Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/2EJeRyglq_bitBoLjmGYPseJnFw.roa
File: 2EJeRyglq_bitBoLjmGYPseJnFw.roa (raw, json)
Hash identifier: iq09eKCl0P4CUfqAdcU4qbrkeTmb5Gthd2g1mHR44NI=
Subject key identifier: D8:42:5E:47:28:25:AB:F6:E2:B4:1A:0B:8E:61:98:3E:C7:89:9C:5C
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 019420D62E42B711150336A9409F2B6D58EA
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/2EJeRyglq_bitBoLjmGYPseJnFw.roa
Signing time: Wed 01 Jan 2025 07:48:15 +0000
ROA not before: Wed 01 Jan 2025 07:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209334
IP address blocks: 2a0d:f407:1001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:2e:42:b7:11:15:03:36:a9:40:9f:2b:6d:58:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 1 07:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8425e472825abf6e2b41a0b8e61983ec7899c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:79:1b:37:0e:54:52:03:fc:7d:e3:fe:be:f6:
8c:e5:56:6d:1d:2f:ab:b3:0c:ca:5b:f2:fd:7d:fb:
d0:42:c4:b5:1a:d1:2d:44:c6:fb:15:c4:90:ca:8c:
e6:6d:c4:4f:2e:8d:44:5c:0e:65:08:5b:a8:87:0b:
44:98:71:21:d9:0d:db:1e:1f:3c:68:f7:2c:31:61:
3b:3c:80:b6:ce:fc:bb:47:4c:2c:a9:66:f1:06:0a:
02:ce:65:d4:49:a2:7e:e0:e0:ba:ae:a4:9c:d1:8b:
72:ac:67:83:2d:1b:b9:d9:e5:8e:cf:e5:d5:df:ab:
bd:3e:3a:d0:04:fa:a6:46:a9:6b:17:6c:1a:e4:bc:
d1:ca:11:b5:23:4d:d4:92:e1:f6:dd:05:b6:0b:16:
44:5d:35:de:82:c6:18:68:5e:c2:1e:7e:e8:db:16:
a5:89:6c:74:67:70:e5:ac:17:be:52:9c:60:43:65:
38:3c:b6:e4:af:bf:6e:62:ef:3d:6a:7c:89:c1:17:
cd:37:60:b6:73:64:2f:32:91:84:8a:7f:b8:9f:ce:
98:f2:0b:10:4b:e9:78:ee:4c:68:6e:88:89:8f:ae:
37:58:c6:3a:d5:0d:80:da:c7:99:ba:e1:70:63:9e:
30:31:89:d6:a3:19:42:73:05:0a:e2:f9:af:9f:16:
16:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:42:5E:47:28:25:AB:F6:E2:B4:1A:0B:8E:61:98:3E:C7:89:9C:5C
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/2EJeRyglq_bitBoLjmGYPseJnFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:f407:1001::/48
Signature Algorithm: sha256WithRSAEncryption
8a:6c:9e:96:ac:30:38:fe:cc:7d:96:c6:3b:e3:cb:f6:1c:99:
29:2c:5a:bd:c3:cd:74:46:68:c6:0a:c0:f6:f3:9e:bc:ac:0f:
a9:ca:a0:01:7c:fe:15:4e:97:bf:52:ed:2f:bb:98:8b:7b:13:
40:84:79:d9:1b:0e:ff:06:1b:aa:25:f8:c6:1e:72:db:17:8b:
af:f1:ae:23:7d:ca:c2:96:37:7d:62:12:20:3e:4e:15:03:4b:
63:e1:47:a5:c0:22:9c:e7:bf:df:a5:84:4e:14:1d:ac:4d:44:
c0:13:38:71:71:d2:b1:c6:7a:cd:ee:7a:8a:07:18:81:77:29:
e0:9e:14:4a:fc:45:7f:b1:fc:5e:6a:2a:16:08:96:90:a4:33:
d2:ae:75:24:a2:b5:78:ee:50:d4:0d:d0:88:13:e9:90:c4:ad:
7b:ea:ee:cc:5d:7d:1e:01:10:ab:1e:b2:98:62:3c:92:ae:7a:
59:ee:43:93:07:39:73:87:38:ec:e2:4c:63:ad:3e:bf:bb:31:
c3:4b:62:81:15:8d:19:af:f1:37:25:a0:9e:d4:e7:d5:73:8b:
17:09:0d:11:76:70:d2:22:dd:da:13:ba:8c:f8:88:fc:29:15:
92:b1:ca:06:de:c8:af:fd:b2:c8:bd:63:9d:56:31:65:d5:b1:
81:c0:66:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1i5CtxEVAzapQJ8rbVjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwMTAxMDc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQyNWU0NzI4MjVhYmY2ZTJiNDFhMGI4ZTYxOTgzZWM3ODk5YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHkbNw5UUgP8feP+vvaM5VZtHS+r
swzKW/L9ffvQQsS1GtEtRMb7FcSQyozmbcRPLo1EXA5lCFuohwtEmHEh2Q3bHh88
aPcsMWE7PIC2zvy7R0wsqWbxBgoCzmXUSaJ+4OC6rqSc0YtyrGeDLRu52eWOz+XV
36u9PjrQBPqmRqlrF2wa5LzRyhG1I03UkuH23QW2CxZEXTXegsYYaF7CHn7o2xal
iWx0Z3DlrBe+UpxgQ2U4PLbkr79uYu89anyJwRfNN2C2c2QvMpGEin+4n86Y8gsQ
S+l47kxoboiJj643WMY61Q2A2seZuuFwY54wMYnWoxlCcwUK4vmvnxYWpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNhCXkcoJav24rQaC45hmD7HiZxcMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvMkVKZVJ5Z2xxX2JpdEJvTGptR1lQc2VKbkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg30BxAB
MA0GCSqGSIb3DQEBCwUAA4IBAQCKbJ6WrDA4/sx9lsY748v2HJkpLFq9w810RmjG
CsD28568rA+pyqABfP4VTpe/Uu0vu5iLexNAhHnZGw7/BhuqJfjGHnLbF4uv8a4j
fcrCljd9YhIgPk4VA0tj4UelwCKc57/fpYROFB2sTUTAEzhxcdKxxnrN7nqKBxiB
dyngnhRK/EV/sfxeaioWCJaQpDPSrnUkorV47lDUDdCIE+mQxK176u7MXX0eARCr
HrKYYjySrnpZ7kOTBzlzhzjs4kxjrT6/uzHDS2KBFY0Zr/E3JaCe1OfVc4sXCQ0R
dnDSIt3aE7qM+Ij8KRWSscoG3siv/bLIvWOdVjFl1bGBwGbO
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:34:27 2025 by rpki-client