Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/0FvyRdwuNrCgMP49Gm05_Jf24wo.roa
File: 0FvyRdwuNrCgMP49Gm05_Jf24wo.roa (raw, json)
Hash identifier: VrNtxHJD5r4AAcIekiYzDFEjX0OLNvQVaPqP96ejauo=
Subject key identifier: D0:5B:F2:45:DC:2E:36:B0:A0:30:FE:3D:1A:6D:39:FC:97:F6:E3:0A
Certificate issuer: /CN=b360f0097be481c21bb1d51c85d44f6574158aa9
Certificate serial: 019420D63B397CA332D0210020E15F9DA4A9
Authority key identifier: B3:60:F0:09:7B:E4:81:C2:1B:B1:D5:1C:85:D4:4F:65:74:15:8A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s2DwCXvkgcIbsdUchdRPZXQViqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/0FvyRdwuNrCgMP49Gm05_Jf24wo.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 2a14:2a00::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3b:39:7c:a3:32:d0:21:00:20:e1:5f:9d:a4:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b360f0097be481c21bb1d51c85d44f6574158aa9
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d05bf245dc2e36b0a030fe3d1a6d39fc97f6e30a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:85:bd:aa:e4:bb:ed:4b:9a:8c:20:7f:49:bd:
3f:8b:cf:d4:95:d7:25:48:db:eb:d8:dc:97:41:a2:
72:6b:ca:df:0b:70:cc:15:41:a1:dd:16:26:67:32:
0d:6d:ba:36:70:b8:24:d9:90:e0:aa:b9:c8:3d:51:
94:ad:17:f8:25:68:ca:ff:8a:d3:00:ff:9f:4b:b2:
e9:fc:8f:ad:89:30:56:8d:8d:09:9c:b5:0d:dc:0c:
d7:01:17:96:05:74:57:d1:22:97:5a:57:32:e1:cb:
cb:52:43:36:40:d7:41:3e:f6:ae:f1:97:c1:d9:91:
9d:a7:9e:9a:d9:f3:b2:e2:bc:19:5b:9a:14:c7:b3:
ce:e7:93:8a:d7:83:7e:05:b3:e7:bc:75:f1:72:11:
89:bf:b3:0a:c6:22:fe:d2:39:bf:75:17:72:4a:61:
12:64:27:65:a9:6f:97:05:32:fb:2c:5e:63:3f:8a:
98:86:e6:61:76:48:b0:3b:9a:b2:b8:ae:d4:26:29:
cd:c6:b8:e8:f3:88:b5:40:65:72:32:ae:d4:2a:d2:
7b:2c:d9:cb:ac:61:18:81:1a:f9:c1:eb:11:52:e0:
e7:e3:9a:38:a0:96:e1:83:cf:d7:39:f1:a1:0e:77:
20:66:c0:94:ab:37:08:f4:c0:4b:64:8c:f4:cd:2a:
33:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:5B:F2:45:DC:2E:36:B0:A0:30:FE:3D:1A:6D:39:FC:97:F6:E3:0A
X509v3 Authority Key Identifier:
keyid:B3:60:F0:09:7B:E4:81:C2:1B:B1:D5:1C:85:D4:4F:65:74:15:8A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s2DwCXvkgcIbsdUchdRPZXQViqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/0FvyRdwuNrCgMP49Gm05_Jf24wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4aa5a7-8bec-4247-a15f-5a3612352b37/1/s2DwCXvkgcIbsdUchdRPZXQViqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:2a00::/40
Signature Algorithm: sha256WithRSAEncryption
