Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/8iqQyUY8-AeiGyhNwStoLthVlrw.roa
File: 8iqQyUY8-AeiGyhNwStoLthVlrw.roa (raw, json)
Hash identifier: 7fe/RGx111r8xnwKmoLnejmzPZy26y5SxJy//sQ+9fA=
Subject key identifier: F2:2A:90:C9:46:3C:F8:07:A2:1B:28:4D:C1:2B:68:2E:D8:55:96:BC
Certificate issuer: /CN=dd4748cd4714a5cc87cafb8430fb81248b094079
Certificate serial: 01856D53D0B91579D079B400B3B9A8A5CFC1
Authority key identifier: DD:47:48:CD:47:14:A5:CC:87:CA:FB:84:30:FB:81:24:8B:09:40:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UdIzUcUpcyHyvuEMPuBJIsJQHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/8iqQyUY8-AeiGyhNwStoLthVlrw.roa
Signing time: Sun 01 Jan 2023 12:34:47 +0000
ROA not before: Sun 01 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31343
IP address blocks: 2a04:1d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:d0:b9:15:79:d0:79:b4:00:b3:b9:a8:a5:cf:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd4748cd4714a5cc87cafb8430fb81248b094079
Validity
Not Before: Jan 1 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f22a90c9463cf807a21b284dc12b682ed85596bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e9:ac:d6:66:16:b6:b7:e7:6f:c2:d6:42:73:
36:39:98:dc:bc:14:f2:bd:23:94:40:4a:a4:6d:1a:
52:70:38:23:e5:fa:c0:a4:f4:12:22:27:de:bc:a6:
f7:b3:9b:1b:d5:0c:bf:3b:9a:f8:fb:be:2c:b8:ec:
e2:d1:d4:77:16:ec:6a:31:f9:98:66:bb:bd:3d:22:
2f:59:6d:5f:10:ab:9c:c2:0c:e0:4f:6a:64:93:34:
ad:6b:25:1d:8f:7c:6c:77:8c:eb:24:b3:fb:65:ea:
0a:0f:ff:3f:f4:fb:16:be:50:c2:95:ee:c7:e7:a7:
c9:bc:9e:11:02:f4:0c:0e:61:d2:01:3f:32:ff:9d:
13:c5:8d:27:c4:70:55:71:ae:5c:23:a0:73:87:12:
bb:a0:c1:04:33:50:00:03:47:cb:f1:ca:e4:90:99:
62:50:ae:ac:36:94:ea:bd:ea:ed:ec:32:9c:4b:d4:
18:7b:28:b9:e0:46:85:8a:8c:c3:4a:5c:db:46:96:
9c:56:36:fa:f1:58:f3:70:11:9c:43:56:39:45:00:
ac:d9:70:0d:ec:01:6a:f3:55:7a:b6:ca:a9:b9:6b:
98:50:95:b1:5a:50:00:d3:2e:c2:63:17:b6:2b:b3:
4a:bd:1e:10:35:87:fc:72:92:f0:c7:3b:78:cb:de:
8a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2A:90:C9:46:3C:F8:07:A2:1B:28:4D:C1:2B:68:2E:D8:55:96:BC
X509v3 Authority Key Identifier:
keyid:DD:47:48:CD:47:14:A5:CC:87:CA:FB:84:30:FB:81:24:8B:09:40:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UdIzUcUpcyHyvuEMPuBJIsJQHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/8iqQyUY8-AeiGyhNwStoLthVlrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4c55af-5e9b-4197-86fb-37545da056bd/1/3UdIzUcUpcyHyvuEMPuBJIsJQHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
