Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PFJiD8MLfnakL2mkAANmOoeHGUU.roa
File: PFJiD8MLfnakL2mkAANmOoeHGUU.roa (raw, json)
Hash identifier: a0vpttSq3cgxQGvU/dz1eOxNhQQQu/dzUi1jCTAXGlI=
Subject key identifier: 3C:52:62:0F:C3:0B:7E:76:A4:2F:69:A4:00:03:66:3A:87:87:19:45
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 019422FB15DB79B3002003CBA5FA4D310875
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PFJiD8MLfnakL2mkAANmOoeHGUU.roa
Signing time: Wed 01 Jan 2025 17:47:47 +0000
ROA not before: Wed 01 Jan 2025 17:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56867
IP address blocks: 2a02:20c8:1421::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:15:db:79:b3:00:20:03:cb:a5:fa:4d:31:08:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 17:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c52620fc30b7e76a42f69a40003663a87871945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:78:d6:6a:5a:b7:fb:10:7b:00:d0:e5:b4:1f:
42:a8:03:92:9e:73:58:3c:60:eb:50:69:25:93:53:
50:ed:0e:7a:34:f8:85:b0:94:80:f2:42:25:57:cb:
82:e0:95:25:c7:6c:ad:bb:93:b5:0f:1c:96:30:d3:
1b:f2:cc:61:3c:72:bd:46:1f:a3:dd:51:3f:0a:4e:
17:1e:8f:24:7f:63:6e:08:d1:9d:6c:e5:5c:ab:17:
55:9f:d3:25:7e:9f:68:0c:8f:48:bc:58:4d:76:dd:
2f:87:e3:9b:47:7b:03:25:be:b5:68:2e:70:e8:af:
bc:18:11:be:3f:fc:0f:8f:69:ce:bb:7f:2e:49:50:
4f:b1:3c:8b:9e:09:9d:03:06:7d:f2:39:90:c2:ed:
e3:7f:a5:82:42:e2:be:41:06:5f:47:87:8b:42:5a:
d0:38:30:b9:d5:ef:5b:18:36:b9:93:d6:2d:15:83:
c0:83:00:47:4c:65:87:57:59:9f:37:fc:a5:27:39:
9d:31:08:ef:41:72:5e:65:40:f2:8f:b3:e5:84:d8:
52:e1:44:82:00:d2:01:66:08:53:59:16:12:95:81:
fa:e8:ac:14:e7:03:7b:18:0e:d1:d0:df:24:79:1e:
e4:71:14:02:7d:ab:46:13:90:dd:9b:d2:6e:c9:64:
bb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:52:62:0F:C3:0B:7E:76:A4:2F:69:A4:00:03:66:3A:87:87:19:45
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/PFJiD8MLfnakL2mkAANmOoeHGUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:20c8:1421::/48
Signature Algorithm: sha256WithRSAEncryption
05:4f:0b:40:63:c7:7a:33:3a:30:71:a2:d7:32:4c:ee:d7:4d:
f6:70:dd:c7:1b:35:9d:d0:7c:21:7e:c4:d9:fd:00:02:e0:05:
1e:85:1d:cb:6a:2c:ed:20:44:92:ff:5d:35:97:24:e7:dc:b8:
a9:20:44:34:2d:b9:98:20:78:ac:ea:a4:67:6b:a8:2a:ec:9e:
a5:8d:3a:85:90:b9:fc:06:89:93:6d:c3:75:f8:e3:65:9b:1c:
29:8e:53:f2:bc:70:a8:c2:57:2c:2b:f6:7a:a9:22:1a:66:be:
6b:c2:67:9a:c2:ad:52:7a:c4:fa:d2:40:82:a5:de:a9:39:ab:
ff:e2:89:0a:e6:87:1b:de:10:4b:4b:b1:8a:65:66:8f:92:75:
2e:6f:00:bd:bb:9b:da:03:19:1f:0c:43:ae:08:2f:13:2a:d2:
e9:cf:ce:10:af:5b:0d:b1:9d:c4:2c:ae:02:2f:ae:57:58:cc:
0a:bc:b9:3f:b2:99:9f:61:9a:9f:67:12:70:aa:f3:2d:e1:80:
49:38:a7:cc:b9:3d:54:d1:fe:b0:97:f8:80:49:c1:98:3b:c5:
0a:75:cf:f4:00:f2:3a:c0:1b:75:1c:03:ed:32:5e:f2:ed:8c:
b5:c8:fc:a7:84:8b:d7:32:36:86:16:9b:64:c1:33:f1:c0:f2:
e1:8c:b0:16
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+xXbebMAIAPLpfpNMQh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjUwMTAxMTc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzUyNjIwZmMzMGI3ZTc2YTQyZjY5YTQwMDAzNjYzYTg3ODcxOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+njWalq3+xB7ANDltB9CqAOSnnNY
PGDrUGklk1NQ7Q56NPiFsJSA8kIlV8uC4JUlx2ytu5O1DxyWMNMb8sxhPHK9Rh+j
3VE/Ck4XHo8kf2NuCNGdbOVcqxdVn9Mlfp9oDI9IvFhNdt0vh+ObR3sDJb61aC5w
6K+8GBG+P/wPj2nOu38uSVBPsTyLngmdAwZ98jmQwu3jf6WCQuK+QQZfR4eLQlrQ
ODC51e9bGDa5k9YtFYPAgwBHTGWHV1mfN/ylJzmdMQjvQXJeZUDyj7PlhNhS4USC
ANIBZghTWRYSlYH66KwU5wN7GA7R0N8keR7kcRQCfatGE5Ddm9JuyWS7fwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDxSYg/DC352pC9ppAADZjqHhxlFMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvUEZKaUQ4TUxmbmFrTDJta0FBTm1Pb2VIR1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgIgyBQh
MA0GCSqGSIb3DQEBCwUAA4IBAQAFTwtAY8d6MzowcaLXMkzu1032cN3HGzWd0Hwh
fsTZ/QAC4AUehR3LaiztIESS/101lyTn3LipIEQ0LbmYIHis6qRna6gq7J6ljTqF
kLn8BomTbcN1+ONlmxwpjlPyvHCowlcsK/Z6qSIaZr5rwmeawq1SesT60kCCpd6p
Oav/4okK5ocb3hBLS7GKZWaPknUubwC9u5vaAxkfDEOuCC8TKtLpz84Qr1sNsZ3E
LK4CL65XWMwKvLk/spmfYZqfZxJwqvMt4YBJOKfMuT1U0f6wl/iAScGYO8UKdc/0
API6wBt1HAPtMl7y7Yy1yPynhIvXMjaGFptkwTPxwPLhjLAW
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:43 2025 by rpki-client