Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1--eafx9NP-kEA5ohaXUtt-Yk1Ck.roa
File: 1--eafx9NP-kEA5ohaXUtt-Yk1Ck.roa (raw, json)
Hash identifier: yPvV8tZDeTzipS9nbm/myDY2hHI1uGeW+fkO/Ib9714=
Subject key identifier: FB:E7:9A:7F:1F:4D:3F:E9:04:03:9A:21:69:75:2D:B7:E6:24:D4:29
Certificate issuer: /CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Certificate serial: 01945F76D7797F547F9ED34038D18862CF47
Authority key identifier: CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1--eafx9NP-kEA5ohaXUtt-Yk1Ck.roa
Signing time: Mon 13 Jan 2025 11:40:11 +0000
ROA not before: Mon 13 Jan 2025 11:40:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213816
IP address blocks: 2a09:2986::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5f:76:d7:79:7f:54:7f:9e:d3:40:38:d1:88:62:cf:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd76159bfd9e337523ee930f3df111d6bae7306
Validity
Not Before: Jan 13 11:40:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbe79a7f1f4d3fe904039a2169752db7e624d429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a7:63:0b:92:3a:ff:f0:db:60:ee:83:50:db:
02:17:7c:ab:82:01:21:3e:59:8c:2c:e8:8f:f2:ed:
09:e0:7b:6c:19:80:5e:39:8c:5d:51:b0:00:ca:3e:
2d:46:c5:70:74:75:83:6c:fb:be:11:2a:36:c7:06:
16:ab:5a:62:fe:b0:3a:25:e1:37:ba:ce:71:29:1c:
cc:c5:61:b1:9e:23:b2:74:c2:49:11:7b:3b:c4:df:
b0:b5:e7:32:b5:f2:6e:34:4d:a8:2d:eb:d4:4c:51:
47:0f:97:43:56:f4:e2:49:5c:12:7a:af:28:f1:d6:
46:ce:da:36:95:34:31:0e:b1:fb:4a:19:46:68:88:
a8:f2:42:6e:4d:17:94:63:0f:54:fa:a5:09:5f:c7:
a4:ef:e3:d7:73:ee:fb:64:65:7c:f6:56:37:d6:c0:
3e:e0:ff:fa:b7:18:31:57:7c:54:e1:c8:30:92:96:
51:bb:71:2e:ae:61:2d:53:46:c9:ff:9b:ed:b4:17:
de:5f:c7:d8:0a:d2:05:df:65:4e:3c:50:6f:42:2a:
4c:97:c3:06:7f:07:fd:d8:e2:2e:68:c2:c4:27:26:
2f:63:8e:f4:01:9a:2b:2e:05:63:20:05:fb:d9:a1:
6d:2f:53:97:7d:83:c2:55:57:18:61:07:7b:12:d9:
0b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E7:9A:7F:1F:4D:3F:E9:04:03:9A:21:69:75:2D:B7:E6:24:D4:29
X509v3 Authority Key Identifier:
keyid:CC:D7:61:59:BF:D9:E3:37:52:3E:E9:30:F3:DF:11:1D:6B:AE:73:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNdhWb_Z4zdSPukw898RHWuucwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/1--eafx9NP-kEA5ohaXUtt-Yk1Ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/f6ada1-7e8a-4b3e-b7e8-f8589f682691/1/zNdhWb_Z4zdSPukw898RHWuucwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2986::/32
Signature Algorithm: sha256WithRSAEncryption
