Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/dbrSfqG4yJ8e6RjT1uN9s6dEGrQ.roa
File: dbrSfqG4yJ8e6RjT1uN9s6dEGrQ.roa (raw, json)
Hash identifier: o+ewDMF8kuHL4BLfo2Z0qsDG7FEYFuX7LdWzLtyg2Y8=
Subject key identifier: 75:BA:D2:7E:A1:B8:C8:9F:1E:E9:18:D3:D6:E3:7D:B3:A7:44:1A:B4
Certificate issuer: /CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Certificate serial: 019420D61E7A5E5C65CDF28D7516FCEDDA31
Authority key identifier: F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/dbrSfqG4yJ8e6RjT1uN9s6dEGrQ.roa
Signing time: Wed 01 Jan 2025 07:48:10 +0000
ROA not before: Wed 01 Jan 2025 07:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57621
IP address blocks: 2a05:100::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:1e:7a:5e:5c:65:cd:f2:8d:75:16:fc:ed:da:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8203a0c04b81fe1766fa41bd31b73b588188ac7
Validity
Not Before: Jan 1 07:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75bad27ea1b8c89f1ee918d3d6e37db3a7441ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:33:42:65:a5:fe:18:f5:b5:70:5b:ae:ea:bf:
79:3b:91:da:39:a0:4f:31:0b:d4:6b:56:c4:f6:4d:
6c:2d:d5:6a:4e:e8:a6:c6:45:2c:cd:03:6b:27:c5:
4e:6d:28:05:0e:2a:4a:85:10:72:ce:25:f1:32:94:
5d:68:5a:69:fb:af:58:6c:38:4b:15:19:b1:a2:0e:
16:9c:1c:3b:79:fc:d0:59:2f:21:79:29:a5:6c:9b:
00:40:74:ef:98:97:a7:ca:03:b6:09:7a:03:80:7c:
ed:dc:7b:8b:b1:07:e0:d3:79:62:87:d1:4c:04:19:
94:cc:93:0c:79:96:3f:21:b0:25:53:44:83:ae:e6:
4d:a2:14:47:1e:65:3d:73:a8:b3:e5:a3:5e:af:bd:
32:1c:b2:fa:af:fd:3d:4a:42:fe:5c:5a:d3:15:b3:
7b:64:29:54:a6:af:6b:fd:a5:f3:6a:18:38:33:8b:
ea:f1:61:5e:26:79:4d:66:89:64:87:19:b5:4b:c2:
e6:41:72:a2:d2:cf:b8:bb:04:72:24:3d:19:92:c9:
a4:5c:70:6f:16:6b:b0:c8:a6:7e:4c:23:d4:22:1d:
bb:9e:27:4b:10:e3:c6:50:1a:c8:1b:60:59:70:42:
4d:e8:b1:fc:e3:e1:38:2c:62:6d:e6:1f:1c:c7:13:
52:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BA:D2:7E:A1:B8:C8:9F:1E:E9:18:D3:D6:E3:7D:B3:A7:44:1A:B4
X509v3 Authority Key Identifier:
keyid:F8:20:3A:0C:04:B8:1F:E1:76:6F:A4:1B:D3:1B:73:B5:88:18:8A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CA6DAS4H-F2b6Qb0xtztYgYisc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/dbrSfqG4yJ8e6RjT1uN9s6dEGrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e14ca3-da8e-4b58-863a-3389620c1bd7/1/1-CA6DAS4H-F2b6Qb0xtztYgYisc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:100::/29
Signature Algorithm: sha256WithRSAEncryption
