Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/0KdA-TINfwbcsy0ASHR6hmtOfao.roa
File: 0KdA-TINfwbcsy0ASHR6hmtOfao.roa (raw, json)
Hash identifier: tWh0DQpeSJNfueuOKNNCoMmtgbTb+2BL6hJcpZqkvhs=
Subject key identifier: D0:A7:40:F9:32:0D:7F:06:DC:B3:2D:00:48:74:7A:86:6B:4E:7D:AA
Certificate issuer: /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial: 0194228D47EAA2071FF888B6CDC2442AECA7
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/0KdA-TINfwbcsy0ASHR6hmtOfao.roa
Signing time: Wed 01 Jan 2025 15:47:51 +0000
ROA not before: Wed 01 Jan 2025 15:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214947
IP address blocks: 2a0d:2146:bdc0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:47:ea:a2:07:1f:f8:88:b6:cd:c2:44:2a:ec:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Validity
Not Before: Jan 1 15:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0a740f9320d7f06dcb32d0048747a866b4e7daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c1:df:ed:79:15:6a:df:64:27:d8:9a:99:01:
c2:e8:b6:8f:f3:95:a1:5f:57:b2:2e:12:de:b0:38:
0d:26:5b:d8:c1:2a:7b:1a:79:0b:a7:c2:47:fd:4d:
2a:d3:d6:ca:9e:5b:3b:8e:0e:e3:5d:28:38:02:7b:
00:a6:cc:fc:a1:d2:69:55:f7:23:28:76:3a:05:c3:
16:6c:08:fd:7d:b6:9e:86:d6:0c:5f:c8:ce:c0:f1:
85:10:b4:0a:11:af:84:5e:3e:03:d6:b8:b8:bb:df:
76:a4:de:b5:ad:54:cb:75:82:c8:01:f5:8a:3d:f0:
17:23:80:8d:87:96:52:c0:98:a2:20:52:c1:95:d9:
7f:90:d5:4a:8b:bb:24:8c:dd:29:5e:ac:04:09:96:
2e:8d:00:95:98:e0:d0:62:9b:47:8d:b1:60:f2:9a:
82:79:05:9e:d9:6a:c3:70:13:21:4d:98:59:87:b3:
47:15:99:20:ea:43:ac:ed:88:93:86:ac:da:95:06:
e3:e4:36:60:f3:f1:1b:db:ba:24:0e:19:f4:1f:3f:
5b:ca:b4:4a:f1:a3:d1:6d:c9:ee:85:5f:90:cb:67:
c4:bb:47:25:8e:8e:24:3b:fb:4a:de:6f:6f:f9:e2:
40:d7:8b:ad:0c:e0:df:59:b8:53:ea:c5:fb:9f:82:
8d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A7:40:F9:32:0D:7F:06:DC:B3:2D:00:48:74:7A:86:6B:4E:7D:AA
X509v3 Authority Key Identifier:
keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/0KdA-TINfwbcsy0ASHR6hmtOfao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2146:bdc0::/48
Signature Algorithm: sha256WithRSAEncryption
98:1a:af:67:97:de:87:dc:d9:73:ed:48:3c:54:02:cb:04:3a:
dd:f4:e5:d8:a2:f4:19:9d:aa:c5:fb:41:a8:a7:ee:74:4c:61:
0c:f3:3a:7f:7a:49:ba:61:9b:e0:98:37:75:a1:4e:8c:51:f7:
d5:5a:45:59:18:e2:af:65:66:d4:45:81:d7:0d:32:6e:72:1c:
9b:81:91:88:dc:7c:fe:53:fc:4b:55:ef:a6:e5:97:10:3d:3b:
a0:5d:9b:65:86:e2:31:99:c8:ab:71:79:65:60:8e:27:02:48:
50:df:ab:c6:f2:81:6e:32:5f:f9:94:93:e3:d2:ae:3b:7d:ca:
ec:6a:40:79:40:cb:41:2c:36:c4:d1:52:1c:28:04:d8:3e:4b:
3d:af:41:dd:df:30:0e:8d:99:55:35:91:fa:e2:a8:10:41:ce:
4e:0a:41:8c:c3:bf:a8:ab:44:fc:be:73:06:c3:e4:df:17:0f:
9d:36:51:10:f1:2f:3a:19:77:f7:9f:59:78:6b:0f:15:a0:88:
74:a8:e5:f9:ae:f8:b4:e0:ff:a4:eb:b2:93:fe:02:9c:db:0a:
cb:d4:db:01:a4:3a:f6:bf:98:2b:b0:6b:da:9e:46:f6:11:d3:
19:41:47:a0:b0:44:65:3b:6f:8a:3d:fc:08:58:6d:09:ce:74:
72:5e:91:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijUfqogcf+Ii2zcJEKuynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjUwMTAxMTU0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE3NDBmOTMyMGQ3ZjA2ZGNiMzJkMDA0ODc0N2E4NjZiNGU3ZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcHf7XkVat9kJ9iamQHC6LaP85Wh
X1eyLhLesDgNJlvYwSp7GnkLp8JH/U0q09bKnls7jg7jXSg4AnsApsz8odJpVfcj
KHY6BcMWbAj9fbaehtYMX8jOwPGFELQKEa+EXj4D1ri4u992pN61rVTLdYLIAfWK
PfAXI4CNh5ZSwJiiIFLBldl/kNVKi7skjN0pXqwECZYujQCVmODQYptHjbFg8pqC
eQWe2WrDcBMhTZhZh7NHFZkg6kOs7YiThqzalQbj5DZg8/Eb27okDhn0Hz9byrRK
8aPRbcnuhV+Qy2fEu0cljo4kO/tK3m9v+eJA14utDODfWbhT6sX7n4KNWQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNCnQPkyDX8G3LMtAEh0eoZrTn2qMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvMEtkQS1USU5md2Jjc3kwQVNIUjZobXRPZmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0hRr3A
MA0GCSqGSIb3DQEBCwUAA4IBAQCYGq9nl96H3Nlz7Ug8VALLBDrd9OXYovQZnarF
+0Gop+50TGEM8zp/ekm6YZvgmDd1oU6MUffVWkVZGOKvZWbURYHXDTJuchybgZGI
3Hz+U/xLVe+m5ZcQPTugXZtlhuIxmcircXllYI4nAkhQ36vG8oFuMl/5lJPj0q47
fcrsakB5QMtBLDbE0VIcKATYPks9r0Hd3zAOjZlVNZH64qgQQc5OCkGMw7+oq0T8
vnMGw+TfFw+dNlEQ8S86GXf3n1l4aw8VoIh0qOX5rvi04P+k67KT/gKc2wrL1NsB
pDr2v5grsGvankb2EdMZQUegsERlO2+KPfwIWG0JznRyXpGJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:50:59 2025 by rpki-client