1a:2a:9d:50:53:5a:f2:c1:d5:94:2e:89:ad:78:02:e0:4f:cd:
22:cf:32:b1:bc:db:45:41:0e:ac:0f:15:11:50:ac:08:4f:39:
49:7b:28:58:7c:dc:1c:32:f2:cb:82:8b:5c:4c:a9:22:eb:4f:
bf:d6:0b:b0:fd:4f:0b:e7:20:34:81:01:a3:ed:41:8b:86:86:
bf:c4:be:00:31:02:23:12:77:96:db:58:9b:fa:0a:f6:c7:c7:
fe:b8:8c:39:bc:57:0b:8a:29:b7:5f:cb:ac:c5:05:f0:c9:f3:
42:0e:57:6c:f9:aa:d1:3d:2b:86:8e:6a:e0:fa:98:aa:a2:bc:
1f:48:94:f8:9f:26:1c:c2:d5:dd:de:17:24:12:fe:64:f0:b7:
40:2b:05:5b:97:1b:e9:d0:27:69:6f:95:32:25:3a:18:76:f6:
98:e2:d9:72:cf:62:49:00:71:2b:92:bd:ed:38:7c:35:a4:1e:
ea:79:c7:88:4a:75:e7:c5:3f:33:a9:dc:d2:20:f9:75:da:59:
ad:35:f0:d3:ba:0a:f8:2b:2c:1e:fc:71:19:3d:f9:24:8a:2c:
de:c8:c9:a6:56:ee:a4:79:f2:7f:c0:62:ea:07:25:d3:d7:50:
7f:4f:01:23:ea:d1:51:06:44:ce:c6:76:dd:8f:66:3b:84:a0:
da:82:e1:14
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZRfdtd5f1R/ntNAONGIYs9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDc2MTU5YmZkOWUzMzc1MjNlZTkzMGYzZGYxMTFkNmJh
ZTczMDYwHhcNMjUwMTEzMTE0MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmU3OWE3ZjFmNGQzZmU5MDQwMzlhMjE2OTc1MmRiN2U2MjRkNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KdjC5I6//DbYO6DUNsCF3yrggEh
PlmMLOiP8u0J4HtsGYBeOYxdUbAAyj4tRsVwdHWDbPu+ESo2xwYWq1pi/rA6JeE3
us5xKRzMxWGxniOydMJJEXs7xN+wtecytfJuNE2oLevUTFFHD5dDVvTiSVwSeq8o
8dZGzto2lTQxDrH7ShlGaIio8kJuTReUYw9U+qUJX8ek7+PXc+77ZGV89lY31sA+
4P/6txgxV3xU4cgwkpZRu3EurmEtU0bJ/5vttBfeX8fYCtIF32VOPFBvQipMl8MG
fwf92OIuaMLEJyYvY470AZorLgVjIAX72aFtL1OXfYPCVVcYYQd7EtkLQwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPvnmn8fTT/pBAOaIWl1LbfmJNQpMB8GA1UdIwQY
MBaAFMzXYVm/2eM3Uj7pMPPfER1rrnMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5kaFdiX1o0emRTUHVrdzg5OFJIV3V1Y3dZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9mNmFkYTEtN2U4YS00YjNlLWI3ZTgt
Zjg1ODlmNjgyNjkxLzEvMS0tZWFmeDlOUC1rRUE1b2hhWFV0dC1ZazFDay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTAvZjZhZGExLTdlOGEtNGIzZS1iN2U4LWY4NTg5ZjY4MjY5
MS8xL3pOZGhXYl9aNHpkU1B1a3c4OThSSFd1dWN3WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoJKYYw
DQYJKoZIhvcNAQELBQADggEBABoqnVBTWvLB1ZQuia14AuBPzSLPMrG820VBDqwP
FRFQrAhPOUl7KFh83Bwy8suCi1xMqSLrT7/WC7D9TwvnIDSBAaPtQYuGhr/EvgAx
AiMSd5bbWJv6CvbHx/64jDm8VwuKKbdfy6zFBfDJ80IOV2z5qtE9K4aOauD6mKqi
vB9IlPifJhzC1d3eFyQS/mTwt0ArBVuXG+nQJ2lvlTIlOhh29pji2XLPYkkAcSuS
ve04fDWkHup5x4hKdefFPzOp3NIg+XXaWa018NO6CvgrLB78cRk9+SSKLN7IyaZW
7qR58n/AYuoHJdPXUH9PASPq0VEGRM7Gdt2PZjuEoNqC4RQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:51:16 2025 by rpki-client