Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/8XvK-NDwWqi2zT7WVWwfJ0UvfGQ.roa
File: 8XvK-NDwWqi2zT7WVWwfJ0UvfGQ.roa (raw, json)
Hash identifier: ZCqeEESlY+1q81I5AJQf/YIl/2ZM47zkQGSKNB63jy4=
Subject key identifier: F1:7B:CA:F8:D0:F0:5A:A8:B6:CD:3E:D6:55:6C:1F:27:45:2F:7C:64
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 01939304DDFDE58A362EC6FB6906959F44CC
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/8XvK-NDwWqi2zT7WVWwfJ0UvfGQ.roa
Signing time: Wed 04 Dec 2024 18:53:09 +0000
ROA not before: Wed 04 Dec 2024 18:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0d:3041::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:93:04:dd:fd:e5:8a:36:2e:c6:fb:69:06:95:9f:44:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Dec 4 18:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f17bcaf8d0f05aa8b6cd3ed6556c1f27452f7c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bf:72:97:87:91:45:d3:1d:4c:6b:be:57:89:
8d:d4:88:53:77:5f:9a:de:7f:f1:dc:ec:2c:45:d3:
f7:e9:5a:e1:86:c2:f4:fc:46:b9:39:cb:99:35:f9:
ad:4f:96:82:15:60:e5:cd:e6:63:3d:f3:e7:d6:9f:
4f:49:ef:b1:91:58:c5:58:5c:ad:f4:5c:d0:db:4b:
c2:d3:b4:38:1a:c9:42:7e:26:bf:e9:f5:20:90:c4:
e4:6a:0a:a6:cf:62:7b:34:15:4f:ae:a2:b2:a7:7b:
be:56:79:df:96:7f:a7:b7:34:ec:87:bd:e0:03:77:
86:2b:86:9e:08:09:a9:6f:ff:03:e7:f5:f8:3c:66:
ce:5a:5a:4f:56:ab:a1:63:f4:b8:a4:16:a8:49:a5:
f9:5b:38:bc:bb:4d:ba:93:0d:1a:c2:94:4a:a4:cb:
4c:3a:cb:33:93:d8:9e:d3:9f:1a:d9:8f:0b:64:61:
70:d9:ce:a1:f6:32:1c:16:3c:b3:de:e9:fc:44:dd:
a4:e6:42:8c:b9:17:11:75:94:de:3f:75:ac:dc:60:
b4:d0:b6:f1:31:61:fc:c7:59:d7:8c:af:7b:b9:06:
a0:1e:f9:e0:0a:24:06:60:b4:59:e3:4d:18:cf:0a:
29:c0:cf:8c:e8:95:8e:5d:0e:84:f2:4f:85:fa:95:
d2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7B:CA:F8:D0:F0:5A:A8:B6:CD:3E:D6:55:6C:1F:27:45:2F:7C:64
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/8XvK-NDwWqi2zT7WVWwfJ0UvfGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3041::/32
Signature Algorithm: sha256WithRSAEncryption
15:0f:35:c5:75:56:6a:09:ef:6b:60:ef:42:96:54:91:32:50:
dd:63:ca:7d:bd:4c:11:02:9f:81:16:57:0a:8b:37:80:c7:ae:
e3:c2:ce:d6:36:5e:71:fa:44:21:ba:89:44:ac:e7:2b:60:19:
6b:67:26:77:2a:33:60:c6:6c:33:c8:bf:b5:8c:f8:e5:b0:ad:
b5:42:e0:9a:13:5f:ae:56:71:92:d0:2f:4b:e4:81:d9:0f:06:
5c:12:3f:1d:83:4a:4a:e2:71:84:16:40:7c:7a:08:8c:52:98:
c9:ff:8e:e1:e1:9e:1d:d8:da:ad:ac:d9:64:ac:67:3d:34:ef:
5e:da:a4:ec:4e:91:13:9d:b4:fa:76:b0:38:32:f7:a0:45:f4:
98:53:c3:fe:6b:48:cd:3d:fc:ec:a8:a3:27:64:d4:ff:f7:92:
44:d7:f8:4c:07:00:62:64:53:d0:f7:e0:45:f5:c1:ff:9c:c7:
71:e2:59:04:5d:27:1b:bb:a9:5a:53:45:8b:e1:88:c3:73:e9:
45:66:c5:48:bf:40:29:34:75:e0:31:ee:ff:a8:1b:ed:d1:d5:
f7:4e:32:55:d9:91:48:de:c9:55:b8:26:16:21:dc:e9:7b:cf:
11:3e:ed:9f:45:39:a2:10:15:b7:90:7f:1a:2d:8e:e3:0d:b1:
84:5e:ea:f0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOTBN395Yo2Lsb7aQaVn0TMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQxMjA0MTg1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdiY2FmOGQwZjA1YWE4YjZjZDNlZDY1NTZjMWYyNzQ1MmY3YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL9yl4eRRdMdTGu+V4mN1IhTd1+a
3n/x3OwsRdP36VrhhsL0/Ea5OcuZNfmtT5aCFWDlzeZjPfPn1p9PSe+xkVjFWFyt
9FzQ20vC07Q4GslCfia/6fUgkMTkagqmz2J7NBVPrqKyp3u+Vnnfln+ntzTsh73g
A3eGK4aeCAmpb/8D5/X4PGbOWlpPVquhY/S4pBaoSaX5Wzi8u026kw0awpRKpMtM
Osszk9ie058a2Y8LZGFw2c6h9jIcFjyz3un8RN2k5kKMuRcRdZTeP3Ws3GC00Lbx
MWH8x1nXjK97uQagHvngCiQGYLRZ400YzwopwM+M6JWOXQ6E8k+F+pXSAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPF7yvjQ8Fqots0+1lVsHydFL3xkMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvOFh2Sy1ORHdXcWkyelQ3V1ZXd2ZKMFV2ZkdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg0wQTAN
BgkqhkiG9w0BAQsFAAOCAQEAFQ81xXVWagnva2DvQpZUkTJQ3WPKfb1MEQKfgRZX
Cos3gMeu48LO1jZecfpEIbqJRKznK2AZa2cmdyozYMZsM8i/tYz45bCttULgmhNf
rlZxktAvS+SB2Q8GXBI/HYNKSuJxhBZAfHoIjFKYyf+O4eGeHdjarazZZKxnPTTv
Xtqk7E6RE520+nawODL3oEX0mFPD/mtIzT387KijJ2TU//eSRNf4TAcAYmRT0Pfg
RfXB/5zHceJZBF0nG7upWlNFi+GIw3PpRWbFSL9AKTR14DHu/6gb7dHV904yVdmR
SN7JVbgmFiHc6XvPET7tn0U5ohAVt5B/Gi2O4w2xhF7q8A==
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:28:54 2025 by rpki-client