Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/vdtqfeEbjUpZAg2Jtlgrc2loYtg.roa
File: vdtqfeEbjUpZAg2Jtlgrc2loYtg.roa (raw, json)
Hash identifier: AKnctULR3GIaYPfpoA+5NwxwkDObOKTRcPclLlrEh5k=
Subject key identifier: BD:DB:6A:7D:E1:1B:8D:4A:59:02:0D:89:B6:58:2B:73:69:68:62:D8
Certificate issuer: /CN=65a665b90069bd71850602e7400c529793269e39
Certificate serial: 0194606A5FAAA2CBF3D69DADB2D65808434E
Authority key identifier: 65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/vdtqfeEbjUpZAg2Jtlgrc2loYtg.roa
Signing time: Mon 13 Jan 2025 16:06:11 +0000
ROA not before: Mon 13 Jan 2025 16:06:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80:2::/48 maxlen: 48
2a09:2b80:3::/48 maxlen: 48
2a09:2b80:4::/48 maxlen: 48
2a09:2b80:5::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:6a:5f:aa:a2:cb:f3:d6:9d:ad:b2:d6:58:08:43:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65a665b90069bd71850602e7400c529793269e39
Validity
Not Before: Jan 13 16:06:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bddb6a7de11b8d4a59020d89b6582b73696862d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9b:26:af:4f:ac:f1:4f:d0:e1:98:cc:61:b7:
9b:7c:ff:0e:de:5c:2f:5e:a5:4d:ab:64:fc:6a:b7:
2d:89:00:dd:12:33:34:e2:b1:ca:fa:c7:7f:72:b2:
ee:64:b3:bc:25:2d:0c:65:89:df:da:ac:0d:9b:f0:
12:8e:2b:50:52:21:76:d2:71:08:20:cb:14:0d:0c:
95:f3:23:d1:c0:1d:93:6f:ae:bc:c3:ee:59:ed:6f:
a3:8e:5d:30:f4:34:13:a8:f8:79:56:94:a9:d4:bf:
c1:97:d9:24:69:80:40:d5:34:a1:47:a3:c2:e9:9b:
b9:48:36:55:29:11:72:95:18:c9:8a:73:60:6d:63:
f1:ad:90:ae:19:8e:6e:55:9a:a2:20:e2:aa:7f:63:
eb:4a:51:05:72:e8:73:e5:e9:f3:91:50:92:37:be:
7c:d4:ac:b3:b2:b7:4b:62:73:01:d1:f2:19:8c:4f:
e7:40:40:bb:a2:97:c2:55:b1:d9:13:8c:53:f7:45:
e9:95:df:60:44:1f:5c:a7:d8:ad:5c:87:aa:30:27:
15:e2:d2:dc:27:8e:22:ff:e2:94:89:81:20:8c:a1:
e3:5d:ba:f5:ba:1e:64:72:d1:bd:88:1a:e5:ee:0a:
80:8b:33:a7:bf:97:d2:43:47:4d:98:d6:a8:74:eb:
16:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:DB:6A:7D:E1:1B:8D:4A:59:02:0D:89:B6:58:2B:73:69:68:62:D8
X509v3 Authority Key Identifier:
keyid:65:A6:65:B9:00:69:BD:71:85:06:02:E7:40:0C:52:97:93:26:9E:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/vdtqfeEbjUpZAg2Jtlgrc2loYtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/e6d880-3903-4a11-ba27-c9457ec81151/1/ZaZluQBpvXGFBgLnQAxSl5Mmnjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80:2::-2a09:2b80:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:f0:c2:74:25:7e:69:04:85:18:48:87:c2:ac:bb:d4:b8:52:
