Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/tkPBYkbqHBQBIn0BHV-X-SO1suM.roa
File: tkPBYkbqHBQBIn0BHV-X-SO1suM.roa (raw, json)
Hash identifier: UbAqMwZmfegZ1hqELkSkDP8x8h7o/IponAOjYN5W65Y=
Subject key identifier: B6:43:C1:62:46:EA:1C:14:01:22:7D:01:1D:5F:97:F9:23:B5:B2:E3
Certificate issuer: /CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Certificate serial: 019425FC78FA5C27FC603FF4C30633FF1E10
Authority key identifier: CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/tkPBYkbqHBQBIn0BHV-X-SO1suM.roa
Signing time: Thu 02 Jan 2025 07:48:10 +0000
ROA not before: Thu 02 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a02:fa8:c800::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:78:fa:5c:27:fc:60:3f:f4:c3:06:33:ff:1e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Validity
Not Before: Jan 2 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b643c16246ea1c1401227d011d5f97f923b5b2e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:64:80:cb:f3:cd:3e:6c:7e:8b:22:f4:2d:ea:
c6:99:50:a4:c8:c6:53:b7:45:f5:ff:51:b6:68:cb:
79:82:89:f2:66:41:d4:63:7d:90:c3:43:ec:8e:b9:
d9:72:cb:53:8e:b9:3c:6e:20:72:f8:8e:76:58:c8:
49:ef:77:27:59:66:b8:a0:27:c8:cd:c8:8e:d0:12:
d2:36:44:2e:95:0c:13:d0:19:c5:16:c0:99:59:dc:
fa:b5:33:28:23:65:59:eb:75:62:17:53:d7:6f:ca:
25:77:a3:b0:4c:35:ce:41:a1:1c:88:85:ee:de:da:
e7:80:e5:bc:bd:37:25:51:8e:74:9a:8c:c0:d9:47:
30:1f:87:b3:14:af:a8:a0:50:3a:27:49:46:bc:85:
ba:8e:3e:32:14:2b:ca:0c:4e:0e:ed:5e:7e:9d:5b:
35:67:1d:0c:bd:9f:aa:fa:6a:0f:65:ae:fb:19:8e:
1f:e2:6d:6f:16:80:9a:80:d6:4e:12:38:70:a0:ba:
cf:e1:73:4c:35:9b:fe:b6:ef:6c:50:29:6b:22:22:
27:f7:e0:77:8c:db:b5:3d:d5:56:9f:5f:77:ba:8e:
a9:87:6d:57:d0:26:51:a8:54:6d:e7:74:44:0a:b7:
5b:6e:54:10:f3:ae:3d:33:e9:3e:37:a6:f4:8a:a8:
34:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:43:C1:62:46:EA:1C:14:01:22:7D:01:1D:5F:97:F9:23:B5:B2:E3
X509v3 Authority Key Identifier:
keyid:CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/tkPBYkbqHBQBIn0BHV-X-SO1suM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/zO__wVqDo4vdqM_hIMM1Jn3OUPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:fa8:c800::/40
Signature Algorithm: sha256WithRSAEncryption
93:13:02:65:d1:32:8c:0c:6c:4e:e8:d8:25:33:28:49:c8:90:
ef:08:ce:23:bb:f4:c8:e1:cd:35:8b:0d:04:9a:7e:d8:22:59:
08:17:20:0c:84:e6:82:0f:75:a4:fd:b3:f6:0e:42:df:78:a0:
6f:57:3d:bf:72:f9:41:4e:d2:b6:61:e7:fd:7e:09:57:b5:48:
eb:d5:c7:6e:ea:78:23:33:d8:56:7e:cf:1e:7b:47:13:df:8f:
07:ba:9e:7e:82:4c:9e:7e:4a:0d:34:f5:0a:29:f6:59:12:bb:
76:ec:7a:97:fb:5a:a8:d9:42:48:77:3e:fc:d7:01:8e:2f:70:
91:12:b0:f6:16:f2:6e:37:36:d6:ff:33:2e:0d:4a:53:ba:ab:
2b:d8:8a:b2:b5:b3:05:8c:7e:41:74:b6:62:b5:01:e3:42:86:
fe:5c:a0:ab:0c:7b:99:40:3f:40:b2:da:22:6e:1a:b7:e4:c3:
e6:64:bb:d0:61:36:54:8b:92:dd:d4:db:22:40:ab:ad:0b:74:
d7:50:7a:e6:51:7e:71:e8:61:5c:fe:c5:df:c0:4a:76:d7:d9:
0e:b7:0c:11:d6:61:34:d3:df:45:e4:de:72:08:94:4f:99:d6:
c6:33:ab:81:63:0f:81:8d:08:1a:89:a2:f5:cb:34:b4:86:9d:
89:8f:4b:36
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQl/Hj6XCf8YD/0wwYz/x4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZWZmZmMxNWE4M2EzOGJkZGE4Y2ZlMTIwYzMzNTI2N2Rj
ZTUwZjMwHhcNMjUwMTAyMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQzYzE2MjQ2ZWExYzE0MDEyMjdkMDExZDVmOTdmOTIzYjViMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GSAy/PNPmx+iyL0LerGmVCkyMZT
t0X1/1G2aMt5gonyZkHUY32Qw0PsjrnZcstTjrk8biBy+I52WMhJ73cnWWa4oCfI
zciO0BLSNkQulQwT0BnFFsCZWdz6tTMoI2VZ63ViF1PXb8old6OwTDXOQaEciIXu
3trngOW8vTclUY50mozA2UcwH4ezFK+ooFA6J0lGvIW6jj4yFCvKDE4O7V5+nVs1
Zx0MvZ+q+moPZa77GY4f4m1vFoCagNZOEjhwoLrP4XNMNZv+tu9sUClrIiIn9+B3
jNu1PdVWn193uo6ph21X0CZRqFRt53RECrdbblQQ8649M+k+N6b0iqg0gQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLZDwWJG6hwUASJ9AR1fl/kjtbLjMB8GA1UdIwQY
MBaAFMzv/8Fag6OL3ajP4SDDNSZ9zlDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTct
NGJlYjVkZmYxNzAxLzEvdGtQQllrYnFIQlFCSW4wQkhWLVgtU08xc3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTctNGJlYjVkZmYxNzAx
LzEvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIPqMgw
DQYJKoZIhvcNAQELBQADggEBAJMTAmXRMowMbE7o2CUzKEnIkO8IziO79MjhzTWL
DQSaftgiWQgXIAyE5oIPdaT9s/YOQt94oG9XPb9y+UFO0rZh5/1+CVe1SOvVx27q
eCMz2FZ+zx57RxPfjwe6nn6CTJ5+Sg009Qop9lkSu3bsepf7WqjZQkh3PvzXAY4v
cJESsPYW8m43Ntb/My4NSlO6qyvYirK1swWMfkF0tmK1AeNChv5coKsMe5lAP0Cy
2iJuGrfkw+Zku9BhNlSLkt3U2yJAq60LdNdQeuZRfnHoYVz+xd/ASnbX2Q63DBHW
YTTT30Xk3nIIlE+Z1sYzq4FjD4GNCBqJovXLNLSGnYmPSzY=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:52 2025 by rpki-client