Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/LdOUxFddrdo9aXkPfUT8SVjucIA.roa
File: LdOUxFddrdo9aXkPfUT8SVjucIA.roa (raw, json)
Hash identifier: spHv7xj74i85XGEOQvpQ6d3/H2mG3ShKBKzeYTyQNI0=
Subject key identifier: 2D:D3:94:C4:57:5D:AD:DA:3D:69:79:0F:7D:44:FC:49:58:EE:70:80
Certificate issuer: /CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Certificate serial: B46BFA
Authority key identifier: 3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/LdOUxFddrdo9aXkPfUT8SVjucIA.roa
Signing time: Sat 01 Jan 2022 13:01:57 +0000
ROA not before: Sat 01 Jan 2022 13:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59771
IP address blocks: 2a00:1560:d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11824122 (0xb46bfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b11583aca1e8059fd31e267e8302d0c2fe008d6
Validity
Not Before: Jan 1 13:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dd394c4575dadda3d69790f7d44fc4958ee7080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ef:13:f2:ec:98:c9:d4:73:22:4c:3d:1b:c4:
a4:46:41:62:53:23:c5:21:17:d3:ef:18:e8:d6:28:
02:84:43:25:c7:0e:a3:b1:a6:03:9b:6b:a4:8e:d7:
5d:d4:7b:3b:25:3a:34:cd:e5:40:82:23:0e:d0:0a:
78:75:d0:2c:81:be:7b:84:f6:15:d3:dc:4b:47:5b:
c7:ab:3b:03:54:16:c5:3e:b2:d5:f7:56:27:bb:11:
b0:42:2a:ba:96:2c:c3:fc:fc:9b:58:cf:5e:3c:a2:
0d:db:c9:18:be:0c:3e:57:6b:b9:90:6c:e5:79:dd:
71:cf:45:dc:29:d1:62:6a:76:2e:92:53:62:25:17:
9c:78:fc:be:49:02:9f:1a:d7:ff:a7:1f:5f:05:bc:
f9:19:ca:46:b8:13:02:ea:f7:6e:18:79:1c:b1:07:
a4:fd:32:cf:82:a2:6f:c1:99:c4:a7:8a:ce:08:d1:
19:55:82:d0:a3:fc:38:08:71:fa:d7:82:05:d8:f2:
32:4c:f5:ce:b9:b8:ff:ea:6e:ed:21:db:d0:69:46:
e1:1f:f6:28:2f:0d:d8:d6:de:b2:b9:c5:12:a6:be:
d6:97:ff:e8:af:68:be:7d:1b:45:18:2f:e9:51:08:
42:5c:c9:34:99:bd:c6:b9:dc:43:f5:68:a0:72:52:
dc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D3:94:C4:57:5D:AD:DA:3D:69:79:0F:7D:44:FC:49:58:EE:70:80
X509v3 Authority Key Identifier:
keyid:3B:11:58:3A:CA:1E:80:59:FD:31:E2:67:E8:30:2D:0C:2F:E0:08:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OxFYOsoegFn9MeJn6DAtDC_gCNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/LdOUxFddrdo9aXkPfUT8SVjucIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f3ebce-9608-4180-a891-dce0d0ae6703/1/OxFYOsoegFn9MeJn6DAtDC_gCNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1560:d::/48
Signature Algorithm: sha256WithRSAEncryption
a4:7b:d6:0c:2d:4d:00:b8:06:96:f8:c5:c0:e9:77:b7:20:b2:
