Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oQ-FtAivaUt8YaCwIkuK-M2zQrk.roa
File: oQ-FtAivaUt8YaCwIkuK-M2zQrk.roa (raw, json)
Hash identifier: KBd49/tcL1egEsdIq+vrMg6H9AAp6je8tGXy6mhvqEU=
Subject key identifier: A1:0F:85:B4:08:AF:69:4B:7C:61:A0:B0:22:4B:8A:F8:CD:B3:42:B9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019469052289E073CA048E3AC3A71F8A0F63
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oQ-FtAivaUt8YaCwIkuK-M2zQrk.roa
Signing time: Wed 15 Jan 2025 08:12:11 +0000
ROA not before: Wed 15 Jan 2025 08:12:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213582
IP address blocks: 2a0f:7d07::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:69:05:22:89:e0:73:ca:04:8e:3a:c3:a7:1f:8a:0f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 15 08:12:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a10f85b408af694b7c61a0b0224b8af8cdb342b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:89:db:45:1b:67:14:1a:ec:c2:d1:64:91:5b:
be:98:06:82:77:da:47:b8:11:f5:13:0d:1a:fa:76:
11:b0:54:dc:28:60:3a:9e:28:54:0f:52:0b:e8:0c:
39:6b:6b:27:a4:f5:90:65:11:7a:79:9c:e1:39:76:
fd:ca:99:77:56:45:1e:68:0f:9d:ce:7a:7d:d1:f7:
a8:e1:2b:48:e3:7d:c0:5d:18:5e:c3:54:3a:06:fb:
de:97:b2:08:22:b8:3c:28:bf:1c:78:82:de:ab:49:
ea:ed:80:5b:e2:b7:78:2d:e9:8f:bc:3b:c5:ac:47:
5d:cb:87:fb:66:09:9f:ef:47:48:ad:26:c4:b3:9e:
c3:e4:87:51:dc:24:74:32:a0:a7:dd:e3:93:49:37:
1a:de:8e:67:6d:7d:a6:9c:1c:24:41:ef:47:a6:0a:
bf:0f:03:6a:e3:af:fc:51:c3:ad:67:25:b9:02:b1:
df:1b:a7:14:48:83:12:34:cd:7c:1f:7e:28:2b:2f:
95:d0:78:48:cb:55:af:d2:ae:e9:14:c7:87:23:a5:
19:3e:c1:0f:ac:87:91:89:e3:52:db:5e:0c:f5:48:
d5:c8:cd:36:67:ea:ee:86:44:d3:a2:3f:d8:d8:7f:
7b:45:81:28:2a:1e:94:24:75:e8:70:b9:63:3f:cc:
ed:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0F:85:B4:08:AF:69:4B:7C:61:A0:B0:22:4B:8A:F8:CD:B3:42:B9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oQ-FtAivaUt8YaCwIkuK-M2zQrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7d07::/32
Signature Algorithm: sha256WithRSAEncryption
47:39:f6:b7:43:9a:98:da:66:e9:6c:ab:77:7b:09:61:0c:37:
27:9a:a5:71:1e:16:05:3c:37:28:ba:71:18:20:ed:d6:4a:8a:
2c:aa:c5:eb:65:f9:22:80:e3:43:8f:8e:83:08:61:ac:57:1d:
c1:65:3e:a7:4f:8c:c2:cc:9f:f8:09:7c:f0:87:51:d7:e7:39:
ce:22:fe:b3:55:87:2c:35:21:f2:e8:2c:9c:6a:33:6c:de:5d:
b4:c1:e2:bb:6b:78:8c:70:80:15:cc:60:d5:72:ab:fb:2d:fa:
aa:39:35:c9:da:1c:80:64:84:df:aa:60:87:7a:b5:64:9c:81:
6f:25:7e:7c:92:87:c0:7b:bb:4e:cd:e2:eb:66:da:b5:1e:08:
dc:42:f5:96:10:07:7c:92:1e:ee:57:0c:50:f3:3d:58:01:cb:
e3:03:8d:a2:a3:01:3e:a4:d9:cd:c9:f9:7d:d6:5b:80:be:34:
46:93:57:b7:00:70:3d:30:b1:f3:5c:c6:8f:2e:32:ae:c3:be:
74:38:ec:18:dd:df:b9:f3:55:6f:ca:c0:4d:d8:5e:36:63:f9:
84:f9:8a:35:38:ef:44:0c:78:ac:4d:f7:9a:5b:78:6c:4d:d6:
b5:c5:27:ee:68:2e:18:e0:18:01:ad:9d:d9:b9:31:5d:eb:63:
65:de:2d:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRpBSKJ4HPKBI46w6cfig9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTE1MDgxMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTBmODViNDA4YWY2OTRiN2M2MWEwYjAyMjRiOGFmOGNkYjM0MmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4nbRRtnFBrswtFkkVu+mAaCd9pH
uBH1Ew0a+nYRsFTcKGA6nihUD1IL6Aw5a2snpPWQZRF6eZzhOXb9ypl3VkUeaA+d
znp90feo4StI433AXRhew1Q6Bvvel7IIIrg8KL8ceILeq0nq7YBb4rd4LemPvDvF
rEddy4f7Zgmf70dIrSbEs57D5IdR3CR0MqCn3eOTSTca3o5nbX2mnBwkQe9Hpgq/
DwNq46/8UcOtZyW5ArHfG6cUSIMSNM18H34oKy+V0HhIy1Wv0q7pFMeHI6UZPsEP
rIeRieNS214M9UjVyM02Z+ruhkTToj/Y2H97RYEoKh6UJHXocLljP8ztOwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKEPhbQIr2lLfGGgsCJLivjNs0K5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb1EtRnRBaXZhVXQ4WWFDd0lrdUstTTJ6UXJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg99BzAN
BgkqhkiG9w0BAQsFAAOCAQEARzn2t0OamNpm6Wyrd3sJYQw3J5qlcR4WBTw3KLpx
GCDt1kqKLKrF62X5IoDjQ4+OgwhhrFcdwWU+p0+Mwsyf+Al88IdR1+c5ziL+s1WH
LDUh8ugsnGozbN5dtMHiu2t4jHCAFcxg1XKr+y36qjk1ydocgGSE36pgh3q1ZJyB
byV+fJKHwHu7Ts3i62batR4I3EL1lhAHfJIe7lcMUPM9WAHL4wONoqMBPqTZzcn5
fdZbgL40RpNXtwBwPTCx81zGjy4yrsO+dDjsGN3fufNVb8rATdheNmP5hPmKNTjv
RAx4rE33mlt4bE3WtcUn7mguGOAYAa2d2bkxXetjZd4t7g==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:41:41 2025 by rpki-client