Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/pdwDWOzc3QzXOsiEO7HIgZ0hQdQ.roa
File: pdwDWOzc3QzXOsiEO7HIgZ0hQdQ.roa (raw, json)
Hash identifier: m/RIMhJds2RFVXbpbtSSU1vxyz5pEJiQgY8y39qh5vk=
Subject key identifier: A5:DC:03:58:EC:DC:DD:0C:D7:3A:C8:84:3B:B1:C8:81:9D:21:41:D4
Certificate issuer: /CN=cd02d077485a15e8a254a49edd994d4fc2a908a6
Certificate serial: 019420687100817CC95EC0DC761F24C42CD8
Authority key identifier: CD:02:D0:77:48:5A:15:E8:A2:54:A4:9E:DD:99:4D:4F:C2:A9:08:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQLQd0haFeiiVKSe3ZlNT8KpCKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/pdwDWOzc3QzXOsiEO7HIgZ0hQdQ.roa
Signing time: Wed 01 Jan 2025 05:48:23 +0000
ROA not before: Wed 01 Jan 2025 05:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199275
IP address blocks: 2a00:6420::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:71:00:81:7c:c9:5e:c0:dc:76:1f:24:c4:2c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd02d077485a15e8a254a49edd994d4fc2a908a6
Validity
Not Before: Jan 1 05:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5dc0358ecdcdd0cd73ac8843bb1c8819d2141d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:25:3d:36:bf:fe:56:36:f1:5f:f6:df:ee:6f:
85:03:ed:74:92:05:5a:36:df:6e:ef:d2:0d:7c:e9:
9a:10:ae:5f:a5:05:11:ea:3c:76:7f:56:e8:69:9e:
73:55:e5:d5:b8:30:50:b5:aa:8f:31:5a:66:aa:00:
0c:eb:89:46:34:46:05:71:05:b8:e0:ce:fe:94:b5:
25:e4:df:11:80:ad:9b:fc:2b:9d:14:cc:2a:a5:d8:
b3:c7:7b:d8:22:21:1f:d7:ec:ac:cd:47:87:96:ac:
24:8f:4e:bd:e3:7d:52:96:23:07:d7:bf:24:cb:01:
e1:8a:61:fb:83:a9:1f:a0:ad:58:ac:2a:d5:be:2b:
14:0c:cd:5c:21:db:41:ef:20:3e:a4:13:54:95:10:
69:4f:db:47:4c:97:8c:80:d0:28:d0:d9:7c:ad:7a:
f6:d2:72:d7:ae:5e:17:91:18:0d:c7:07:91:61:c9:
2e:c4:2d:96:99:b6:78:44:51:75:aa:12:34:2c:69:
c7:0c:91:41:a2:17:7e:ca:f6:e0:2f:57:d6:88:38:
b8:f5:0d:06:92:e7:2d:fc:e5:ad:0d:7f:9f:e0:29:
01:ae:3c:dc:cc:15:b3:a0:30:9b:b8:3e:53:51:62:
69:6a:ed:1b:b8:b8:cc:aa:a1:12:40:8a:4a:72:26:
af:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DC:03:58:EC:DC:DD:0C:D7:3A:C8:84:3B:B1:C8:81:9D:21:41:D4
X509v3 Authority Key Identifier:
keyid:CD:02:D0:77:48:5A:15:E8:A2:54:A4:9E:DD:99:4D:4F:C2:A9:08:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQLQd0haFeiiVKSe3ZlNT8KpCKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/pdwDWOzc3QzXOsiEO7HIgZ0hQdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6714f1-c3d6-4875-a36a-37e80dab9302/1/zQLQd0haFeiiVKSe3ZlNT8KpCKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:6420::/32
