Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/3cvNvdSi3XGnlgqLMUXhh7Fbsns.roa
File: 3cvNvdSi3XGnlgqLMUXhh7Fbsns.roa (raw, json)
Hash identifier: RjSiDuOGFmz06JKyEcD4gXSDvTvwzOibXX44/BaGwzM=
Subject key identifier: DD:CB:CD:BD:D4:A2:DD:71:A7:96:0A:8B:31:45:E1:87:B1:5B:B2:7B
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 019421B22AEEB2F5757786EE4A6B58BB3CC9
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/3cvNvdSi3XGnlgqLMUXhh7Fbsns.roa
Signing time: Wed 01 Jan 2025 11:48:32 +0000
ROA not before: Wed 01 Jan 2025 11:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208861
IP address blocks: 2a09:da00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:2a:ee:b2:f5:75:77:86:ee:4a:6b:58:bb:3c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Jan 1 11:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddcbcdbdd4a2dd71a7960a8b3145e187b15bb27b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:35:f0:0b:36:64:9b:ea:4c:92:27:c0:14:00:
ac:83:e2:e9:b1:eb:5e:92:b1:57:a2:aa:52:87:de:
60:6c:c5:4f:48:c3:70:5b:ba:fe:e2:a4:f0:e1:5e:
1a:9f:9c:3e:61:4c:91:79:4e:b2:7d:d6:1e:eb:3d:
fd:bb:24:87:4c:44:50:c9:a9:d5:e7:b4:97:0a:f4:
74:43:f5:ac:99:61:29:96:de:27:bb:10:fc:82:79:
b4:b6:2f:e2:9a:85:58:98:d9:6a:17:07:8d:72:33:
f5:24:a7:72:70:8f:ad:0f:dd:33:8c:47:ae:54:89:
49:75:cc:4e:8c:8a:f7:b6:80:77:1e:56:48:1f:2a:
b9:2f:5e:81:d1:94:d8:1b:b7:05:dd:f1:83:69:75:
26:47:81:fd:03:0b:b9:26:70:8e:d6:10:cd:d2:dd:
35:e2:e4:d5:32:b8:c5:7e:81:04:9b:bb:48:f9:9d:
89:0d:4f:af:da:95:8e:6b:5b:00:47:7a:64:3f:12:
63:b8:e5:8a:e4:f1:9e:7c:d2:0f:88:19:e3:f9:21:
55:46:ae:b8:5b:89:a0:0e:7b:47:53:b7:ba:4d:67:
de:9b:ae:5e:ba:16:57:96:ff:0d:01:1d:32:d0:7e:
97:c0:0b:39:8f:65:1f:6b:63:eb:01:30:b1:dc:3e:
59:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:CB:CD:BD:D4:A2:DD:71:A7:96:0A:8B:31:45:E1:87:B1:5B:B2:7B
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/3cvNvdSi3XGnlgqLMUXhh7Fbsns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:da00::/29
Signature Algorithm: sha256WithRSAEncryption
43:55:03:6f:d5:16:0c:ba:ca:9a:f8:6f:90:48:3c:cb:a3:d8:
d5:31:00:4c:e7:d1:7f:38:74:85:cd:8e:23:c1:32:a1:45:2b:
05:38:51:8f:34:20:52:57:82:f3:5e:61:ba:ee:bb:92:73:d5:
4b:ea:f9:92:e6:0a:dd:89:1c:c4:c6:70:f2:e3:8a:2b:ea:7a:
da:aa:02:d7:71:98:3b:79:a8:8a:eb:fe:cc:29:60:c6:c8:69:
ca:24:9e:a4:ef:86:4d:8d:1a:c4:94:43:84:1f:46:57:3f:64:
33:a0:7a:08:39:f5:dc:37:f6:c6:ae:91:07:57:60:2a:fb:40:
42:7e:83:f7:94:56:33:32:b7:73:f0:10:a1:ab:fc:2c:b0:ff:
fb:bb:47:7c:1c:6d:47:49:73:29:9c:7a:a9:f4:83:bb:36:0b:
bd:36:98:7b:fe:6b:51:26:3c:74:4e:d7:6b:ab:34:fa:40:78:
1c:22:e4:2d:32:97:8f:92:c6:73:00:99:42:ae:5e:53:da:8a:
b0:e8:54:87:dc:d8:79:bf:6e:35:1b:a8:c0:92:cb:f0:66:f2:
66:3d:ad:5c:6b:03:a8:af:f0:12:9d:b2:b0:8c:d3:6e:04:9c:
8e:fc:47:fe:05:16:0f:29:e6:0a:05:2e:00:65:0f:48:23:63:
11:76:e7:82
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhsirusvV1d4buSmtYuzzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjUwMTAxMTE0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGNiY2RiZGQ0YTJkZDcxYTc5NjBhOGIzMTQ1ZTE4N2IxNWJiMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDXwCzZkm+pMkifAFACsg+Lpsete
krFXoqpSh95gbMVPSMNwW7r+4qTw4V4an5w+YUyReU6yfdYe6z39uySHTERQyanV
57SXCvR0Q/WsmWEplt4nuxD8gnm0ti/imoVYmNlqFweNcjP1JKdycI+tD90zjEeu
VIlJdcxOjIr3toB3HlZIHyq5L16B0ZTYG7cF3fGDaXUmR4H9Awu5JnCO1hDN0t01
4uTVMrjFfoEEm7tI+Z2JDU+v2pWOa1sAR3pkPxJjuOWK5PGefNIPiBnj+SFVRq64
W4mgDntHU7e6TWfem65euhZXlv8NAR0y0H6XwAs5j2Ufa2PrATCx3D5ZEQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN3Lzb3Uot1xp5YKizFF4YexW7J7MB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvM2N2TnZkU2kzWEdubGdxTE1VWGhoN0Zic25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgnaADAN
BgkqhkiG9w0BAQsFAAOCAQEAQ1UDb9UWDLrKmvhvkEg8y6PY1TEATOfRfzh0hc2O
I8EyoUUrBThRjzQgUleC815huu67knPVS+r5kuYK3YkcxMZw8uOKK+p62qoC13GY
O3moiuv+zClgxshpyiSepO+GTY0axJRDhB9GVz9kM6B6CDn13Df2xq6RB1dgKvtA
Qn6D95RWMzK3c/AQoav8LLD/+7tHfBxtR0lzKZx6qfSDuzYLvTaYe/5rUSY8dE7X
a6s0+kB4HCLkLTKXj5LGcwCZQq5eU9qKsOhUh9zYeb9uNRuowJLL8GbyZj2tXGsD
qK/wEp2ysIzTbgScjvxH/gUWDynmCgUuAGUPSCNjEXbngg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:16:57 2025 by rpki-client