Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/3PFyhkeygxSnr9lo2JsKv8zzptA.roa
File: 3PFyhkeygxSnr9lo2JsKv8zzptA.roa (raw, json)
Hash identifier: q1R0erCPFvF5C0+eg74kijSUxdckHy4082+SsXMgLoI=
Subject key identifier: DC:F1:72:86:47:B2:83:14:A7:AF:D9:68:D8:9B:0A:BF:CC:F3:A6:D0
Certificate issuer: /CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Certificate serial: 019424B39558D01DD49E1692F1FAAAD17E62
Authority key identifier: DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/3PFyhkeygxSnr9lo2JsKv8zzptA.roa
Signing time: Thu 02 Jan 2025 01:48:56 +0000
ROA not before: Thu 02 Jan 2025 01:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212085
IP address blocks: 2a0f:ca81:1330::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:95:58:d0:1d:d4:9e:16:92:f1:fa:aa:d1:7e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe6ab8e0c46e841b44d2b9c6b03bb65f5621db1
Validity
Not Before: Jan 2 01:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcf1728647b28314a7afd968d89b0abfccf3a6d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d7:7c:7c:50:4f:06:46:d7:85:f5:9f:2a:48:
35:ed:88:36:0a:a7:92:3c:27:be:99:c2:ac:c2:ca:
94:e1:f8:8b:f3:59:67:e3:d3:13:2a:97:94:5d:b3:
f3:76:d6:d5:c2:ac:ee:68:0f:35:37:bb:23:73:88:
9e:65:40:90:b2:9e:87:ff:19:4c:92:5e:74:8a:87:
51:3d:62:86:3b:75:69:d0:1c:79:b0:d4:cf:61:50:
40:3b:d1:23:6e:84:e6:9d:34:36:6a:a7:2d:9f:aa:
85:9c:7a:f5:d2:98:07:c8:f2:14:5c:cd:93:9c:b6:
6d:1e:7a:01:f6:e7:80:dd:4a:81:eb:67:81:f3:d1:
d3:02:60:94:ce:e7:20:77:57:d3:43:d8:69:06:0b:
eb:a2:0c:4b:23:00:7a:5d:f7:ab:5a:70:ed:8b:a2:
f5:02:ac:ed:b2:8f:2e:b1:ca:dc:a1:00:03:c3:22:
4d:cb:a8:18:cb:2e:b6:16:48:be:88:57:11:13:36:
4a:1a:2d:3a:61:ce:b2:bf:6b:a0:db:53:8a:cc:54:
b2:56:1e:b8:5f:e3:6e:68:69:d4:4e:da:16:74:c1:
d6:45:25:bc:d3:8b:e8:6b:d7:8b:c3:5c:c8:fa:81:
46:f3:97:29:26:52:ce:6f:17:da:91:61:ea:b8:58:
39:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F1:72:86:47:B2:83:14:A7:AF:D9:68:D8:9B:0A:BF:CC:F3:A6:D0
X509v3 Authority Key Identifier:
keyid:DB:E6:AB:8E:0C:46:E8:41:B4:4D:2B:9C:6B:03:BB:65:F5:62:1D:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-arjgxG6EG0TSucawO7ZfViHbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/3PFyhkeygxSnr9lo2JsKv8zzptA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/96436c-f6fa-40ba-a27c-fb1030651067/1/2-arjgxG6EG0TSucawO7ZfViHbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca81:1330::/44
