Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/VpDc8u2rAhCHY8dw5A-uURm2uTo.roa
File: VpDc8u2rAhCHY8dw5A-uURm2uTo.roa (raw, json)
Hash identifier: TnPUye+699meF5Ik4Elk4nVoV3KO8X7ti0DlB40uigY=
Subject key identifier: 56:90:DC:F2:ED:AB:02:10:87:63:C7:70:E4:0F:AE:51:19:B6:B9:3A
Certificate issuer: /CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Certificate serial: 019421B2308A0AA4802BF3CC8DF02E1D42B7
Authority key identifier: 81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/VpDc8u2rAhCHY8dw5A-uURm2uTo.roa
Signing time: Wed 01 Jan 2025 11:48:33 +0000
ROA not before: Wed 01 Jan 2025 11:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a0f:3787::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:30:8a:0a:a4:80:2b:f3:cc:8d:f0:2e:1d:42:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8133d89c06a8a1cc9dbc362201f7ec559d7fdd48
Validity
Not Before: Jan 1 11:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5690dcf2edab02108763c770e40fae5119b6b93a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2c:75:25:b4:9c:3e:c4:3e:de:4d:56:59:b5:
46:cb:e9:d6:34:81:77:f9:42:cf:5b:a6:56:5f:ad:
7d:25:a0:2c:30:b5:f1:90:e3:dd:4b:98:c7:e8:99:
45:10:4c:93:b2:9f:b2:18:3a:f1:0a:29:6c:5e:53:
21:e6:25:75:a2:5e:1b:9e:10:43:05:81:68:9c:d3:
c1:a8:c5:34:a8:1e:9b:c9:8f:00:ca:97:9b:46:6f:
71:54:e0:de:48:70:75:4b:82:2b:48:8f:e6:66:7e:
8a:63:cd:09:58:74:06:25:c8:56:be:49:fa:89:c7:
38:53:5a:7d:d4:8e:a5:d6:d6:df:6f:a8:a6:5d:14:
06:1b:e6:a1:b8:76:f3:60:df:fb:c5:17:49:aa:e2:
78:a1:9a:75:41:71:d1:85:c5:de:88:59:f2:53:8f:
83:86:be:88:56:df:ac:e3:0a:6f:db:f1:c7:46:9c:
e8:e0:aa:8d:3c:df:0e:2b:38:14:e9:d1:91:01:e5:
fc:fa:f3:f4:f1:52:bb:4e:7f:36:a4:d9:02:b4:1d:
6d:ca:2e:06:df:3e:90:ad:1f:30:9d:a6:a2:f7:1f:
cc:5f:55:27:7e:72:99:58:df:33:80:f0:cf:ed:04:
c1:63:53:25:96:f0:15:59:71:5d:e7:19:95:40:0e:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:90:DC:F2:ED:AB:02:10:87:63:C7:70:E4:0F:AE:51:19:B6:B9:3A
X509v3 Authority Key Identifier:
keyid:81:33:D8:9C:06:A8:A1:CC:9D:BC:36:22:01:F7:EC:55:9D:7F:DD:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gTPYnAaoocydvDYiAffsVZ1_3Ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/VpDc8u2rAhCHY8dw5A-uURm2uTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/e90ff2-6c91-4eb8-a4b1-c5febe487c40/1/gTPYnAaoocydvDYiAffsVZ1_3Ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3787::/32
Signature Algorithm: sha256WithRSAEncryption
