Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/DeACqwGcvIcEJ9pagEhHd4n2i_M.roa
File: DeACqwGcvIcEJ9pagEhHd4n2i_M.roa (raw, json)
Hash identifier: WPp0dLB9p4cnbOnLtVE+B38AXmBSQMpiDZZIvPoqViw=
Subject key identifier: 0D:E0:02:AB:01:9C:BC:87:04:27:DA:5A:80:48:47:77:89:F6:8B:F3
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 0194221F8781717E54DDF086B1434581D52D
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/DeACqwGcvIcEJ9pagEhHd4n2i_M.roa
Signing time: Wed 01 Jan 2025 13:47:59 +0000
ROA not before: Wed 01 Jan 2025 13:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212165
IP address blocks: 2a04:cfc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:87:81:71:7e:54:dd:f0:86:b1:43:45:81:d5:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jan 1 13:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0de002ab019cbc870427da5a8048477789f68bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3b:3b:8e:0f:cd:d6:cf:62:12:0a:cb:9d:62:
f4:66:a8:0a:3e:03:09:62:a4:40:0e:d9:2d:ce:4b:
00:df:1f:27:54:4d:b0:b2:99:33:ca:dd:67:03:60:
23:2b:40:b6:54:28:0a:86:f1:57:f1:2c:96:37:1e:
3f:52:cf:1d:91:84:32:f1:03:6b:b3:93:a1:03:a7:
02:8f:66:b2:57:60:b4:04:6b:15:88:39:c9:11:b8:
c1:ca:8c:37:ad:4d:f5:23:13:9c:1d:cf:b4:7b:1a:
c0:2d:9e:87:ab:64:5b:19:f6:22:09:7c:95:75:6f:
dc:25:21:15:ab:83:70:61:66:b4:98:15:ae:f8:6a:
9d:0a:9a:f3:b3:03:77:bb:e9:09:73:55:e3:b8:dc:
68:a1:38:7f:f6:f0:c7:45:dc:ef:2f:19:44:87:8d:
a9:b6:26:72:7e:86:af:90:0c:44:d1:dd:98:c1:08:
9c:7c:82:c1:81:d1:d4:16:c9:d1:39:50:e1:2d:22:
3e:2e:90:d5:52:c8:23:fd:7a:ed:37:f7:c4:90:e8:
77:5a:04:16:01:b9:3b:d4:7f:84:9a:09:e8:0b:dc:
47:54:7e:c0:8a:4d:be:a0:47:d3:c5:4e:b7:92:fa:
01:72:62:3c:2d:16:6e:45:1e:40:33:29:4d:7f:65:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E0:02:AB:01:9C:BC:87:04:27:DA:5A:80:48:47:77:89:F6:8B:F3
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/DeACqwGcvIcEJ9pagEhHd4n2i_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:cfc0::/29
Signature Algorithm: sha256WithRSAEncryption
d8:67:6f:f3:21:58:b6:83:eb:cd:d1:2d:e6:d6:ea:89:40:43:
3e:ea:68:de:0f:ba:bb:10:31:c8:ad:f1:75:87:54:85:2b:6a:
9b:81:1a:5f:04:66:60:ea:0b:13:a4:11:a4:aa:10:c9:8d:68:
ba:5a:99:9b:76:e5:a5:11:c0:1d:d9:1e:90:55:1c:b0:f5:35:
23:c5:26:90:90:56:29:77:bc:68:f5:dc:57:c4:99:68:8d:81:
38:1f:fe:bc:1b:48:a2:f0:d6:ea:6f:35:88:c7:53:d0:1f:82:
62:de:cc:b2:95:f5:fa:a2:a6:75:ae:a5:08:3f:cc:9f:00:47:
3e:7d:d7:bf:28:41:90:26:af:4d:82:b8:a7:7a:6c:73:43:14:
37:23:7a:5e:9e:1b:da:a2:b0:ec:2a:45:be:ea:44:74:a5:d9:
09:ca:92:3b:c5:12:a9:70:5a:fd:e0:ed:0f:a5:4d:9f:c3:57:
c5:3d:05:4e:81:0f:6d:78:6c:5a:82:89:06:bd:2d:06:70:2c:
3d:30:3c:96:e8:8f:34:d0:ac:22:e0:8b:83:5c:0f:93:84:62:
81:92:b9:da:1c:d2:19:47:a5:d2:04:61:5d:73:5b:df:55:21:
3d:9b:9c:50:a1:f7:0a:db:03:c1:1d:36:14:0e:ea:a6:53:2a:
2d:38:9c:76
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH4eBcX5U3fCGsUNFgdUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjUwMTAxMTM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGUwMDJhYjAxOWNiYzg3MDQyN2RhNWE4MDQ4NDc3Nzg5ZjY4YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDs7jg/N1s9iEgrLnWL0ZqgKPgMJ
YqRADtktzksA3x8nVE2wspkzyt1nA2AjK0C2VCgKhvFX8SyWNx4/Us8dkYQy8QNr
s5OhA6cCj2ayV2C0BGsViDnJEbjByow3rU31IxOcHc+0exrALZ6Hq2RbGfYiCXyV
dW/cJSEVq4NwYWa0mBWu+GqdCprzswN3u+kJc1XjuNxooTh/9vDHRdzvLxlEh42p
tiZyfoavkAxE0d2YwQicfILBgdHUFsnROVDhLSI+LpDVUsgj/XrtN/fEkOh3WgQW
Abk71H+EmgnoC9xHVH7Aik2+oEfTxU63kvoBcmI8LRZuRR5AMylNf2Uq4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA3gAqsBnLyHBCfaWoBIR3eJ9ovzMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvRGVBQ3F3R2N2SWNFSjlwYWdFaEhkNG4yaV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgTPwDAN
BgkqhkiG9w0BAQsFAAOCAQEA2Gdv8yFYtoPrzdEt5tbqiUBDPupo3g+6uxAxyK3x
dYdUhStqm4EaXwRmYOoLE6QRpKoQyY1oulqZm3blpRHAHdkekFUcsPU1I8UmkJBW
KXe8aPXcV8SZaI2BOB/+vBtIovDW6m81iMdT0B+CYt7MspX1+qKmda6lCD/MnwBH
Pn3XvyhBkCavTYK4p3psc0MUNyN6Xp4b2qKw7CpFvupEdKXZCcqSO8USqXBa/eDt
D6VNn8NXxT0FToEPbXhsWoKJBr0tBnAsPTA8luiPNNCsIuCLg1wPk4RigZK52hzS
GUel0gRhXXNb31UhPZucUKH3CtsDwR02FA7qplMqLTicdg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:40:14 2025 by rpki-client