Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/2iNRDUmO3hksB3RpkKiTrCo0TyI.roa
File: 2iNRDUmO3hksB3RpkKiTrCo0TyI.roa (raw, json)
Hash identifier: tfSo0uv1/zNTzrj8WiJnPnhIEUdCFaYb5IjJhzV4Sts=
Subject key identifier: DA:23:51:0D:49:8E:DE:19:2C:07:74:69:90:A8:93:AC:2A:34:4F:22
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01942369DF41924C5F00A19113F8B2F1FC6C
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/2iNRDUmO3hksB3RpkKiTrCo0TyI.roa
Signing time: Wed 01 Jan 2025 19:48:48 +0000
ROA not before: Wed 01 Jan 2025 19:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:8b40::/29 maxlen: 29
2a0d:9440::/29 maxlen: 29
2a11:26c0::/29 maxlen: 29
2a11:2b40::/29 maxlen: 29
2a11:3580::/29 maxlen: 29
2a11:4080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:df:41:92:4c:5f:00:a1:91:13:f8:b2:f1:fc:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 19:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da23510d498ede192c07746990a893ac2a344f22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:60:3e:f9:39:1a:e4:96:8c:3e:51:a9:21:d5:
30:91:eb:55:99:bf:9b:53:41:67:7f:47:fa:e5:30:
ab:73:40:f8:b5:8d:f6:27:7f:c0:a6:71:12:fe:88:
a6:92:cf:7b:d4:3a:42:3e:47:b6:1b:40:84:5e:32:
4a:9e:97:83:52:24:72:b2:5f:2f:9b:32:8e:03:cf:
ad:25:6b:69:5a:09:54:a2:2a:4d:9a:78:01:c9:ae:
c9:96:59:e5:9c:e7:89:77:3f:f8:49:a9:68:26:fa:
64:74:0d:b9:a7:34:ec:df:b5:c9:ad:76:d8:e3:8d:
a3:1b:2e:27:e7:42:40:3f:71:15:3e:6b:e7:08:60:
ae:1e:77:55:64:c0:25:9d:06:24:07:62:f4:20:71:
92:c3:a9:90:9f:c0:52:9f:69:38:58:03:2a:bb:dc:
64:cb:32:6d:d3:a3:ee:41:ae:da:bc:a3:d5:db:2d:
5a:53:c0:4b:65:f4:9d:98:97:e0:1b:6a:fd:6d:a0:
5d:08:7b:68:86:45:2d:03:12:fb:c7:d8:af:b6:c2:
0b:0b:de:f0:a1:9e:f5:00:26:31:69:33:eb:6a:9d:
b5:6b:a2:87:86:5a:1b:c1:6e:7b:a2:0c:57:29:19:
cd:b8:53:29:1a:5c:36:8b:df:be:e6:cd:d1:12:f0:
ca:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:23:51:0D:49:8E:DE:19:2C:07:74:69:90:A8:93:AC:2A:34:4F:22
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/2iNRDUmO3hksB3RpkKiTrCo0TyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8b40::/29
2a0d:9440::/29
2a11:26c0::/29
2a11:2b40::/29
2a11:3580::/29
2a11:4080::/29
Signature Algorithm: sha256WithRSAEncryption
02:63:da:bb:3b:82:af:6c:ce:b3:b9:f4:d4:8d:6a:a2:1d:bd:
ac:ac:47:de:55:9d:63:02:eb:8d:99:80:0a:72:5d:e1:9c:6f:
fb:a5:da:c1:6b:e8:57:e5:62:a5:b3:f3:57:1d:07:69:98:20:
69:41:f7:72:25:b0:18:02:d8:8a:7f:db:7d:7a:51:28:e6:f2:
72:dc:28:36:f5:41:a4:63:cd:b7:b8:fa:28:33:79:da:66:e9:
62:dd:4d:94:05:ab:9b:51:f0:19:56:d5:0c:ec:dd:f0:4f:a0:
67:a0:d4:98:0b:f4:e8:01:0b:c2:d6:fa:d5:f4:48:0b:a6:cf:
8c:35:45:02:62:ad:26:27:9c:4c:e3:fe:03:b0:d1:38:f2:66:
8d:fd:16:ac:56:c8:22:90:f9:e6:8e:2c:3d:4a:6d:43:d4:b9:
d8:bd:51:09:e4:d4:f8:af:03:36:2e:81:72:87:73:10:c8:1d:
66:21:b2:7a:ea:00:bf:e5:9d:03:36:ac:66:50:ff:11:0d:e1:
8b:23:ee:15:3f:3d:cc:02:bf:11:fa:14:d0:ce:15:c0:1b:03:
5f:13:59:50:39:0a:91:cb:9e:bd:39:02:df:4d:c5:af:fa:b6:
44:17:5e:40:9d:69:c8:92:0f:08:ef:a3:7a:a7:22:91:e5:b6:
62:33:0d:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQjad9BkkxfAKGRE/iy8fxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMTAxMTk0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTIzNTEwZDQ5OGVkZTE5MmMwNzc0Njk5MGE4OTNhYzJhMzQ0ZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGA++Tka5JaMPlGpIdUwketVmb+b
U0Fnf0f65TCrc0D4tY32J3/ApnES/oimks971DpCPke2G0CEXjJKnpeDUiRysl8v
mzKOA8+tJWtpWglUoipNmngBya7JllnlnOeJdz/4SaloJvpkdA25pzTs37XJrXbY
442jGy4n50JAP3EVPmvnCGCuHndVZMAlnQYkB2L0IHGSw6mQn8BSn2k4WAMqu9xk
yzJt06PuQa7avKPV2y1aU8BLZfSdmJfgG2r9baBdCHtohkUtAxL7x9ivtsILC97w
oZ71ACYxaTPrap21a6KHhlobwW57ogxXKRnNuFMpGlw2i9++5s3REvDKZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNojUQ1Jjt4ZLAd0aZCok6wqNE8iMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvMmlOUkRVbU8zaGtzQjNScGtLaVRyQ28wVHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg2LQAMF
AyoNlEADBQMqESbAAwUDKhErQAMFAyoRNYADBQMqEUCAMA0GCSqGSIb3DQEBCwUA
A4IBAQACY9q7O4KvbM6zufTUjWqiHb2srEfeVZ1jAuuNmYAKcl3hnG/7pdrBa+hX
5WKls/NXHQdpmCBpQfdyJbAYAtiKf9t9elEo5vJy3Cg29UGkY823uPooM3naZuli
3U2UBaubUfAZVtUM7N3wT6BnoNSYC/ToAQvC1vrV9EgLps+MNUUCYq0mJ5xM4/4D
sNE48maN/RasVsgikPnmjiw9Sm1D1LnYvVEJ5NT4rwM2LoFyh3MQyB1mIbJ66gC/
5Z0DNqxmUP8RDeGLI+4VPz3MAr8R+hTQzhXAGwNfE1lQOQqRy569OQLfTcWv+rZE
F15AnWnIkg8I76N6pyKR5bZiMw02
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:22 2025 by rpki-client