Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/iI8DgizVWpbEfLLZJw23cwOMtao.roa
File: iI8DgizVWpbEfLLZJw23cwOMtao.roa (raw, json)
Hash identifier: gWEZpZ6NinOCicsU6XwwO/9pb7/TViv+n+2ETM0yooY=
Subject key identifier: 88:8F:03:82:2C:D5:5A:96:C4:7C:B2:D9:27:0D:B7:73:03:8C:B5:AA
Certificate issuer: /CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Certificate serial: 01956BE58A080C346D94B506DAD36A046565
Authority key identifier: CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/iI8DgizVWpbEfLLZJw23cwOMtao.roa
Signing time: Thu 06 Mar 2025 14:39:19 +0000
ROA not before: Thu 06 Mar 2025 14:39:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133944
IP address blocks: 2a0d:db00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6b:e5:8a:08:0c:34:6d:94:b5:06:da:d3:6a:04:65:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Validity
Not Before: Mar 6 14:39:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=888f03822cd55a96c47cb2d9270db773038cb5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:67:c8:2a:6b:c3:1e:b3:9f:e8:41:0f:e2:ce:
15:62:f0:93:9b:c5:88:a8:6a:df:2f:c7:e1:24:d6:
f0:95:5b:63:c5:4c:d8:b0:91:f4:4b:4d:3c:33:b8:
9b:bc:44:6d:f1:3d:83:86:be:fe:71:61:fa:87:fa:
96:2e:0e:a3:ca:0d:9a:22:50:3e:9b:7b:96:d5:ba:
f0:4b:f8:0b:15:58:0e:80:90:48:6d:cd:a5:55:0c:
7e:46:0a:a3:b4:02:a1:7c:9f:06:17:c7:84:d8:52:
f3:59:de:15:fd:3b:36:df:b5:ac:2c:5e:86:0e:9e:
71:2d:83:89:e8:92:f1:95:11:92:db:87:74:9d:c8:
7e:6b:14:df:15:9c:67:c9:b6:2a:d8:6d:bf:30:4b:
f7:91:ea:f3:78:83:25:37:a5:eb:bb:12:58:a4:46:
8b:10:00:e9:8f:a1:d9:9c:20:89:5e:c7:11:5e:f4:
32:7e:40:82:76:c3:0c:6b:d0:59:6e:d3:5b:bd:30:
42:5c:fe:c1:73:05:65:66:81:f1:fa:48:87:6f:cc:
69:0a:40:33:e8:d2:9a:b9:e8:25:e7:19:15:0c:c7:
a7:c0:9e:fc:bf:03:33:62:b7:fd:9c:79:89:b1:33:
01:44:4a:36:7a:a0:dd:ac:c5:60:1b:4f:65:3c:0f:
00:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:8F:03:82:2C:D5:5A:96:C4:7C:B2:D9:27:0D:B7:73:03:8C:B5:AA
X509v3 Authority Key Identifier:
keyid:CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/iI8DgizVWpbEfLLZJw23cwOMtao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/zMR43ZzNYWL4JIisb8UMIdNp8qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:db00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:25:ad:00:22:84:eb:2b:ba:8c:59:41:77:e4:e4:2a:91:a1:
d1:46:a5:4d:a1:f4:f7:00:aa:38:2c:23:df:27:50:62:2c:48:
9e:0d:75:08:1c:8a:03:f1:fa:04:b7:3f:17:10:b6:00:da:95:
14:31:b7:71:52:83:00:26:f6:80:e0:d0:db:2c:2b:ee:10:1f:
d4:f9:63:ad:ae:a9:ed:ce:de:35:10:c2:35:7b:bf:05:22:32:
5a:07:3b:88:d4:2f:d7:e2:e0:6b:7a:8f:54:e7:b8:69:7d:30:
f6:70:5c:67:bf:13:c2:20:c4:3e:af:64:d4:64:0c:03:dc:02:
bf:12:dd:98:c6:a0:7d:54:a6:0e:07:40:f7:12:20:7a:74:be:
46:27:df:85:0d:13:97:0a:e5:3a:b2:b4:a1:3b:58:f9:74:e3:
5f:b3:47:8d:87:a0:1b:61:f7:48:95:c9:2b:9c:de:0a:63:a3:
26:a8:23:6a:bd:9f:e4:7e:05:f9:0a:ab:00:43:49:7f:7d:ca:
50:e3:ea:e2:ce:8c:18:71:c8:cf:46:54:10:c6:1c:76:64:f9:
aa:1b:66:ac:84:58:fd:47:ce:e9:81:03:04:f4:86:b9:4f:1e:
e9:6d:7b:4f:90:af:18:98:55:29:61:64:7a:5a:ee:49:b5:57:
26:44:53:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVr5YoIDDRtlLUG2tNqBGVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYzQ3OGRkOWNjZDYxNjJmODI0ODhhYzZmYzUwYzIxZDM2
OWYyYTAwHhcNMjUwMzA2MTQzOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODhmMDM4MjJjZDU1YTk2YzQ3Y2IyZDkyNzBkYjc3MzAzOGNiNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumfIKmvDHrOf6EEP4s4VYvCTm8WI
qGrfL8fhJNbwlVtjxUzYsJH0S008M7ibvERt8T2Dhr7+cWH6h/qWLg6jyg2aIlA+
m3uW1brwS/gLFVgOgJBIbc2lVQx+RgqjtAKhfJ8GF8eE2FLzWd4V/Ts237WsLF6G
Dp5xLYOJ6JLxlRGS24d0nch+axTfFZxnybYq2G2/MEv3kerzeIMlN6XruxJYpEaL
EADpj6HZnCCJXscRXvQyfkCCdsMMa9BZbtNbvTBCXP7BcwVlZoHx+kiHb8xpCkAz
6NKauegl5xkVDMenwJ78vwMzYrf9nHmJsTMBREo2eqDdrMVgG09lPA8A5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIiPA4Is1VqWxHyy2ScNt3MDjLWqMB8GA1UdIwQY
MBaAFMzEeN2czWFi+CSIrG/FDCHTafKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUt
NDI4NTk5ODM5MmQzLzEvaUk4RGdpelZXcGJFZkxMWkp3MjNjd09NdGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUtNDI4NTk5ODM5MmQz
LzEvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3bADAN
BgkqhkiG9w0BAQsFAAOCAQEAGyWtACKE6yu6jFlBd+TkKpGh0UalTaH09wCqOCwj
3ydQYixIng11CByKA/H6BLc/FxC2ANqVFDG3cVKDACb2gODQ2ywr7hAf1Pljra6p
7c7eNRDCNXu/BSIyWgc7iNQv1+Lga3qPVOe4aX0w9nBcZ78TwiDEPq9k1GQMA9wC
vxLdmMagfVSmDgdA9xIgenS+RiffhQ0TlwrlOrK0oTtY+XTjX7NHjYegG2H3SJXJ
K5zeCmOjJqgjar2f5H4F+QqrAENJf33KUOPq4s6MGHHIz0ZUEMYcdmT5qhtmrIRY
/UfO6YEDBPSGuU8e6W17T5CvGJhVKWFkelruSbVXJkRTzA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:48:57 2025 by rpki-client