Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ra2zdr5IKfQ8gw71S_KsMBnwFzo.roa
File: ra2zdr5IKfQ8gw71S_KsMBnwFzo.roa (raw, json)
Hash identifier: vLDMC7GMknhz/OcvRxY0MXeR5yCUggTV3zqgw0HoUSQ=
Subject key identifier: AD:AD:B3:76:BE:48:29:F4:3C:83:0E:F5:4B:F2:AC:30:19:F0:17:3A
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019425FDBDF60D36A1F2E4E368852D219579
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ra2zdr5IKfQ8gw71S_KsMBnwFzo.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42894
IP address blocks: 2a04:9a02::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bd:f6:0d:36:a1:f2:e4:e3:68:85:2d:21:95:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adadb376be4829f43c830ef54bf2ac3019f0173a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c5:a0:99:7e:3c:f5:f3:93:e7:86:48:16:43:
bd:89:bc:dd:6f:35:31:c2:b2:59:58:d5:16:8b:50:
d2:ca:e7:d7:4c:3e:00:e9:c7:8c:7c:08:5c:84:22:
f0:f7:01:60:b9:c3:6f:c6:17:59:61:f5:fc:d0:f5:
3a:39:34:5b:c3:02:c9:a6:65:34:2c:77:a0:c5:ef:
ef:2d:2c:43:f0:fc:7a:6a:02:4e:b9:0c:ef:d4:a4:
11:eb:56:f2:4c:8a:43:40:02:e7:74:ac:6c:0b:e6:
95:18:6f:98:25:72:98:64:33:a5:7d:32:56:20:5a:
ed:70:99:4e:f4:d6:a5:8c:6e:d4:9d:ed:71:4e:00:
93:06:11:e7:7c:5b:ea:99:df:48:d2:3b:2a:cf:1e:
ff:17:4d:72:bb:78:bb:62:96:0f:ea:11:c6:48:fb:
c7:b9:76:a8:3f:e6:13:1e:65:4f:f4:fa:ba:e4:ff:
58:93:ae:db:7b:19:48:70:70:2e:51:a6:74:30:99:
40:3e:7a:9e:ae:95:01:49:46:86:58:3f:a8:ca:3e:
41:c3:9b:41:ce:d7:89:35:b0:75:c5:53:42:4d:8e:
44:40:35:bf:2f:be:2f:b3:3b:02:e0:01:af:cd:6f:
fc:c7:7d:c8:68:c5:de:9c:a4:5c:83:bf:37:e9:f0:
d2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AD:B3:76:BE:48:29:F4:3C:83:0E:F5:4B:F2:AC:30:19:F0:17:3A
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ra2zdr5IKfQ8gw71S_KsMBnwFzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a02::/32
Signature Algorithm: sha256WithRSAEncryption
a5:ef:13:76:f6:db:14:0c:4a:1e:dc:4f:1e:d0:47:d2:7b:bc:
ff:0b:2b:74:3f:05:93:56:25:e5:68:2c:01:eb:2d:7d:f9:ca:
cb:3a:2d:78:55:98:7a:fd:f1:fa:49:49:a4:fb:9f:2e:3c:38:
fe:d9:91:4d:ba:c9:99:bb:7a:5c:a1:a5:64:2c:46:68:73:ce:
84:0c:19:79:17:b5:82:32:0f:bc:4d:a7:aa:88:fe:45:78:b9:
73:5f:8c:c9:4f:14:43:d0:1c:71:7d:2c:51:75:f2:14:8f:a7:
ab:b4:bc:96:87:63:38:2a:e0:08:29:ab:70:0f:80:b3:3d:cd:
54:b4:81:a5:bf:1a:ff:4f:b5:4a:2c:f6:7c:8a:28:c8:f5:e5:
cc:a8:ce:12:d6:31:88:0b:b9:47:5a:e4:b2:ef:60:23:b3:8a:
fd:94:d7:9a:e3:a3:a5:0f:c4:f6:89:cf:ea:56:8f:70:eb:f1:
f8:09:b4:26:29:58:cc:c9:6b:04:b9:8f:91:80:fe:5a:28:7f:
cd:b6:57:fe:8c:b5:fe:61:45:8d:71:52:f1:73:84:9a:67:fa:
0f:be:f2:45:cb:ba:90:6a:86:45:d7:ba:56:27:66:c2:11:a6:
e8:b1:fe:af:99:8f:12:64:e7:76:45:32:91:e9:1b:29:7b:6d:
1f:d1:67:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/b32DTah8uTjaIUtIZV5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFkYjM3NmJlNDgyOWY0M2M4MzBlZjU0YmYyYWMzMDE5ZjAxNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsWgmX489fOT54ZIFkO9ibzdbzUx
wrJZWNUWi1DSyufXTD4A6ceMfAhchCLw9wFgucNvxhdZYfX80PU6OTRbwwLJpmU0
LHegxe/vLSxD8Px6agJOuQzv1KQR61byTIpDQALndKxsC+aVGG+YJXKYZDOlfTJW
IFrtcJlO9NaljG7Une1xTgCTBhHnfFvqmd9I0jsqzx7/F01yu3i7YpYP6hHGSPvH
uXaoP+YTHmVP9Pq65P9Yk67bexlIcHAuUaZ0MJlAPnqerpUBSUaGWD+oyj5Bw5tB
zteJNbB1xVNCTY5EQDW/L74vszsC4AGvzW/8x33IaMXenKRcg7836fDSuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK2ts3a+SCn0PIMO9UvyrDAZ8Bc6MB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvcmEyemRyNUlLZlE4Z3c3MVNfS3NNQm53RnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgSaAjAN
BgkqhkiG9w0BAQsFAAOCAQEApe8TdvbbFAxKHtxPHtBH0nu8/wsrdD8Fk1Yl5Wgs
AestffnKyzoteFWYev3x+klJpPufLjw4/tmRTbrJmbt6XKGlZCxGaHPOhAwZeRe1
gjIPvE2nqoj+RXi5c1+MyU8UQ9AccX0sUXXyFI+nq7S8lodjOCrgCCmrcA+Asz3N
VLSBpb8a/0+1Siz2fIooyPXlzKjOEtYxiAu5R1rksu9gI7OK/ZTXmuOjpQ/E9onP
6laPcOvx+Am0JilYzMlrBLmPkYD+Wih/zbZX/oy1/mFFjXFS8XOEmmf6D77yRcu6
kGqGRde6VidmwhGm6LH+r5mPEmTndkUykekbKXttH9FngQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:21 2025 by rpki-client