Signature Algorithm: sha256WithRSAEncryption
b2:0e:e8:7d:29:57:cc:0e:5d:42:42:46:53:1c:4e:b6:80:94:
6f:f5:bf:0f:38:8a:fa:61:10:e6:67:6a:3a:64:8b:c6:78:45:
2d:81:10:4f:b8:72:51:b8:0b:23:67:56:85:44:8f:d7:c5:2a:
2f:71:68:38:67:f7:ac:68:55:5b:f4:69:11:82:16:ea:0f:03:
52:16:ce:45:c4:1c:0b:44:15:6d:38:38:a1:d9:b2:82:7e:f4:
68:f9:ab:4e:c1:70:f7:43:bc:1a:9c:11:88:5a:08:03:53:5f:
78:b7:2c:13:63:84:cc:99:5d:ce:ca:54:9b:53:19:3e:64:e9:
90:e7:b7:27:6b:7d:54:7d:f4:74:99:c2:e3:78:c6:2f:1e:f0:
f7:71:4f:8f:c3:84:60:dc:58:f9:f2:46:d7:5f:f4:88:98:23:
7b:45:5f:a2:6c:4f:13:9e:b9:c6:11:43:e1:8c:22:50:05:87:
8f:7f:cf:61:b7:fa:7b:cc:ec:97:f5:47:36:ef:43:0a:22:32:
c4:f1:24:69:62:ea:7e:a9:d9:0b:c9:8f:9f:b1:95:7c:77:a0:
db:52:7a:1a:e5:34:ea:28:e8:13:fa:07:58:de:98:85:4c:72:
65:f7:d6:ef:05:f5:ce:ff:d3:16:3b:fe:e0:8a:73:0a:5b:0b:
9f:5c:bc:ce
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQks5VY0B3UnhaS8fqq0X5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTZhYjhlMGM0NmU4NDFiNDRkMmI5YzZiMDNiYjY1ZjU2
MjFkYjEwHhcNMjUwMTAyMDE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2YxNzI4NjQ3YjI4MzE0YTdhZmQ5NjhkODliMGFiZmNjZjNhNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNd8fFBPBkbXhfWfKkg17Yg2CqeS
PCe+mcKswsqU4fiL81ln49MTKpeUXbPzdtbVwqzuaA81N7sjc4ieZUCQsp6H/xlM
kl50iodRPWKGO3Vp0Bx5sNTPYVBAO9EjboTmnTQ2aqctn6qFnHr10pgHyPIUXM2T
nLZtHnoB9ueA3UqB62eB89HTAmCUzucgd1fTQ9hpBgvrogxLIwB6XferWnDti6L1
Aqztso8uscrcoQADwyJNy6gYyy62Fki+iFcREzZKGi06Yc6yv2ug21OKzFSyVh64
X+NuaGnUTtoWdMHWRSW804voa9eLw1zI+oFG85cpJlLObxfakWHquFg5kQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNzxcoZHsoMUp6/ZaNibCr/M86bQMB8GA1UdIwQY
MBaAFNvmq44MRuhBtE0rnGsDu2X1Yh2xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2Mt
ZmIxMDMwNjUxMDY3LzEvM1BGeWhrZXlneFNucjlsbzJKc0t2OHp6cHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS85NjQzNmMtZjZmYS00MGJhLWEyN2MtZmIxMDMwNjUxMDY3
LzEvMi1hcmpneEc2RUcwVFN1Y2F3TzdaZlZpSGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg/KgRMw
MA0GCSqGSIb3DQEBCwUAA4IBAQCyDuh9KVfMDl1CQkZTHE62gJRv9b8POIr6YRDm
Z2o6ZIvGeEUtgRBPuHJRuAsjZ1aFRI/XxSovcWg4Z/esaFVb9GkRghbqDwNSFs5F
xBwLRBVtODih2bKCfvRo+atOwXD3Q7wanBGIWggDU194tywTY4TMmV3OylSbUxk+
ZOmQ57cna31UffR0mcLjeMYvHvD3cU+Pw4Rg3Fj58kbXX/SImCN7RV+ibE8TnrnG
EUPhjCJQBYePf89ht/p7zOyX9Uc270MKIjLE8SRpYup+qdkLyY+fsZV8d6DbUnoa
5TTqKOgT+gdY3piFTHJl99bvBfXO/9MWO/7ginMKWwufXLzO
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:14:16 2025 by rpki-client