Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/7ee55c-6952-4a64-b0a6-fe15c1c5aea1/1/0PkJWZ8dOx3G3A35185T0tKZJJI.roa
File: 0PkJWZ8dOx3G3A35185T0tKZJJI.roa (raw, json)
Hash identifier: nhTOFJl+BNTLPX0qKCStucOsXhJnbDzYKk27CpicD5Y=
Subject key identifier: D0:F9:09:59:9F:1D:3B:1D:C6:DC:0D:F9:D7:CE:53:D2:D2:99:24:92
Certificate issuer: /CN=a97498e063cbb9a3efbfe706beec3a0c3a6f7294
Certificate serial: 01857246DF2E4E8B1D288E5AFDFBBE78FB98
Authority key identifier: A9:74:98:E0:63:CB:B9:A3:EF:BF:E7:06:BE:EC:3A:0C:3A:6F:72:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qXSY4GPLuaPvv-cGvuw6DDpvcpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/7ee55c-6952-4a64-b0a6-fe15c1c5aea1/1/0PkJWZ8dOx3G3A35185T0tKZJJI.roa
Signing time: Mon 02 Jan 2023 11:38:45 +0000
ROA not before: Mon 02 Jan 2023 11:38:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207801
IP address blocks: 2a0f:bf00:80::/42 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:df:2e:4e:8b:1d:28:8e:5a:fd:fb:be:78:fb:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a97498e063cbb9a3efbfe706beec3a0c3a6f7294
Validity
Not Before: Jan 2 11:38:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0f909599f1d3b1dc6dc0df9d7ce53d2d2992492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:da:35:9f:5e:6a:df:46:d6:07:f3:a1:9b:22:
04:5b:ff:40:63:45:09:04:26:94:1c:ac:16:1c:82:
b1:bf:1d:c2:1d:0a:bd:3e:d7:20:68:27:8f:c8:eb:
05:41:ff:87:03:f1:2b:b4:bb:c9:02:2c:a2:b6:f1:
62:44:86:c0:e2:4b:cd:50:32:6e:26:43:6f:47:19:
bf:8d:9f:d3:4d:ff:13:9f:ea:a0:08:6c:0b:50:53:
53:dd:c6:47:71:54:d6:bb:5d:d7:45:3c:94:68:bc:
5d:9f:8f:4d:99:0e:28:2a:ad:7d:96:83:cf:84:0b:
26:e1:b4:cc:9a:64:bc:cc:83:c9:47:fa:33:12:e7:
9b:53:ce:24:6c:7e:60:f2:ad:42:79:96:71:b8:10:
da:2b:9f:80:bb:3e:d2:04:08:c5:9e:26:21:d0:a1:
e3:7f:10:04:cd:17:f9:29:48:d8:a6:c3:1b:ec:f5:
c8:8c:78:8c:00:28:fc:ce:40:ff:56:92:58:17:10:
aa:15:c8:e9:18:3f:2f:a9:eb:68:e6:00:9a:52:2d:
80:d1:6c:51:22:27:16:b8:85:81:48:e1:32:a7:7f:
08:79:d6:f5:96:da:f5:ea:49:c5:99:11:21:95:af:
9b:37:f3:e5:21:64:cd:ac:d8:52:7b:08:fe:6b:75:
a0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F9:09:59:9F:1D:3B:1D:C6:DC:0D:F9:D7:CE:53:D2:D2:99:24:92
X509v3 Authority Key Identifier:
keyid:A9:74:98:E0:63:CB:B9:A3:EF:BF:E7:06:BE:EC:3A:0C:3A:6F:72:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qXSY4GPLuaPvv-cGvuw6DDpvcpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7ee55c-6952-4a64-b0a6-fe15c1c5aea1/1/0PkJWZ8dOx3G3A35185T0tKZJJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/7ee55c-6952-4a64-b0a6-fe15c1c5aea1/1/qXSY4GPLuaPvv-cGvuw6DDpvcpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:bf00:80::/42
