Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/3IQOByKOTcga51enuovQ4sZokDo.roa
File: 3IQOByKOTcga51enuovQ4sZokDo.roa (raw, json)
Hash identifier: vLrEYo8CkqHdmdt8RrO1mx/dIlpmkWNUy8nLR9GoYqg=
Subject key identifier: DC:84:0E:07:22:8E:4D:C8:1A:E7:57:A7:BA:8B:D0:E2:C6:68:90:3A
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369EEEDE19E64957272EAC02884D2DB
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/3IQOByKOTcga51enuovQ4sZokDo.roa
Signing time: Wed 01 Jan 2025 19:48:52 +0000
ROA not before: Wed 01 Jan 2025 19:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202402
IP address blocks: 2a0f:7803:ff90::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ee:ed:e1:9e:64:95:72:72:ea:c0:28:84:d2:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc840e07228e4dc81ae757a7ba8bd0e2c668903a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:22:18:fa:bb:43:89:31:80:cf:48:eb:ad:c8:
82:f4:07:27:f9:ce:b7:2a:ec:35:8f:0e:07:1f:a6:
ee:15:50:c5:95:ed:62:5d:7e:25:99:24:e2:08:cf:
c5:e9:fa:db:3b:da:7b:08:fd:b0:28:d1:2b:cb:7d:
18:f2:75:29:fc:a4:69:e0:26:49:9d:ea:d5:d4:46:
fd:35:f7:76:00:ab:2d:b4:f2:b9:e6:92:cd:fb:4f:
eb:69:02:e5:52:4a:89:d1:c9:fc:fb:b9:7d:1d:bb:
85:7e:9c:b0:50:12:13:bc:9a:da:ff:3f:87:46:a2:
30:5f:f8:41:34:04:61:c6:06:cd:8e:d1:79:8a:3b:
89:ea:7b:3c:fc:6e:c9:0a:80:c5:1d:5a:8c:4f:21:
c1:93:58:4c:74:7b:bf:a0:7b:4c:8a:df:98:0c:82:
08:0e:eb:89:7e:15:43:d4:f0:a2:c1:35:9a:a6:b6:
4a:0b:70:b9:6a:de:d8:5c:5d:9a:f1:6d:d0:2e:bd:
0b:cb:e2:d2:71:7c:e9:de:5a:2c:d7:c2:40:0c:0b:
e1:fa:ca:20:e3:3e:8e:e9:45:76:0d:34:95:ca:ca:
5a:c3:2f:be:88:57:a4:53:ef:6a:e9:a1:1c:9a:54:
bc:9a:b5:62:d8:3e:86:bf:ae:a2:11:bc:e4:11:7f:
cf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:84:0E:07:22:8E:4D:C8:1A:E7:57:A7:BA:8B:D0:E2:C6:68:90:3A
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/3IQOByKOTcga51enuovQ4sZokDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:ff90::/44
Signature Algorithm: sha256WithRSAEncryption
92:b0:90:33:2f:f9:26:ed:54:4c:2e:69:c6:e0:e0:03:73:c9:
5f:41:e5:11:87:81:b4:0c:75:d4:e4:66:1f:1e:2a:91:67:d4:
8b:41:6a:3b:45:f5:c6:f4:bb:e8:ea:68:f3:e2:ab:04:2a:ae:
16:6a:f2:79:41:bf:ef:18:cc:57:78:dd:5d:40:3c:6a:bf:f7:
2e:80:da:e9:c0:2f:6e:a5:19:96:a7:54:4e:d3:a5:34:c6:6c:
14:c6:fc:93:11:be:6a:b8:86:c3:45:7b:a1:8b:79:9d:e9:f4:
d8:99:bf:af:4d:a1:ae:fb:11:03:cf:c0:b2:a7:95:a5:ce:2e:
08:0d:c3:59:44:6d:18:43:db:99:a4:09:3d:0f:fe:88:e8:92:
ab:4c:8c:fe:25:2a:7f:1a:c8:76:bd:09:38:62:7c:c8:0c:5b:
6c:93:50:d9:18:4e:65:74:5e:ff:f9:23:a8:25:37:d3:10:29:
85:9a:18:25:18:ed:18:4f:00:42:7d:4a:52:fc:4a:d0:56:e3:
eb:5c:96:23:c9:e0:8f:de:6a:88:56:15:ab:bd:3d:8d:cb:d7:
d1:42:66:f5:9a:01:72:5d:af:c0:8d:b7:ce:a4:19:80:85:df:
85:5f:27:ae:56:33:cb:9c:04:96:a4:83:55:c2:4f:6e:73:26:
fd:b6:ed:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjae7t4Z5klXJy6sAohNLbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzg0MGUwNzIyOGU0ZGM4MWFlNzU3YTdiYThiZDBlMmM2Njg5MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCIY+rtDiTGAz0jrrciC9Acn+c63
Kuw1jw4HH6buFVDFle1iXX4lmSTiCM/F6frbO9p7CP2wKNEry30Y8nUp/KRp4CZJ
nerV1Eb9Nfd2AKsttPK55pLN+0/raQLlUkqJ0cn8+7l9HbuFfpywUBITvJra/z+H
RqIwX/hBNARhxgbNjtF5ijuJ6ns8/G7JCoDFHVqMTyHBk1hMdHu/oHtMit+YDIII
DuuJfhVD1PCiwTWaprZKC3C5at7YXF2a8W3QLr0Ly+LScXzp3los18JADAvh+sog
4z6O6UV2DTSVyspawy++iFekU+9q6aEcmlS8mrVi2D6Gv66iEbzkEX/PEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNyEDgcijk3IGudXp7qL0OLGaJA6MB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvM0lRT0J5S09UY2dhNTFlbnVvdlE0c1pva0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/+Q
MA0GCSqGSIb3DQEBCwUAA4IBAQCSsJAzL/km7VRMLmnG4OADc8lfQeURh4G0DHXU
5GYfHiqRZ9SLQWo7RfXG9Lvo6mjz4qsEKq4WavJ5Qb/vGMxXeN1dQDxqv/cugNrp
wC9upRmWp1RO06U0xmwUxvyTEb5quIbDRXuhi3md6fTYmb+vTaGu+xEDz8Cyp5Wl
zi4IDcNZRG0YQ9uZpAk9D/6I6JKrTIz+JSp/Gsh2vQk4YnzIDFtsk1DZGE5ldF7/
+SOoJTfTECmFmhglGO0YTwBCfUpS/ErQVuPrXJYjyeCP3mqIVhWrvT2Ny9fRQmb1
mgFyXa/AjbfOpBmAhd+FXyeuVjPLnASWpINVwk9ucyb9tu1/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:53 2025 by rpki-client