Signature Algorithm: sha256WithRSAEncryption
88:c1:8c:22:9f:10:5a:a8:e5:88:ca:61:9a:a8:d4:5e:26:71:
9c:0b:a2:ed:30:5a:cf:5a:cf:61:76:17:fe:03:77:62:7f:c4:
a8:62:0b:87:a2:88:89:c0:73:e4:b6:37:b4:ca:80:37:ba:44:
66:eb:8f:dc:4b:0b:17:7d:05:ed:bf:52:3b:b5:6c:73:af:8c:
d0:2a:98:27:f8:28:1e:b0:a7:c1:cf:46:30:82:c1:01:8b:9c:
d8:c9:39:93:6f:fb:4d:a7:9d:ca:15:b9:f6:95:88:f7:50:d3:
de:9d:91:76:bf:b7:58:87:fd:7b:e4:81:9f:57:60:38:1d:a6:
ac:a3:60:02:fc:a3:c6:fd:cd:ce:34:dd:33:e9:93:7d:4b:2e:
dc:01:3d:e1:40:55:7f:f2:d1:39:21:98:7b:8a:36:85:3c:c8:
b9:90:f8:27:cd:53:c0:df:a3:0b:fc:7f:f2:1f:f9:2a:39:68:
f3:95:cc:41:0c:5e:00:d4:92:90:38:3f:39:93:ec:e5:4f:af:
d4:bf:43:2a:b4:07:52:04:96:66:a8:50:f6:0d:bd:25:c6:e0:
a1:8a:40:e1:6f:31:c1:8f:c4:c0:d0:66:d6:7b:ce:74:cf:dd:
29:08:ee:b9:23:98:3f:61:50:0e:9f:a2:14:d1:22:e0:09:e1:
74:8d:8d:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQgaHEAgXzJXsDcdh8kxCzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDJkMDc3NDg1YTE1ZThhMjU0YTQ5ZWRkOTk0ZDRmYzJh
OTA4YTYwHhcNMjUwMTAxMDU0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWRjMDM1OGVjZGNkZDBjZDczYWM4ODQzYmIxYzg4MTlkMjE0MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSU9Nr/+VjbxX/bf7m+FA+10kgVa
Nt9u79INfOmaEK5fpQUR6jx2f1boaZ5zVeXVuDBQtaqPMVpmqgAM64lGNEYFcQW4
4M7+lLUl5N8RgK2b/CudFMwqpdizx3vYIiEf1+yszUeHlqwkj069431SliMH178k
ywHhimH7g6kfoK1YrCrVvisUDM1cIdtB7yA+pBNUlRBpT9tHTJeMgNAo0Nl8rXr2
0nLXrl4XkRgNxweRYckuxC2WmbZ4RFF1qhI0LGnHDJFBohd+yvbgL1fWiDi49Q0G
kuct/OWtDX+f4CkBrjzczBWzoDCbuD5TUWJpau0buLjMqqESQIpKciav5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKXcA1js3N0M1zrIhDuxyIGdIUHUMB8GA1UdIwQY
MBaAFM0C0HdIWhXoolSknt2ZTU/CqQimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFMUWQwaGFGZWlpVktTZTNabE5UOEtwQ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82NzE0ZjEtYzNkNi00ODc1LWEzNmEt
MzdlODBkYWI5MzAyLzEvcGR3RFdPemMzUXpYT3NpRU83SElnWjBoUWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82NzE0ZjEtYzNkNi00ODc1LWEzNmEtMzdlODBkYWI5MzAy
LzEvelFMUWQwaGFGZWlpVktTZTNabE5UOEtwQ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgBkIDAN
BgkqhkiG9w0BAQsFAAOCAQEAiMGMIp8QWqjliMphmqjUXiZxnAui7TBaz1rPYXYX
/gN3Yn/EqGILh6KIicBz5LY3tMqAN7pEZuuP3EsLF30F7b9SO7Vsc6+M0CqYJ/go
HrCnwc9GMILBAYuc2Mk5k2/7TaedyhW59pWI91DT3p2Rdr+3WIf9e+SBn1dgOB2m
rKNgAvyjxv3NzjTdM+mTfUsu3AE94UBVf/LROSGYe4o2hTzIuZD4J81TwN+jC/x/
8h/5Kjlo85XMQQxeANSSkDg/OZPs5U+v1L9DKrQHUgSWZqhQ9g29JcbgoYpA4W8x
wY/EwNBm1nvOdM/dKQjuuSOYP2FQDp+iFNEi4AnhdI2NRA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:56 2025 by rpki-client