44:38:d1:9e:be:68:6a:c2:46:0c:1a:c2:64:9d:7b:ff:35:03:
7b:93:5b:83:c2:bd:98:bd:69:4d:9b:d5:2a:ba:a5:3c:27:32:
ae:37:70:d3:8c:06:17:4a:cb:a1:47:f5:af:33:3d:60:4f:64:
ab:e7:b9:a3:23:ea:df:69:97:67:67:3c:cd:7f:33:19:a7:b7:
08:5b:30:7e:0c:ae:c0:82:8c:19:ab:2a:b3:22:4e:4b:fd:ed:
c3:af:0d:dc:27:67:5c:91:a3:96:e8:fc:19:17:84:7f:e2:bd:
50:7b:b8:b6:39:bd:db:57:bf:00:84:5d:68:d5:d2:e1:d2:03:
8e:63:88:cd:90:ac:f0:25:a9:29:31:0b:f6:11:cf:52:a5:27:
a5:01:21:ae:fe:bc:e7:61:7e:1a:00:1a:15:ae:40:f1:05:2a:
93:61:14:75:8b:0c:c5:3a:44:12:10:b7:9c:2c:cb:fb:33:3d:
8d:77:eb:dd:61:2e:31:b9:44:71:ba:5a:50:9b:a7:c7:cd:64:
8e:62:bc:0a:f4:74:b8:29:32:e3:ff:9b:d6:b1:73:fc:a8:14:
06:d9:cf:d3:e1:81:b2:af:56:3c:7e:d3:9f:b9:d3:86:2a:79:
ae:11:fd:ee
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEALRr+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjExNTgzYWNhMWU4MDU5ZmQzMWUyNjdlODMwMmQwYzJmZTAwOGQ2MB4XDTIyMDEw
MTEzMDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRkMzk0YzQ1NzVk
YWRkYTNkNjk3OTBmN2Q0NGZjNDk1OGVlNzA4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPvE/LsmMnUcyJMPRvEpEZBYlMjxSEX0+8Y6NYoAoRDJccO
o7GmA5trpI7XXdR7OyU6NM3lQIIjDtAKeHXQLIG+e4T2FdPcS0dbx6s7A1QWxT6y
1fdWJ7sRsEIqupYsw/z8m1jPXjyiDdvJGL4MPldruZBs5Xndcc9F3CnRYmp2LpJT
YiUXnHj8vkkCnxrX/6cfXwW8+RnKRrgTAur3bhh5HLEHpP0yz4Kib8GZxKeKzgjR
GVWC0KP8OAhx+teCBdjyMkz1zrm4/+pu7SHb0GlG4R/2KC8N2NbesrnFEqa+1pf/
6K9ovn0bRRgv6VEIQlzJNJm9xrncQ/VooHJS3GECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQt05TEV12t2j1peQ99RPxJWO5wgDAfBgNVHSMEGDAWgBQ7EVg6yh6AWf0x
4mfoMC0ML+AI1jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L094RllPc29lZ0ZuOU1lSm42REF0RENfZ0NOWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZjNlYmNlLTk2MDgtNDE4MC1hODkxLWRjZTBkMGFlNjcwMy8x
L0xkT1V4RmRkcmRvOWFYa1BmVVQ4U1ZqdWNJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
ZjNlYmNlLTk2MDgtNDE4MC1hODkxLWRjZTBkMGFlNjcwMy8xL094RllPc29lZ0Zu
OU1lSm42REF0RENfZ0NOWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoAFWAADTANBgkqhkiG9w0BAQsF
AAOCAQEApHvWDC1NALgGlvjFwOl3tyCyRDjRnr5oasJGDBrCZJ17/zUDe5Nbg8K9
mL1pTZvVKrqlPCcyrjdw04wGF0rLoUf1rzM9YE9kq+e5oyPq32mXZ2c8zX8zGae3
CFswfgyuwIKMGasqsyJOS/3tw68N3CdnXJGjluj8GReEf+K9UHu4tjm921e/AIRd
aNXS4dIDjmOIzZCs8CWpKTEL9hHPUqUnpQEhrv6852F+GgAaFa5A8QUqk2EUdYsM
xTpEEhC3nCzL+zM9jXfr3WEuMblEcbpaUJunx81kjmK8CvR0uCky4/+b1rFz/KgU
BtnP0+GBsq9WPH7Tn7nThip5rhH97g==
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:32:50 2025 by rpki-client