08:df:f4:49:99:4b:24:28:3b:a4:c5:45:1c:35:db:30:42:00:
87:82:6b:62:f3:19:50:d2:5c:e7:8e:4a:da:08:be:d2:db:80:
ad:40:be:e0:ca:21:2e:1d:c9:47:56:ae:ab:4e:89:09:8f:ff:
e1:65:f1:7f:88:f0:dc:92:74:30:32:9b:d3:95:a5:2c:73:98:
50:de:bb:bd:4f:ba:c5:e2:69:e2:fb:c9:bb:84:b2:7f:59:de:
5c:f3:e4:41:7d:8b:97:1a:4f:44:ff:a6:a2:1f:b6:85:13:8a:
c9:20:e6:c7:30:25:ac:47:79:f8:55:3c:27:1f:47:a9:c8:2a:
ff:01:fb:02:e8:4c:db:69:20:6f:bb:be:e7:fc:b6:52:e4:29:
25:77:a7:0f:25:a9:49:04:15:52:50:cf:2a:bd:b2:ec:87:ea:
2e:30:83:b5:5f:9b:92:fc:26:0c:a4:59:2e:bf:96:a1:a8:74:
d5:3c:17:8d:cd:01:d6:d5:ed:76:17:ae:0c:43:1b:41:ca:75:
11:8c:3a:18:90:1d:43:dd:bd:60:5e:53:41:3f:9d:20:80:6e:
c1:a7:da:81:f5:88:14:5d:99:f0:7a:6d:0f:3e:cf:19:3e:0f:
00:bc:cb:f8:31:b0:91:10:dc:70:7b:b3:8d:86:ea:dc:53:0c:
60:e2:3b:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhsjCKCqSAK/PMjfAuHUK3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMzNkODljMDZhOGExY2M5ZGJjMzYyMjAxZjdlYzU1OWQ3
ZmRkNDgwHhcNMjUwMTAxMTE0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjkwZGNmMmVkYWIwMjEwODc2M2M3NzBlNDBmYWU1MTE5YjZiOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yx1JbScPsQ+3k1WWbVGy+nWNIF3
+ULPW6ZWX619JaAsMLXxkOPdS5jH6JlFEEyTsp+yGDrxCilsXlMh5iV1ol4bnhBD
BYFonNPBqMU0qB6byY8AypebRm9xVODeSHB1S4IrSI/mZn6KY80JWHQGJchWvkn6
icc4U1p91I6l1tbfb6imXRQGG+ahuHbzYN/7xRdJquJ4oZp1QXHRhcXeiFnyU4+D
hr6IVt+s4wpv2/HHRpzo4KqNPN8OKzgU6dGRAeX8+vP08VK7Tn82pNkCtB1tyi4G
3z6QrR8wnaai9x/MX1UnfnKZWN8zgPDP7QTBY1MllvAVWXFd5xmVQA75KQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFaQ3PLtqwIQh2PHcOQPrlEZtrk6MB8GA1UdIwQY
MBaAFIEz2JwGqKHMnbw2IgH37FWdf91IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEt
YzVmZWJlNDg3YzQwLzEvVnBEYzh1MnJBaENIWThkdzVBLXVVUm0ydVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9lOTBmZjItNmM5MS00ZWI4LWE0YjEtYzVmZWJlNDg3YzQw
LzEvZ1RQWW5BYW9vY3lkdkRZaUFmZnNWWjFfM1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg83hzAN
BgkqhkiG9w0BAQsFAAOCAQEACN/0SZlLJCg7pMVFHDXbMEIAh4JrYvMZUNJc545K
2gi+0tuArUC+4MohLh3JR1auq06JCY//4WXxf4jw3JJ0MDKb05WlLHOYUN67vU+6
xeJp4vvJu4Syf1neXPPkQX2LlxpPRP+moh+2hROKySDmxzAlrEd5+FU8Jx9Hqcgq
/wH7AuhM22kgb7u+5/y2UuQpJXenDyWpSQQVUlDPKr2y7IfqLjCDtV+bkvwmDKRZ
Lr+Woah01TwXjc0B1tXtdheuDEMbQcp1EYw6GJAdQ929YF5TQT+dIIBuwafagfWI
FF2Z8HptDz7PGT4PALzL+DGwkRDccHuzjYbq3FMMYOI7og==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:02 2025 by rpki-client