Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2PuEc0IlKkwN2qtSadf_mp62uJo.roa
File: 2PuEc0IlKkwN2qtSadf_mp62uJo.roa (raw, json)
Hash identifier: dl66d2BPAPZpvdrPBei2aQ90qwd8yC/l9DoRXXtSxWg=
Subject key identifier: D8:FB:84:73:42:25:2A:4C:0D:DA:AB:52:69:D7:FF:9A:9E:B6:B8:9A
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018CC2D12FD8CEA315C3B2587C5168AF3A3C
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2PuEc0IlKkwN2qtSadf_mp62uJo.roa
Signing time: Mon 01 Jan 2024 02:18:58 +0000
ROA not before: Mon 01 Jan 2024 02:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 2a0f:7803:fec0::/44 maxlen: 48
2a0f:7803:fe50::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:d1:2f:d8:ce:a3:15:c3:b2:58:7c:51:68:af:3a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 02:18:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8fb847342252a4c0ddaab5269d7ff9a9eb6b89a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3a:28:f4:5c:df:b2:1a:82:34:ab:be:b8:0e:
02:05:3b:0b:59:34:0f:73:53:01:ce:c4:16:a9:83:
6d:3a:31:e1:89:03:00:5f:e3:a6:a6:e7:81:a5:d0:
6f:14:3f:c0:9d:a2:84:58:ac:8f:c6:f8:83:1a:14:
9d:3f:86:70:29:58:e0:8d:fe:ea:33:71:83:1f:c9:
27:8c:28:5b:ca:9f:8f:80:0a:ab:f7:08:dc:d1:d7:
be:78:97:a2:f1:81:78:15:41:e9:e2:43:f4:28:3a:
26:00:be:89:0f:2f:da:c4:dd:3d:db:67:d8:ff:2f:
d4:f5:48:60:fb:0d:cd:97:f8:7a:18:a9:0e:a6:19:
88:d5:0e:f7:e9:c6:cf:f9:2f:57:2d:ac:55:de:3d:
57:2a:26:49:d9:56:90:5f:58:21:91:d5:cd:75:27:
d1:ae:dc:fe:e0:c4:79:dd:02:0d:4f:8f:72:7a:40:
d4:86:3f:2f:c8:2b:14:f4:53:f3:08:31:63:2e:24:
66:49:e0:7f:7d:18:15:c0:76:b2:2d:67:fe:dd:19:
7e:07:e4:3c:6f:5c:ef:b4:13:55:aa:ec:cf:b1:d4:
df:40:3e:b6:39:8e:b8:3c:01:49:f2:ec:d8:e9:5c:
07:f5:1c:f8:30:2f:7e:4f:e3:c9:3f:b4:26:fd:62:
e1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FB:84:73:42:25:2A:4C:0D:DA:AB:52:69:D7:FF:9A:9E:B6:B8:9A
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/2PuEc0IlKkwN2qtSadf_mp62uJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:fe50::/44
2a0f:7803:fec0::/44
Signature Algorithm: sha256WithRSAEncryption
34:98:28:97:93:31:39:b3:10:bb:63:a4:fe:4f:af:3a:12:3a:
53:1a:b5:0c:9e:ac:14:1b:11:a5:a6:ca:e6:16:70:8e:98:50:
64:d2:8b:c6:9e:1c:79:f7:9d:2c:39:17:51:f1:cd:62:db:55:
04:21:fb:7b:2e:da:02:2e:08:6d:68:3e:7f:08:dd:fc:44:a1:
6e:1b:d7:12:d9:75:71:01:0e:d7:bf:d5:ea:56:40:06:48:65:
85:45:f9:8b:8c:70:1f:f4:50:db:eb:58:73:11:2b:4b:04:e1:
e5:85:e0:8e:c2:0c:77:a8:06:06:df:c5:44:5c:64:09:48:fb:
b2:13:51:a6:c8:19:2f:06:61:e7:8d:b6:0d:cf:71:91:62:c6:
26:8e:b1:a9:a2:6d:64:3a:ea:72:19:3b:82:6f:07:a1:0b:2b:
8c:e0:09:08:e7:be:06:01:e1:16:be:5b:1e:ee:b6:60:34:94:
49:89:f9:15:19:f4:8b:b7:9a:1c:bc:14:aa:2f:c6:c9:17:b7:
fe:99:ed:32:b1:28:94:85:3e:5f:1e:d9:2c:0c:77:ca:ab:1e:
44:44:eb:50:d3:ab:d5:54:65:40:d5:f0:f9:fe:c4:a6:15:cc:
c5:dc:65:bf:d0:6e:c4:d0:e2:b6:2f:93:67:d9:7a:4d:dc:5c:
ce:2f:ae:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC0S/YzqMVw7JYfFForzo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwMTAxMDIxODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZiODQ3MzQyMjUyYTRjMGRkYWFiNTI2OWQ3ZmY5YTllYjZiODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDoo9FzfshqCNKu+uA4CBTsLWTQP
c1MBzsQWqYNtOjHhiQMAX+OmpueBpdBvFD/AnaKEWKyPxviDGhSdP4ZwKVjgjf7q
M3GDH8knjChbyp+PgAqr9wjc0de+eJei8YF4FUHp4kP0KDomAL6JDy/axN0922fY
/y/U9Uhg+w3Nl/h6GKkOphmI1Q736cbP+S9XLaxV3j1XKiZJ2VaQX1ghkdXNdSfR
rtz+4MR53QINT49yekDUhj8vyCsU9FPzCDFjLiRmSeB/fRgVwHayLWf+3Rl+B+Q8
b1zvtBNVquzPsdTfQD62OY64PAFJ8uzY6VwH9Rz4MC9+T+PJP7Qm/WLh9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNj7hHNCJSpMDdqrUmnX/5qetriaMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvMlB1RWMwSWxLa3dOMnF0U2FkZl9tcDYydUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg94A/5Q
AwcEKg94A/7AMA0GCSqGSIb3DQEBCwUAA4IBAQA0mCiXkzE5sxC7Y6T+T686EjpT
GrUMnqwUGxGlpsrmFnCOmFBk0ovGnhx5950sORdR8c1i21UEIft7LtoCLghtaD5/
CN38RKFuG9cS2XVxAQ7Xv9XqVkAGSGWFRfmLjHAf9FDb61hzEStLBOHlheCOwgx3
qAYG38VEXGQJSPuyE1GmyBkvBmHnjbYNz3GRYsYmjrGpom1kOupyGTuCbwehCyuM
4AkI574GAeEWvlse7rZgNJRJifkVGfSLt5ocvBSqL8bJF7f+me0ysSiUhT5fHtks
DHfKqx5EROtQ06vVVGVA1fD5/sSmFczF3GW/0G7E0OK2L5Nn2XpN3FzOL67h
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:37 2025 by rpki-client