Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9ID8eHI4aLXCiQ0RRq7kIzeDuyM.roa
File: 9ID8eHI4aLXCiQ0RRq7kIzeDuyM.roa (raw, json)
Hash identifier: oiazI3X2HPaa2kO29mwCmS25ghWGH6Nc33H9KdkqyDQ=
Subject key identifier: F4:80:FC:78:72:38:68:B5:C2:89:0D:11:46:AE:E4:23:37:83:BB:23
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 018CC7944F68724B205F97F043ED33E77259
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9ID8eHI4aLXCiQ0RRq7kIzeDuyM.roa
Signing time: Tue 02 Jan 2024 00:30:34 +0000
ROA not before: Tue 02 Jan 2024 00:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 2a07:6d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:4f:68:72:4b:20:5f:97:f0:43:ed:33:e7:72:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Jan 2 00:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f480fc78723868b5c2890d1146aee4233783bb23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6d:cc:dc:52:08:9f:c1:7c:20:06:db:0e:9c:
cb:17:d5:71:7e:0e:f0:f9:95:13:dd:b0:eb:f8:4c:
70:ba:97:fd:e5:63:fe:af:d0:b8:63:0f:37:44:d1:
df:5f:98:f7:b1:ff:84:1e:08:cf:a9:a1:20:24:4f:
00:2a:53:7c:8f:a3:6c:b6:b6:f0:68:96:1b:52:86:
a6:d7:2e:b5:29:aa:3b:75:30:65:5f:82:4e:98:85:
65:42:0a:2c:83:d8:fe:93:90:33:54:09:e7:80:ce:
1f:74:74:a3:e0:d2:f5:d0:55:81:89:2a:5f:71:01:
a0:ec:ae:27:a2:36:a1:48:ab:2e:86:af:9f:00:a0:
b2:80:69:53:6b:a5:18:4e:3a:3e:0b:6f:cf:ba:fa:
b9:39:87:7a:6a:64:39:7f:67:ad:46:60:0f:06:5a:
b7:b1:aa:61:90:b8:d4:0b:c7:cc:8d:27:3e:f2:3f:
01:d1:76:68:85:77:ea:43:d2:1b:33:c5:50:1e:61:
97:e6:45:e6:19:5c:8d:b3:27:c9:12:2d:a6:2b:43:
ae:dc:ea:f3:a8:20:50:15:f3:40:0f:51:0b:e1:32:
89:15:27:65:44:8e:57:de:ad:e2:ff:66:5a:f4:04:
12:24:0b:34:16:6d:20:1a:dd:b5:21:9a:46:d0:b1:
fa:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:80:FC:78:72:38:68:B5:C2:89:0D:11:46:AE:E4:23:37:83:BB:23
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/9ID8eHI4aLXCiQ0RRq7kIzeDuyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:6d00::/29
Signature Algorithm: sha256WithRSAEncryption
94:43:6d:c2:78:9f:4e:6b:7f:88:95:54:1f:55:04:66:98:56:
29:22:4e:9f:e5:92:65:db:39:3a:c2:b8:76:eb:f3:80:a4:64:
7d:7f:3f:bb:a0:1c:1f:9b:17:48:4a:59:a8:4a:f9:6c:ac:d9:
a0:fc:6e:4a:06:da:50:c3:8e:00:87:65:1f:89:af:34:c7:30:
cb:28:a8:84:9c:b4:59:54:94:4d:24:57:1e:26:e0:21:40:80:
91:eb:3a:6f:e8:05:1f:dc:9e:45:a1:ed:27:79:8a:17:18:84:
87:7e:77:fb:7e:5a:29:38:22:6e:b9:6d:40:01:f3:df:de:0c:
e4:dd:6a:7d:2a:31:2e:a0:d7:bd:78:42:3a:f6:76:91:77:ca:
75:0b:13:2e:6a:3d:cb:b6:5a:fd:d4:a8:ae:be:30:a9:25:a0:
23:dc:88:b9:82:bf:e2:3e:a7:b1:1a:65:23:0b:d1:ed:e5:78:
06:22:26:a5:a9:39:cf:ad:78:05:b3:67:8c:ce:71:76:9a:f1:
c6:fc:8a:3d:ee:d4:4d:25:de:af:86:c4:25:51:c3:b2:38:2b:
b7:64:b2:55:ba:f1:b3:52:06:12:67:55:3f:c4:ba:ff:9d:b3:
cc:09:93:d3:b0:b5:fc:e3:c8:7d:2e:f8:a7:f1:dd:29:9a:73:
0e:88:60:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHlE9ocksgX5fwQ+0z53JZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjQwMTAyMDAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDgwZmM3ODcyMzg2OGI1YzI4OTBkMTE0NmFlZTQyMzM3ODNiYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m3M3FIIn8F8IAbbDpzLF9Vxfg7w
+ZUT3bDr+Exwupf95WP+r9C4Yw83RNHfX5j3sf+EHgjPqaEgJE8AKlN8j6Nstrbw
aJYbUoam1y61Kao7dTBlX4JOmIVlQgosg9j+k5AzVAnngM4fdHSj4NL10FWBiSpf
cQGg7K4nojahSKsuhq+fAKCygGlTa6UYTjo+C2/Puvq5OYd6amQ5f2etRmAPBlq3
saphkLjUC8fMjSc+8j8B0XZohXfqQ9IbM8VQHmGX5kXmGVyNsyfJEi2mK0Ou3Orz
qCBQFfNAD1EL4TKJFSdlRI5X3q3i/2Za9AQSJAs0Fm0gGt21IZpG0LH6XQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPSA/HhyOGi1wokNEUau5CM3g7sjMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEvOUlEOGVISTRhTFhDaVEwUlJxN2tJemVEdXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdtADAN
BgkqhkiG9w0BAQsFAAOCAQEAlENtwnifTmt/iJVUH1UEZphWKSJOn+WSZds5OsK4
duvzgKRkfX8/u6AcH5sXSEpZqEr5bKzZoPxuSgbaUMOOAIdlH4mvNMcwyyiohJy0
WVSUTSRXHibgIUCAkes6b+gFH9yeRaHtJ3mKFxiEh353+35aKTgibrltQAHz394M
5N1qfSoxLqDXvXhCOvZ2kXfKdQsTLmo9y7Za/dSorr4wqSWgI9yIuYK/4j6nsRpl
IwvR7eV4BiImpak5z614BbNnjM5xdprxxvyKPe7UTSXer4bEJVHDsjgrt2SyVbrx
s1IGEmdVP8S6/52zzAmT07C1/OPIfS74p/HdKZpzDohg+g==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:53 2025 by rpki-client