85:83:d3:90:ab:49:5e:1b:46:aa:0c:7e:95:20:21:ad:cc:63:
83:4d:b9:95:33:18:d0:75:44:48:ce:fc:d7:b3:d2:4f:d6:a4:
54:dc:aa:85:7f:f2:a8:b7:03:9d:44:c4:24:1e:b7:80:c7:a1:
ac:a8:cd:a6:f3:72:d3:73:50:bc:e7:5b:d0:65:ae:45:eb:3e:
7a:e4:72:10:92:26:7a:e7:2f:a8:b3:da:f1:94:7c:56:df:11:
20:9e:68:ee:a5:e7:dc:8d:0f:b7:64:14:89:96:e7:03:67:af:
3a:22:6d:21:11:d7:6c:9b:97:33:68:29:68:e6:15:53:26:ab:
f5:4f:e1:b4:3e:35:ff:dd:af:58:a5:07:30:02:b0:e6:61:f4:
a7:77:ce:30:4c:08:d1:a6:31:52:3d:25:05:ba:46:d3:31:cc:
a7:e2:da:03:8b:6e:2a:a6:f0:32:7a:a6:6c:2a:82:66:73:34:
22:a0:67:e1:2c:2a:26:4d:b7:b3:47:2d:77:d5:83:98:3f:fc:
b9:22:28:5e:a1:83:64:87:fa:bf:9f:d8:a0:61:da:b0:4b:c9:
1d:3d:72:be:da:90:c9:54:72:eb:b2:d6:98:2a:93:2a:c8:0b:
88:9b:db:2a:93:92:d9:b9:49:2d:4c:fa:7e:72:01:34:d9:e8:
82:c6:01:d4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQg1js5fKMy0CEAIOFfnaSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNjBmMDA5N2JlNDgxYzIxYmIxZDUxYzg1ZDQ0ZjY1NzQx
NThhYTkwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDViZjI0NWRjMmUzNmIwYTAzMGZlM2QxYTZkMzlmYzk3ZjZlMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIW9quS77UuajCB/Sb0/i8/Uldcl
SNvr2NyXQaJya8rfC3DMFUGh3RYmZzINbbo2cLgk2ZDgqrnIPVGUrRf4JWjK/4rT
AP+fS7Lp/I+tiTBWjY0JnLUN3AzXAReWBXRX0SKXWlcy4cvLUkM2QNdBPvau8ZfB
2ZGdp56a2fOy4rwZW5oUx7PO55OK14N+BbPnvHXxchGJv7MKxiL+0jm/dRdySmES
ZCdlqW+XBTL7LF5jP4qYhuZhdkiwO5qyuK7UJinNxrjo84i1QGVyMq7UKtJ7LNnL
rGEYgRr5wesRUuDn45o4oJbhg8/XOfGhDncgZsCUqzcI9MBLZIz0zSozowIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNBb8kXcLjawoDD+PRptOfyX9uMKMB8GA1UdIwQY
MBaAFLNg8Al75IHCG7HVHIXUT2V0FYqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczJEd0NYdmtnY0lic2RVY2hkUlBaWFFWaXFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80YWE1YTctOGJlYy00MjQ3LWExNWYt
NWEzNjEyMzUyYjM3LzEvMEZ2eVJkd3VOckNnTVA0OUdtMDVfSmYyNHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80YWE1YTctOGJlYy00MjQ3LWExNWYtNWEzNjEyMzUyYjM3
LzEvczJEd0NYdmtnY0lic2RVY2hkUlBaWFFWaXFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhQqAAAw
DQYJKoZIhvcNAQELBQADggEBAIWD05CrSV4bRqoMfpUgIa3MY4NNuZUzGNB1REjO
/Nez0k/WpFTcqoV/8qi3A51ExCQet4DHoayozabzctNzULznW9BlrkXrPnrkchCS
JnrnL6iz2vGUfFbfESCeaO6l59yND7dkFImW5wNnrzoibSER12yblzNoKWjmFVMm
q/VP4bQ+Nf/dr1ilBzACsOZh9Kd3zjBMCNGmMVI9JQW6RtMxzKfi2gOLbiqm8DJ6
pmwqgmZzNCKgZ+EsKiZNt7NHLXfVg5g//LkiKF6hg2SH+r+f2KBh2rBLyR09cr7a
kMlUcuuy1pgqkyrIC4ib2yqTktm5SS1M+n5yATTZ6ILGAdQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:15:07 2025 by rpki-client