Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/cB7P3uMq5oDb1ksNePBP-sffv9Q.roa
File: cB7P3uMq5oDb1ksNePBP-sffv9Q.roa (raw, json)
Hash identifier: eqiJDPKJy7tNUYImg+AFsstabuX/5lTSD/30OzdNX3Y=
Subject key identifier: 70:1E:CF:DE:E3:2A:E6:80:DB:D6:4B:0D:78:F0:4F:FA:C7:DF:BF:D4
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 019567BAF2731F7928C47874721F11DD7A12
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/cB7P3uMq5oDb1ksNePBP-sffv9Q.roa
Signing time: Wed 05 Mar 2025 19:14:19 +0000
ROA not before: Wed 05 Mar 2025 19:14:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39673
IP address blocks: 2a0f:5fc0:dead::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:ba:f2:73:1f:79:28:c4:78:74:72:1f:11:dd:7a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Mar 5 19:14:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=701ecfdee32ae680dbd64b0d78f04ffac7dfbfd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8b:62:ae:ff:1d:5f:f4:16:11:de:52:3d:f5:
78:2a:24:a7:4b:a5:c9:51:b8:d1:c4:f1:c4:39:f0:
ca:85:cc:8c:de:80:b2:27:68:92:b9:3f:71:f6:ca:
f5:45:5f:78:48:67:37:d5:ff:df:b4:7f:46:c7:2a:
6e:15:3c:ee:a5:14:47:6e:a8:26:ff:29:46:30:d9:
c6:66:35:59:4e:9a:cb:b5:cb:90:d9:47:6b:cf:9b:
0f:0f:8f:22:78:e8:b6:2e:66:5b:3c:13:6c:d8:2a:
d2:5d:cc:0a:d5:53:32:8e:92:31:f3:10:86:fc:f8:
a9:db:1c:0c:f2:31:47:9d:94:5f:25:99:09:7d:6f:
32:24:b2:7b:42:3a:05:3a:91:21:a7:09:ea:28:ec:
e6:cf:b5:4e:25:bd:d1:72:c7:7b:7a:d0:93:ae:2e:
f5:17:67:b0:ca:7b:d1:32:a1:64:07:60:ad:ad:2c:
86:ac:e4:49:c8:fe:38:b8:92:f5:0c:89:6b:3a:8e:
03:bd:6d:40:69:71:40:93:fd:33:54:5b:96:b5:79:
1c:1d:55:22:4d:cd:12:1c:74:1c:92:29:41:16:e4:
4f:5d:88:7a:5b:56:0e:33:4c:69:e8:29:45:25:ae:
8f:88:97:a5:2d:e7:53:ef:60:1f:48:2c:c8:9e:92:
a9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:1E:CF:DE:E3:2A:E6:80:DB:D6:4B:0D:78:F0:4F:FA:C7:DF:BF:D4
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/cB7P3uMq5oDb1ksNePBP-sffv9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5fc0:dead::/48
Signature Algorithm: sha256WithRSAEncryption
bf:36:22:2b:ee:fe:52:d2:4a:9e:10:b7:39:4b:87:10:df:64:
9e:c5:38:ec:fd:17:24:a6:52:27:60:53:bf:ef:a0:dd:07:b7:
a2:7b:90:6c:e9:3e:8d:b1:8b:88:49:a2:f8:ae:98:e7:6e:a5:
f2:47:16:c7:9d:90:bf:72:96:12:44:e0:01:ee:05:04:85:d0:
0f:9b:e2:90:56:01:13:ca:21:1d:89:30:f3:3f:7c:53:3c:55:
da:2a:ea:40:e9:9e:aa:19:e1:1a:fb:f0:80:1f:cc:f6:c4:d4:
f4:da:8f:37:11:4f:a7:2f:d8:92:b2:88:99:fb:ad:84:c0:30:
73:10:ab:66:89:e6:db:9c:f6:ab:a3:83:d3:c9:7a:3b:53:30:
a7:ae:01:5e:28:9c:23:e2:08:f2:0c:9c:0f:da:98:99:e8:b4:
ac:46:fb:00:e8:d6:e3:35:16:d0:e1:9e:71:57:23:e6:19:d5:
55:2a:d7:13:ed:16:9b:ab:be:8e:2b:a2:a0:80:50:1f:03:96:
e9:fa:87:fa:a9:a3:c1:ff:e6:83:9a:75:ad:d0:36:dd:55:56:
7e:4a:bf:1d:93:c9:ef:6b:8a:06:bd:01:5c:d6:22:47:db:85:
63:7b:18:57:5b:4e:f4:d9:0a:ef:1a:ed:17:42:ef:a8:8c:e4:
fc:5e:1b:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZVnuvJzH3koxHh0ch8R3XoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjUwMzA1MTkxNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDFlY2ZkZWUzMmFlNjgwZGJkNjRiMGQ3OGYwNGZmYWM3ZGZiZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYtirv8dX/QWEd5SPfV4KiSnS6XJ
UbjRxPHEOfDKhcyM3oCyJ2iSuT9x9sr1RV94SGc31f/ftH9GxypuFTzupRRHbqgm
/ylGMNnGZjVZTprLtcuQ2Udrz5sPD48ieOi2LmZbPBNs2CrSXcwK1VMyjpIx8xCG
/Pip2xwM8jFHnZRfJZkJfW8yJLJ7QjoFOpEhpwnqKOzmz7VOJb3Rcsd7etCTri71
F2ewynvRMqFkB2CtrSyGrORJyP44uJL1DIlrOo4DvW1AaXFAk/0zVFuWtXkcHVUi
Tc0SHHQckilBFuRPXYh6W1YOM0xp6ClFJa6PiJelLedT72AfSCzInpKpTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHAez97jKuaA29ZLDXjwT/rH37/UMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvY0I3UDN1TXE1b0RiMWtzTmVQQlAtc2ZmdjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg9fwN6t
MA0GCSqGSIb3DQEBCwUAA4IBAQC/NiIr7v5S0kqeELc5S4cQ32SexTjs/RckplIn
YFO/76DdB7eie5Bs6T6NsYuISaL4rpjnbqXyRxbHnZC/cpYSROAB7gUEhdAPm+KQ
VgETyiEdiTDzP3xTPFXaKupA6Z6qGeEa+/CAH8z2xNT02o83EU+nL9iSsoiZ+62E
wDBzEKtmiebbnParo4PTyXo7UzCnrgFeKJwj4gjyDJwP2piZ6LSsRvsA6NbjNRbQ
4Z5xVyPmGdVVKtcT7Rabq76OK6KggFAfA5bp+of6qaPB/+aDmnWt0DbdVVZ+Sr8d
k8nva4oGvQFc1iJH24VjexhXW0702QrvGu0XQu+ojOT8Xhsz
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:27:11 2025 by rpki-client