80:de:77:0c:04:25:69:16:f0:92:ce:33:40:8b:cd:e7:c7:81:
b1:7f:d4:82:89:80:03:88:ba:7e:9c:4b:4b:cb:13:85:35:9d:
70:f9:15:76:40:1d:b9:5f:8e:80:0f:11:a0:7c:b9:f8:b6:51:
92:b5:09:2f:c6:77:e6:83:14:6d:54:51:90:8b:10:51:90:c2:
43:9b:9f:00:26:05:67:32:65:57:57:54:e3:28:85:d3:ae:07:
45:5e:85:1c:7d:e8:6a:26:38:e1:d7:ce:dd:60:e7:00:40:b6:
39:80:fc:2a:9e:7e:62:34:8c:78:8e:74:7c:87:be:db:67:30:
35:37:f3:9b:d1:b5:0e:27:4a:cf:1f:46:21:68:8c:0e:42:19:
15:d3:06:19:5f:e1:64:30:a6:9a:28:d8:d8:ba:16:51:ad:cc:
cd:97:d9:c0:5a:70:8b:d0:b8:37:b4:9a:26:ce:37:8e:13:8c:
70:92:4b:75:c4:6c:c0:57:d6:8a:21:64:5f:c9:7e:7b:bb:b1:
17:f5:fe:36:7a:c6:a5:e3:40:42:03:27:11:d2:2a:7e:28:bd:
60:69:37:32:c4:df:37:73:df:12:a1:f6:0c:4c:95:d4:a1:4f:
2d:7f:27:f4:dc:c3:b5:ed:49:5a:17:da:c1:f9:cc:00:d4:07:
0c:47:35:7a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtU9C5FXnQebQAs7mopc/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDc0OGNkNDcxNGE1Y2M4N2NhZmI4NDMwZmI4MTI0OGIw
OTQwNzkwHhcNMjMwMTAxMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJhOTBjOTQ2M2NmODA3YTIxYjI4NGRjMTJiNjgyZWQ4NTU5NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjums1mYWtrfnb8LWQnM2OZjcvBTy
vSOUQEqkbRpScDgj5frApPQSIifevKb3s5sb1Qy/O5r4+74suOzi0dR3FuxqMfmY
Zru9PSIvWW1fEKucwgzgT2pkkzStayUdj3xsd4zrJLP7ZeoKD/8/9PsWvlDCle7H
56fJvJ4RAvQMDmHSAT8y/50TxY0nxHBVca5cI6BzhxK7oMEEM1AAA0fL8crkkJli
UK6sNpTqvert7DKcS9QYeyi54EaFiozDSlzbRpacVjb68VjzcBGcQ1Y5RQCs2XAN
7AFq81V6tsqpuWuYUJWxWlAA0y7CYxe2K7NKvR4QNYf8cpLwxzt4y96KvwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPIqkMlGPPgHohsoTcEraC7YVZa8MB8GA1UdIwQY
MBaAFN1HSM1HFKXMh8r7hDD7gSSLCUB5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1VkSXpVY1VwY3lIeXZ1RU1QdUJKSXNKUUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80YzU1YWYtNWU5Yi00MTk3LTg2ZmIt
Mzc1NDVkYTA1NmJkLzEvOGlxUXlVWTgtQWVpR3loTndTdG9MdGhWbHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80YzU1YWYtNWU5Yi00MTk3LTg2ZmItMzc1NDVkYTA1NmJk
LzEvM1VkSXpVY1VwY3lIeXZ1RU1QdUJKSXNKUUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgQdADAN
BgkqhkiG9w0BAQsFAAOCAQEAgN53DAQlaRbwks4zQIvN58eBsX/UgomAA4i6fpxL
S8sThTWdcPkVdkAduV+OgA8RoHy5+LZRkrUJL8Z35oMUbVRRkIsQUZDCQ5ufACYF
ZzJlV1dU4yiF064HRV6FHH3oaiY44dfO3WDnAEC2OYD8Kp5+YjSMeI50fIe+22cw
NTfzm9G1DidKzx9GIWiMDkIZFdMGGV/hZDCmmijY2LoWUa3MzZfZwFpwi9C4N7Sa
Js43jhOMcJJLdcRswFfWiiFkX8l+e7uxF/X+NnrGpeNAQgMnEdIqfii9YGk3MsTf
N3PfEqH2DEyV1KFPLX8n9NzDte1JWhfawfnMANQHDEc1eg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:24:51 2025 by rpki-client