Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/D6cOOwuzIu0b1VD3IEBzEJwwwCo.roa
File: D6cOOwuzIu0b1VD3IEBzEJwwwCo.roa (raw, json)
Hash identifier: v5PJLnM3bwyGnG1xvGzcUgGuOEM5ARi6RIpoEpY7P4s=
Subject key identifier: 0F:A7:0E:3B:0B:B3:22:ED:1B:D5:50:F7:20:40:73:10:9C:30:C0:2A
Certificate issuer: /CN=b464e0af28b755c4ec88010d94298697d1883933
Certificate serial: 0194221FE740DAEF3F11154C55639B6FC4D0
Authority key identifier: B4:64:E0:AF:28:B7:55:C4:EC:88:01:0D:94:29:86:97:D1:88:39:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGTgryi3VcTsiAENlCmGl9GIOTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/D6cOOwuzIu0b1VD3IEBzEJwwwCo.roa
Signing time: Wed 01 Jan 2025 13:48:23 +0000
ROA not before: Wed 01 Jan 2025 13:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208641
IP address blocks: 2.56.12.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:e7:40:da:ef:3f:11:15:4c:55:63:9b:6f:c4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b464e0af28b755c4ec88010d94298697d1883933
Validity
Not Before: Jan 1 13:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fa70e3b0bb322ed1bd550f7204073109c30c02a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:79:14:30:c1:b1:1c:69:a5:e1:37:fe:76:8b:
8b:12:60:4b:1a:b7:9c:53:2e:8e:69:f1:30:ec:d2:
c0:10:6e:a8:e7:38:35:c4:8e:0e:8b:1c:09:19:5c:
49:5c:5f:10:92:3c:cc:d0:78:3c:ca:b1:0d:ba:1a:
23:88:a3:9a:af:dd:7c:5b:70:05:04:9b:bf:be:f6:
d4:1f:04:9c:eb:9f:f6:3a:84:1e:fc:dd:ff:09:27:
64:73:a8:b1:9e:27:a4:75:ed:32:16:8d:96:38:bd:
57:3a:be:9c:d6:00:2f:26:3f:63:0d:4c:c9:ae:e1:
35:73:8c:79:64:f4:d9:08:c0:f3:9a:0b:f5:08:58:
e0:63:7c:bb:c2:52:22:e4:e6:c3:13:98:be:66:31:
9e:77:6e:6d:a7:ff:3b:fc:d9:d7:89:de:a6:ed:38:
7b:01:5e:f9:2e:6e:c9:2e:15:e5:c0:e9:b7:12:38:
fd:33:e6:3d:0b:95:e5:69:df:d0:0c:5f:42:1c:2c:
74:bc:43:8b:05:15:bc:df:67:60:86:42:9e:4d:f3:
f7:c8:11:f6:9e:2d:fd:63:df:32:bc:a8:20:ec:53:
1e:55:2d:26:58:36:aa:c2:3c:5d:cb:b4:e6:1d:5b:
dd:cf:3b:e1:28:e6:d7:94:c0:32:41:93:bd:e9:0f:
52:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A7:0E:3B:0B:B3:22:ED:1B:D5:50:F7:20:40:73:10:9C:30:C0:2A
X509v3 Authority Key Identifier:
keyid:B4:64:E0:AF:28:B7:55:C4:EC:88:01:0D:94:29:86:97:D1:88:39:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGTgryi3VcTsiAENlCmGl9GIOTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/D6cOOwuzIu0b1VD3IEBzEJwwwCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/0caa6d-109e-45f3-a932-475c5c91f474/1/tGTgryi3VcTsiAENlCmGl9GIOTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.12.0/23
