:c1:49:ff:0d:eb:9a:59:87:87:95:cb:9f:23:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Mar 12 21:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0de1ad6fbcae8d3c9355adce1f80f26604f4a17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:15:36:9e:12:79:c2:85:db:91:63:74:2c:2b:
fc:2d:07:d9:66:a8:ee:ef:25:f6:62:4c:42:34:be:
a1:b4:9c:c6:52:53:ce:38:47:c9:fb:e5:cb:5a:af:
d9:e0:7f:97:fc:b7:c5:60:9e:e7:87:45:39:ad:e2:
b4:a2:93:bb:31:b9:cd:fc:6b:9d:f4:fb:5a:20:76:
0a:1e:8c:24:4a:71:94:6c:14:6d:26:52:47:d8:47:
8e:55:c3:ec:29:04:a6:49:4b:8f:92:f8:5f:be:5f:
50:1c:cf:3c:d5:c1:c8:6e:3f:c4:8c:fe:05:6f:38:
1a:9b:06:18:70:3c:2a:d2:4a:99:79:d0:eb:c4:e9:
cd:12:51:91:29:cf:3e:eb:fc:1b:4d:d1:19:aa:25:
5c:da:99:d0:c0:1c:c5:d9:69:d7:9e:36:7f:6c:4d:
8f:d6:86:ee:f9:15:d2:dd:1b:0d:36:9a:03:21:22:
86:d6:02:89:8a:5d:05:7f:28:60:69:fa:f6:e0:5e:
34:d1:f9:d1:e3:b5:98:1d:1b:35:33:7a:95:0a:31:
cf:73:83:da:6f:7e:82:ab:9d:67:a5:8f:6e:68:e1:
78:c9:a5:6d:fb:19:a8:fd:b8:44:5e:ff:7f:ea:09:
e8:1c:d1:8d:ea:d9:5e:56:39:9a:25:36:dc:2b:2d:
41:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E1:AD:6F:BC:AE:8D:3C:93:55:AD:CE:1F:80:F2:66:04:F4:A1:7B
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/DeGtb7yujTyTVa3OH4DyZgT0oXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:15::/48
Signature Algorithm: sha256WithRSAEncryption
9a:dd:77:bd:0a:6a:5e:b1:2a:bd:5c:d7:b0:b5:a2:bc:44:4f:
6d:3b:7f:3b:3d:29:59:fc:77:86:90:e2:31:1e:44:87:54:bd:
3f:ec:ab:8e:14:4e:94:76:ef:f7:fa:11:ce:84:c5:1c:96:5f:
03:f6:32:ab:c3:15:99:e8:34:f9:35:a2:7b:27:fc:41:70:e5:
b6:be:83:15:33:7e:63:6c:92:8a:22:1c:b1:43:90:6d:03:a6:
bf:35:59:3d:27:aa:87:26:63:6f:13:ff:be:f9:78:7a:9c:5e:
ae:76:72:c4:2b:2c:83:12:e1:31:2a:39:ce:84:7e:e9:c1:52:
c3:dd:7d:7f:c6:17:87:2f:d4:ad:95:92:08:c4:d9:bf:d7:3f:
5f:b1:21:90:54:d3:cd:c4:b7:87:ea:40:a0:d7:25:02:c5:37:
6e:52:04:3d:5a:61:9d:19:fb:40:f7:8a:e0:a6:fe:e5:5e:05:
6c:1e:dc:06:33:54:1a:84:5c:f8:43:04:a9:8b:41:e7:a4:cc:
95:e1:ac:6b:be:a8:64:6f:17:f2:cc:85:4b:6f:5c:95:dc:9c:
f3:25:1d:5a:c4:dc:67:98:08:9f:41:56:e8:db:30:36:9f:88:
19:f0:24:b8:3b:78:2f:1f:e6:02:7c:e8:e9:ba:99:b7:df:5d:
67:e1:24:73
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZWMS8FJ/w3rmlmHh5XLnyONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjUwMzEyMjEzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGUxYWQ2ZmJjYWU4ZDNjOTM1NWFkY2UxZjgwZjI2NjA0ZjRhMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRU2nhJ5woXbkWN0LCv8LQfZZqju
7yX2YkxCNL6htJzGUlPOOEfJ++XLWq/Z4H+X/LfFYJ7nh0U5reK0opO7MbnN/Gud
9PtaIHYKHowkSnGUbBRtJlJH2EeOVcPsKQSmSUuPkvhfvl9QHM881cHIbj/EjP4F
bzgamwYYcDwq0kqZedDrxOnNElGRKc8+6/wbTdEZqiVc2pnQwBzF2WnXnjZ/bE2P
1obu+RXS3RsNNpoDISKG1gKJil0Ffyhgafr24F400fnR47WYHRs1M3qVCjHPc4Pa
b36Cq51npY9uaOF4yaVt+xmo/bhEXv9/6gnoHNGN6tleVjmaJTbcKy1BqwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA3hrW+8ro08k1Wtzh+A8mYE9KF7MB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvRGVHdGI3eXVqVHlUVmEzT0g0RHlaZ1Qwb1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAV
MA0GCSqGSIb3DQEBCwUAA4IBAQCa3Xe9CmpesSq9XNewtaK8RE9tO387PSlZ/HeG
kOIxHkSHVL0/7KuOFE6Udu/3+hHOhMUcll8D9jKrwxWZ6DT5NaJ7J/xBcOW2voMV
M35jbJKKIhyxQ5BtA6a/NVk9J6qHJmNvE/+++Xh6nF6udnLEKyyDEuExKjnOhH7p
wVLD3X1/xheHL9StlZIIxNm/1z9fsSGQVNPNxLeH6kCg1yUCxTduUgQ9WmGdGftA
94rgpv7lXgVsHtwGM1QahFz4QwSpi0HnpMyV4axrvqhkbxfyzIVLb1yV3JzzJR1a
xNxnmAifQVbo2zA2n4gZ8CS4O3gvH+YCfOjpupm3311n4SRz
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:59:54 2025 by rpki-client