Signature Algorithm: sha256WithRSAEncryption
36:eb:36:95:07:94:26:f0:d2:79:1f:aa:50:8a:c8:c5:87:4b:
2f:c7:87:c2:c4:d0:8c:31:53:77:3a:10:bf:2f:04:35:0c:5f:
e6:18:88:03:f4:32:11:3c:b6:00:3b:9e:20:0e:a8:8b:29:89:
c6:68:53:09:3e:7c:5d:4c:db:e6:3b:54:c6:a7:de:6d:95:2e:
21:07:7b:78:3a:1f:13:81:38:2f:3d:9c:84:75:03:61:7f:17:
be:30:08:16:bd:75:41:be:65:d9:b0:fc:b0:56:18:33:a7:7e:
2e:88:4b:a0:70:0e:9b:3c:ed:81:b5:fc:e2:67:60:4b:b4:53:
6f:c8:ac:c5:79:29:c2:ef:0b:78:e7:2e:af:3b:f2:51:d9:eb:
ca:50:20:4b:01:fa:78:b8:97:3e:d3:f8:97:e2:b2:93:88:63:
06:71:1c:45:b1:fc:43:bf:87:9a:0f:1f:29:42:84:6e:ae:7c:
23:7e:28:1a:74:1c:14:66:79:2e:8f:7c:d0:48:0c:6a:bc:ff:
bb:7d:ed:b7:65:65:6e:ab:e5:05:f7:f7:7d:6d:38:a6:bd:c1:
e9:19:dd:82:2e:a6:23:db:1a:ca:43:fa:9d:29:0a:b1:87:38:
b3:30:61:f9:83:2e:36:f1:5b:25:e5:b6:eb:33:63:25:62:c8:
85:ba:30:0e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyRt8uTosdKI5a/fu+ePuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NzQ5OGUwNjNjYmI5YTNlZmJmZTcwNmJlZWMzYTBjM2E2
ZjcyOTQwHhcNMjMwMTAyMTEzODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGY5MDk1OTlmMWQzYjFkYzZkYzBkZjlkN2NlNTNkMmQyOTkyNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9o1n15q30bWB/OhmyIEW/9AY0UJ
BCaUHKwWHIKxvx3CHQq9PtcgaCePyOsFQf+HA/ErtLvJAiyitvFiRIbA4kvNUDJu
JkNvRxm/jZ/TTf8Tn+qgCGwLUFNT3cZHcVTWu13XRTyUaLxdn49NmQ4oKq19loPP
hAsm4bTMmmS8zIPJR/ozEuebU84kbH5g8q1CeZZxuBDaK5+Auz7SBAjFniYh0KHj
fxAEzRf5KUjYpsMb7PXIjHiMACj8zkD/VpJYFxCqFcjpGD8vqeto5gCaUi2A0WxR
IicWuIWBSOEyp38Iedb1ltr16knFmREhla+bN/PlIWTNrNhSewj+a3WgvwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFND5CVmfHTsdxtwN+dfOU9LSmSSSMB8GA1UdIwQY
MBaAFKl0mOBjy7mj77/nBr7sOgw6b3KUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVhTWTRHUEx1YVB2di1jR3Z1dzZERHB2Y3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS83ZWU1NWMtNjk1Mi00YTY0LWIwYTYt
ZmUxNWMxYzVhZWExLzEvMFBrSldaOGRPeDNHM0EzNTE4NVQwdEtaSkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS83ZWU1NWMtNjk1Mi00YTY0LWIwYTYtZmUxNWMxYzVhZWEx
LzEvcVhTWTRHUEx1YVB2di1jR3Z1dzZERHB2Y3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKg+/AACA
MA0GCSqGSIb3DQEBCwUAA4IBAQA26zaVB5Qm8NJ5H6pQisjFh0svx4fCxNCMMVN3
OhC/LwQ1DF/mGIgD9DIRPLYAO54gDqiLKYnGaFMJPnxdTNvmO1TGp95tlS4hB3t4
Oh8TgTgvPZyEdQNhfxe+MAgWvXVBvmXZsPywVhgzp34uiEugcA6bPO2BtfziZ2BL
tFNvyKzFeSnC7wt45y6vO/JR2evKUCBLAfp4uJc+0/iX4rKTiGMGcRxFsfxDv4ea
Dx8pQoRurnwjfigadBwUZnkuj3zQSAxqvP+7fe23ZWVuq+UF9/d9bTimvcHpGd2C
LqYj2xrKQ/qdKQqxhzizMGH5gy428Vsl5bbrM2MlYsiFujAO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:22 2025 by rpki-client