Signature Algorithm: sha256WithRSAEncryption
66:81:0c:9d:ff:58:db:a4:ec:d2:db:2a:56:43:f3:26:e8:d8:
05:5a:4a:85:78:05:93:6a:75:a6:94:d8:87:4c:25:41:97:d1:
82:b0:a7:a7:3a:6c:b5:fc:95:94:b9:96:35:32:f9:f6:d5:c3:
b8:f9:f9:f3:7a:58:d9:a4:1e:56:3b:16:21:0d:31:c3:14:73:
b6:e5:9e:aa:f2:9d:3b:ae:0e:8d:76:bb:2e:4c:45:62:5d:3d:
e7:44:04:a5:0e:a7:c0:a2:1c:f2:6d:96:1f:4c:d7:26:93:3f:
30:f1:d9:08:7f:da:e4:16:b2:ea:ca:56:64:0b:a6:f3:77:09:
37:00:13:03:f8:f6:7f:20:a8:62:aa:d0:3c:9c:4c:3a:73:d1:
42:9c:89:f1:d9:20:2a:f4:44:3e:4d:fd:53:6c:e4:6c:5a:07:
c8:c9:89:a6:74:ba:90:62:eb:d2:2a:c9:ee:c5:3f:ab:f3:cc:
b1:d8:57:74:2b:43:2d:48:91:9e:bb:e3:6b:89:9d:06:0b:ba:
33:43:f3:a0:d4:03:1d:ac:a0:bc:cd:fe:cf:e2:14:4c:37:8a:
bf:32:55:f6:4a:68:70:d4:ea:25:9c:c3:ba:59:22:50:d5:ff:
1d:7f:30:13:08:19:af:35:44:e4:0a:21:7b:5b:a1:17:97:7e:
cf:a9:3d:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH+dA2u8/ERVMVWObb8TQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjRlMGFmMjhiNzU1YzRlYzg4MDEwZDk0Mjk4Njk3ZDE4
ODM5MzMwHhcNMjUwMTAxMTM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmE3MGUzYjBiYjMyMmVkMWJkNTUwZjcyMDQwNzMxMDljMzBjMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXkUMMGxHGml4Tf+douLEmBLGrec
Uy6OafEw7NLAEG6o5zg1xI4OixwJGVxJXF8QkjzM0Hg8yrENuhojiKOar918W3AF
BJu/vvbUHwSc65/2OoQe/N3/CSdkc6ixniekde0yFo2WOL1XOr6c1gAvJj9jDUzJ
ruE1c4x5ZPTZCMDzmgv1CFjgY3y7wlIi5ObDE5i+ZjGed25tp/87/NnXid6m7Th7
AV75Lm7JLhXlwOm3Ejj9M+Y9C5Xlad/QDF9CHCx0vEOLBRW832dghkKeTfP3yBH2
ni39Y98yvKgg7FMeVS0mWDaqwjxdy7TmHVvdzzvhKObXlMAyQZO96Q9SIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+nDjsLsyLtG9VQ9yBAcxCcMMAqMB8GA1UdIwQY
MBaAFLRk4K8ot1XE7IgBDZQphpfRiDkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdUZ3J5aTNWY1RzaUFFTmxDbUdsOUdJT1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wY2FhNmQtMTA5ZS00NWYzLWE5MzIt
NDc1YzVjOTFmNDc0LzEvRDZjT093dXpJdTBiMVZEM0lFQnpFSnd3d0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wY2FhNmQtMTA5ZS00NWYzLWE5MzItNDc1YzVjOTFmNDc0
LzEvdEdUZ3J5aTNWY1RzaUFFTmxDbUdsOUdJT1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjgMMA0G
CSqGSIb3DQEBCwUAA4IBAQBmgQyd/1jbpOzS2ypWQ/Mm6NgFWkqFeAWTanWmlNiH
TCVBl9GCsKenOmy1/JWUuZY1Mvn21cO4+fnzeljZpB5WOxYhDTHDFHO25Z6q8p07
rg6NdrsuTEViXT3nRASlDqfAohzybZYfTNcmkz8w8dkIf9rkFrLqylZkC6bzdwk3
ABMD+PZ/IKhiqtA8nEw6c9FCnInx2SAq9EQ+Tf1TbORsWgfIyYmmdLqQYuvSKsnu
xT+r88yx2Fd0K0MtSJGeu+NriZ0GC7ozQ/Og1AMdrKC8zf7P4hRMN4q/MlX2Smhw
1OolnMO6WSJQ1f8dfzATCBmvNUTkCiF7W6EXl37PqT0o
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:19 2025 by rpki-client