51:9a:8b:91:83:94:21:ce:e1:81:a9:73:3d:dc:64:bd:95:37:
f0:89:fe:da:2b:0d:97:00:01:5b:f2:7d:0c:71:27:90:8d:13:
00:1c:24:18:ae:3d:90:b6:b6:a9:d6:bf:7b:ba:2b:51:9d:17:
7f:32:b1:4d:be:92:c3:69:82:f9:2f:24:df:a9:4d:b9:7a:4c:
9d:17:8a:3c:52:83:84:2c:72:11:ce:f2:12:df:85:8f:84:1d:
37:08:41:02:2d:2c:5a:1c:0d:fd:3a:d3:1f:d6:0a:37:64:9a:
0c:ab:2a:81:f8:2b:22:af:1f:3a:cf:58:47:95:e7:85:3f:0b:
7e:4a:27:e4:7c:68:84:f5:46:31:36:69:b3:f1:33:4e:12:53:
83:48:83:2b:c5:dc:b2:80:65:3b:bb:02:29:0a:96:2a:b8:b0:
78:a5:cb:fe:55:5c:89:bf:7d:c3:ba:62:f0:9a:de:2e:40:e1:
79:88:d6:e9:fa:14:fa:54:10:bc:11:e2:23:eb:07:38:17:1a:
0e:3d:2f:9a:ea:11:86:54:5c:d7:9c:05:07:b0:c5:11:d8:37:
ac:78:9f:d9:4f:d1:62:c8:a7:7b:97:12:31:3c:50:ab:88:9b:
68:e1:5b:70:07:83:4f:09:4e:6c:0f:77:57:a5:16:af:75:e7:
82:42:57:08
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1h56XlxlzfKNdRb87doxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjAzYTBjMDRiODFmZTE3NjZmYTQxYmQzMWI3M2I1ODgx
ODhhYzcwHhcNMjUwMTAxMDc0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWJhZDI3ZWExYjhjODlmMWVlOTE4ZDNkNmUzN2RiM2E3NDQxYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojNCZaX+GPW1cFuu6r95O5HaOaBP
MQvUa1bE9k1sLdVqTuimxkUszQNrJ8VObSgFDipKhRByziXxMpRdaFpp+69YbDhL
FRmxog4WnBw7efzQWS8heSmlbJsAQHTvmJenygO2CXoDgHzt3HuLsQfg03lih9FM
BBmUzJMMeZY/IbAlU0SDruZNohRHHmU9c6iz5aNer70yHLL6r/09SkL+XFrTFbN7
ZClUpq9r/aXzahg4M4vq8WFeJnlNZolkhxm1S8LmQXKi0s+4uwRyJD0ZksmkXHBv
FmuwyKZ+TCPUIh27nidLEOPGUBrIG2BZcEJN6LH84+E4LGJt5h8cxxNSMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHW60n6huMifHukY09bjfbOnRBq0MB8GA1UdIwQY
MBaAFPggOgwEuB/hdm+kG9Mbc7WIGIrHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DQTZEQVM0SC1GMmI2UWIweHR6dFlnWWlzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNh
LTMzODk2MjBjMWJkNy8xL2RiclNmcUc0eUo4ZTZSalQxdU45czZkRUdyUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvZTE0Y2EzLWRhOGUtNGI1OC04NjNhLTMzODk2MjBjMWJk
Ny8xLzEtQ0E2REFTNEgtRjJiNlFiMHh0enRZZ1lpc2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqBQEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBRmouRg5QhzuGBqXM93GS9lTfwif7aKw2XAAFb
8n0McSeQjRMAHCQYrj2Qtrap1r97uitRnRd/MrFNvpLDaYL5LyTfqU25ekydF4o8
UoOELHIRzvIS34WPhB03CEECLSxaHA39OtMf1go3ZJoMqyqB+Csirx86z1hHleeF
Pwt+SifkfGiE9UYxNmmz8TNOElODSIMrxdyygGU7uwIpCpYquLB4pcv+VVyJv33D
umLwmt4uQOF5iNbp+hT6VBC8EeIj6wc4FxoOPS+a6hGGVFzXnAUHsMUR2DeseJ/Z
T9FiyKd7lxIxPFCriJto4VtwB4NPCU5sD3dXpRavdeeCQlcI
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:14:05 2025 by rpki-client