e2:6b:28:94:92:b3:e3:fc:d6:95:b4:cb:9d:7c:15:72:21:ab:
1f:5c:10:4c:f3:b3:10:d0:0b:25:e8:02:ca:2d:24:69:21:f7:
b2:57:c3:00:96:ed:81:32:2b:fa:36:10:aa:38:fe:b2:d8:66:
f7:ec:61:0e:e1:b3:8c:a1:a5:a5:21:dc:24:f4:0b:4d:a2:c2:
b4:c6:35:69:09:58:82:7a:11:82:c6:e2:66:71:26:1a:5f:7a:
15:de:09:0f:30:a9:2d:9c:99:40:23:4f:9b:7f:a8:de:9b:29:
42:b5:1d:f5:fe:59:4c:7e:12:28:93:72:29:07:2f:93:18:c1:
72:63:25:91:7c:d6:bc:48:33:a9:f1:14:2a:20:4f:ef:a3:a0:
87:bf:cf:d8:e1:1b:ac:06:fc:2f:9c:d1:2e:ea:c4:c9:cd:d9:
27:34:87:45:5e:a3:5a:bd:c6:86:f2:e7:9a:1f:80:21:db:a1:
a3:ac:e2:e8:9d:d0:e6:09:57:a0:b2:e6:17:42:56:f3:d6:e1:
b9:f8:1e:8d:32:cc:08:22:6e:98:80:c7:23:c9:67:98:38:be:
68:6a:b6:4f:87:38:ed:ac:89:bf:3c:40:b0:7a:49:b4:9b:63:
79:ab:94:27
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZRgal+qosvz1p2tstZYCENOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YTY2NWI5MDA2OWJkNzE4NTA2MDJlNzQwMGM1Mjk3OTMy
NjllMzkwHhcNMjUwMTEzMTYwNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGRiNmE3ZGUxMWI4ZDRhNTkwMjBkODliNjU4MmI3MzY5Njg2MmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJsmr0+s8U/Q4ZjMYbebfP8O3lwv
XqVNq2T8arctiQDdEjM04rHK+sd/crLuZLO8JS0MZYnf2qwNm/ASjitQUiF20nEI
IMsUDQyV8yPRwB2Tb668w+5Z7W+jjl0w9DQTqPh5VpSp1L/Bl9kkaYBA1TShR6PC
6Zu5SDZVKRFylRjJinNgbWPxrZCuGY5uVZqiIOKqf2PrSlEFcuhz5enzkVCSN758
1KyzsrdLYnMB0fIZjE/nQEC7opfCVbHZE4xT90Xpld9gRB9cp9itXIeqMCcV4tLc
J44i/+KUiYEgjKHjXbr1uh5kctG9iBrl7gqAizOnv5fSQ0dNmNaodOsWswIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFL3ban3hG41KWQINibZYK3NpaGLYMB8GA1UdIwQY
MBaAFGWmZbkAab1xhQYC50AMUpeTJp45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjct
Yzk0NTdlYzgxMTUxLzEvdmR0cWZlRWJqVXBaQWcySnRsZ3JjMmxvWXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lNmQ4ODAtMzkwMy00YTExLWJhMjctYzk0NTdlYzgxMTUx
LzEvWmFabHVRQnB2WEdGQmdMblFBeFNsNU1tbmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwEqCSuA
AAIDBwEqCSuAAAQwDQYJKoZIhvcNAQELBQADggEBAAHwwnQlfmkEhRhIh8Ksu9S4
UuJrKJSSs+P81pW0y518FXIhqx9cEEzzsxDQCyXoAsotJGkh97JXwwCW7YEyK/o2
EKo4/rLYZvfsYQ7hs4yhpaUh3CT0C02iwrTGNWkJWIJ6EYLG4mZxJhpfehXeCQ8w
qS2cmUAjT5t/qN6bKUK1HfX+WUx+EiiTcikHL5MYwXJjJZF81rxIM6nxFCogT++j
oIe/z9jhG6wG/C+c0S7qxMnN2Sc0h0Veo1q9xoby55ofgCHboaOs4uid0OYJV6Cy
5hdCVvPW4bn4Ho0yzAgibpiAxyPJZ5g4vmhqtk+HOO2sib88QLB6SbSbY3mrlCc=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:58:04 2025 by rpki-client