Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/FoHa0gDrvf35AfNrON8A-JO02M0.roa
File: FoHa0gDrvf35AfNrON8A-JO02M0.roa (raw, json)
Hash identifier: FTrXvQLnaao/6D1H+Buxkkz/wFI8zPX1iUOzyNdkuSM=
Subject key identifier: 16:81:DA:D2:00:EB:BD:FD:F9:01:F3:6B:38:DF:00:F8:93:B4:D8:CD
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 01942827D7ADD622949E457359813D6D0C96
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/FoHa0gDrvf35AfNrON8A-JO02M0.roa
Signing time: Thu 02 Jan 2025 17:54:47 +0000
ROA not before: Thu 02 Jan 2025 17:54:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215633
IP address blocks: 2a09:2b80:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:d7:ad:d6:22:94:9e:45:73:59:81:3d:6d:0c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Jan 2 17:54:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1681dad200ebbdfdf901f36b38df00f893b4d8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:60:f1:03:52:90:48:46:f0:69:d9:9e:e9:51:
8c:d9:3b:de:9f:a8:fd:4c:3e:11:d0:f8:66:45:07:
2a:c9:81:17:af:cd:ec:a9:f9:a2:16:55:92:81:91:
e6:5f:bb:7b:1e:fc:fb:99:aa:f5:7b:91:9d:d1:7a:
54:6e:30:18:71:48:21:d4:5b:91:c1:5b:24:6a:03:
9a:59:bf:53:b6:f7:8d:cc:36:f0:b4:32:55:36:c5:
4b:8a:a1:2a:a5:58:bc:ad:32:ac:ce:d1:ba:2b:0f:
c9:3f:03:5a:b6:d2:15:96:f4:ad:3b:e8:57:b3:d1:
8f:5c:f2:69:66:56:d6:9d:67:e3:82:8f:13:a4:79:
4e:2b:56:c2:2a:11:60:14:2d:af:c1:d3:fd:4b:19:
56:56:61:58:7e:bb:59:59:83:14:64:97:1d:1d:4d:
1e:77:57:34:2d:ee:b6:60:db:6d:44:19:18:01:35:
2c:77:ef:3f:94:b3:ff:a4:af:0e:06:a4:8c:64:75:
f1:ae:76:f4:d6:7d:4a:84:45:37:3f:33:84:56:7c:
42:c5:1b:55:c6:39:d8:9d:d6:1c:ac:c6:73:f9:2b:
5f:a7:24:7a:66:d8:93:9a:fa:ac:c2:df:67:d7:4e:
8c:50:5c:5f:98:29:66:6b:7a:47:c2:94:20:a4:f8:
01:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:81:DA:D2:00:EB:BD:FD:F9:01:F3:6B:38:DF:00:F8:93:B4:D8:CD
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/FoHa0gDrvf35AfNrON8A-JO02M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:1::/48
Signature Algorithm: sha256WithRSAEncryption
17:45:fc:17:4b:77:2b:aa:5c:dd:3d:f0:41:06:11:de:26:0f:
a9:61:25:c7:89:bf:8f:62:b0:9b:47:ac:d0:75:d7:07:fb:95:
17:65:54:07:68:14:03:87:69:0b:79:09:c7:35:fa:c3:1f:df:
dc:9d:75:b2:07:6b:46:0a:c2:c2:ba:be:eb:b7:8c:a4:a3:be:
46:fa:cb:a7:3a:53:dc:d5:de:cc:2a:6b:1d:d0:df:c3:51:83:
60:76:24:b5:d3:51:69:29:ab:5a:f7:62:30:4f:b4:1e:45:ac:
b7:5d:92:ed:3d:11:50:ec:df:f6:8a:28:f0:87:9f:11:65:68:
bb:4b:18:a6:00:04:4e:df:2c:10:50:80:7c:d0:1e:6a:bf:fa:
19:40:e5:ae:4e:67:30:60:10:13:f0:6f:d7:91:5f:2f:66:9b:
54:60:11:45:0a:73:61:3e:f3:5c:d7:bd:91:0f:f9:29:f1:bc:
b5:7a:3c:66:40:31:35:dd:d6:a3:a1:ce:b2:9f:bb:6b:04:92:
4e:16:dd:c5:e6:1b:2c:d9:6f:59:20:ed:cb:d8:5f:03:f1:d9:
0c:ce:c2:52:78:7e:91:71:a8:05:e8:2d:cd:76:28:c9:4c:a5:
1d:41:9c:ae:df:d7:a5:c8:0c:42:75:d7:dd:0f:a7:80:15:05:
36:d7:75:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJ9et1iKUnkVzWYE9bQyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjUwMTAyMTc1NDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjgxZGFkMjAwZWJiZGZkZjkwMWYzNmIzOGRmMDBmODkzYjRkOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GDxA1KQSEbwadme6VGM2Tven6j9
TD4R0PhmRQcqyYEXr83sqfmiFlWSgZHmX7t7Hvz7mar1e5Gd0XpUbjAYcUgh1FuR
wVskagOaWb9TtveNzDbwtDJVNsVLiqEqpVi8rTKsztG6Kw/JPwNattIVlvStO+hX
s9GPXPJpZlbWnWfjgo8TpHlOK1bCKhFgFC2vwdP9SxlWVmFYfrtZWYMUZJcdHU0e
d1c0Le62YNttRBkYATUsd+8/lLP/pK8OBqSMZHXxrnb01n1KhEU3PzOEVnxCxRtV
xjnYndYcrMZz+StfpyR6ZtiTmvqswt9n106MUFxfmClma3pHwpQgpPgBfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBaB2tIA6739+QHzazjfAPiTtNjNMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvRm9IYTBnRHJ2ZjM1QWZOck9OOEEtSk8wMk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAXRfwXS3crqlzdPfBBBhHeJg+pYSXHib+PYrCb
R6zQddcH+5UXZVQHaBQDh2kLeQnHNfrDH9/cnXWyB2tGCsLCur7rt4yko75G+sun
OlPc1d7MKmsd0N/DUYNgdiS101FpKata92IwT7QeRay3XZLtPRFQ7N/2iijwh58R
ZWi7SximAARO3ywQUIB80B5qv/oZQOWuTmcwYBAT8G/XkV8vZptUYBFFCnNhPvNc
172RD/kp8by1ejxmQDE13dajoc6yn7trBJJOFt3F5hss2W9ZIO3L2F8D8dkMzsJS
eH6RcagF6C3NdijJTKUdQZyu39elyAxCddfdD6eAFQU213Vn
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:02:18 2025 by rpki-client