Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/0w8PrcRXjaw3NnytCAu3vS4-sIo.roa
File: 0w8PrcRXjaw3NnytCAu3vS4-sIo.roa (raw, json)
Hash identifier: 8ML3jjJQ9lX+L2M5OiY25XgbGcdh93ML8oA+abH3GN0=
Subject key identifier: D3:0F:0F:AD:C4:57:8D:AC:37:36:7C:AD:08:0B:B7:BD:2E:3E:B0:8A
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369D5783704CB909D21FEC1F8D538F5
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/0w8PrcRXjaw3NnytCAu3vS4-sIo.roa
Signing time: Wed 01 Jan 2025 19:48:45 +0000
ROA not before: Wed 01 Jan 2025 19:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198231
IP address blocks: 2a0d:9440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:d5:78:37:04:cb:90:9d:21:fe:c1:f8:d5:38:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d30f0fadc4578dac37367cad080bb7bd2e3eb08a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:f2:e6:c4:a1:ee:c1:38:ba:35:57:18:18:
29:03:eb:3f:32:44:43:2d:cb:82:46:47:bc:e8:c0:
1c:f8:97:b5:81:42:c7:e9:25:70:6a:c9:dd:ee:c3:
7d:cf:85:61:2a:3a:21:4a:7a:38:29:1e:ca:d7:5c:
ad:86:62:02:90:d7:70:a3:61:74:32:89:87:2d:25:
99:46:18:3a:cd:06:25:a1:f5:fc:a8:62:fb:13:59:
40:de:4a:9c:8a:8b:34:ac:bb:ed:f9:a0:45:68:64:
3e:85:c9:31:68:08:e6:ae:fa:a1:67:75:a5:27:04:
e0:53:e6:7d:28:ef:5d:a7:f2:08:c4:59:ec:aa:fb:
2c:2b:36:56:4b:a1:01:38:0a:7b:27:c7:72:03:e2:
50:bc:f6:64:7d:84:0c:c5:cc:39:6e:91:b4:7b:0e:
ac:3f:9f:6d:22:ec:fb:66:8a:df:2a:bb:76:2c:78:
c0:ae:32:27:5e:51:9f:f0:4c:c9:3e:ad:f8:be:08:
d5:6b:dc:f9:67:66:2a:45:c2:70:02:57:9c:07:49:
7a:96:80:70:5e:3d:01:f8:51:b9:d7:fc:31:65:11:
18:1e:07:48:fb:c6:63:28:ba:e5:41:cc:d6:fb:cd:
c4:6b:1b:da:2d:30:31:2c:6d:6c:7c:22:85:b8:8d:
9b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0F:0F:AD:C4:57:8D:AC:37:36:7C:AD:08:0B:B7:BD:2E:3E:B0:8A
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/0w8PrcRXjaw3NnytCAu3vS4-sIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:9440::/29
Signature Algorithm: sha256WithRSAEncryption
04:a5:e8:15:ec:2e:ca:6e:82:ad:93:a7:b0:02:0b:8b:4e:82:
6a:4f:dc:bf:b4:a8:5e:e2:5b:ac:fb:c4:ee:41:2f:92:32:22:
46:4b:35:1a:67:fa:1d:2d:be:5f:ad:94:d0:03:d6:a3:a7:86:
ab:25:e8:81:3b:66:42:c8:b3:29:a4:bf:c8:36:d3:09:11:b9:
8d:7b:ef:44:cc:5e:0d:55:2e:c1:f6:f5:30:e7:07:fe:f6:58:
b0:f8:93:2a:03:f7:85:ee:20:52:b6:45:72:ed:c0:73:df:a3:
e7:45:cc:c1:a4:60:96:7f:76:47:53:b0:a6:5c:c9:80:29:fc:
81:6b:bf:84:fb:6b:64:44:16:d7:4f:07:72:1c:da:66:be:6b:
2c:7a:b4:b2:00:08:ec:82:b4:ab:13:32:24:fa:49:23:9c:f6:
97:fd:1b:c9:84:86:bc:ad:d5:74:03:d6:a8:2e:73:f5:d6:2e:
d3:b6:39:83:fe:8b:29:7c:19:8a:fc:d0:ab:44:f5:a3:54:d3:
d8:c4:6f:44:9c:bc:b1:dc:79:a1:fd:42:a9:05:b4:72:46:1f:
dd:96:d4:7a:3e:2f:48:6f:f9:b4:2d:38:b0:8e:f0:5c:fa:13:
26:84:76:86:3f:56:81:a6:2b:e4:b6:91:3a:a4:5d:a2:e8:d2:
e2:96:a6:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjadV4NwTLkJ0h/sH41Tj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzBmMGZhZGM0NTc4ZGFjMzczNjdjYWQwODBiYjdiZDJlM2ViMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7Dy5sSh7sE4ujVXGBgpA+s/MkRD
LcuCRke86MAc+Je1gULH6SVwasnd7sN9z4VhKjohSno4KR7K11ythmICkNdwo2F0
MomHLSWZRhg6zQYlofX8qGL7E1lA3kqcios0rLvt+aBFaGQ+hckxaAjmrvqhZ3Wl
JwTgU+Z9KO9dp/IIxFnsqvssKzZWS6EBOAp7J8dyA+JQvPZkfYQMxcw5bpG0ew6s
P59tIuz7ZorfKrt2LHjArjInXlGf8EzJPq34vgjVa9z5Z2YqRcJwAlecB0l6loBw
Xj0B+FG51/wxZREYHgdI+8ZjKLrlQczW+83EaxvaLTAxLG1sfCKFuI2bSwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNMPD63EV42sNzZ8rQgLt70uPrCKMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvMHc4UHJjUlhqYXczTm55dENBdTN2UzQtc0lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg2UQDAN
BgkqhkiG9w0BAQsFAAOCAQEABKXoFewuym6CrZOnsAILi06Cak/cv7SoXuJbrPvE
7kEvkjIiRks1Gmf6HS2+X62U0APWo6eGqyXogTtmQsizKaS/yDbTCRG5jXvvRMxe
DVUuwfb1MOcH/vZYsPiTKgP3he4gUrZFcu3Ac9+j50XMwaRgln92R1OwplzJgCn8
gWu/hPtrZEQW108HchzaZr5rLHq0sgAI7IK0qxMyJPpJI5z2l/0byYSGvK3VdAPW
qC5z9dYu07Y5g/6LKXwZivzQq0T1o1TT2MRvRJy8sdx5of1CqQW0ckYf3ZbUej4v
SG/5tC04sI7wXPoTJoR2hj9WgaYr5LaROqRdoujS4pam6Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:31 2025 by rpki-client