Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/3XdVfOjfVaq9BZ0fyP2jtZDgalQ.roa
File: 3XdVfOjfVaq9BZ0fyP2jtZDgalQ.roa (raw, json)
Hash identifier: 12Tkg4YV6G3t0yw3MvdjrjNQToyEo5XflLneP7smdm4=
Subject key identifier: DD:77:55:7C:E8:DF:55:AA:BD:05:9D:1F:C8:FD:A3:B5:90:E0:6A:54
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369E29DED14D127BBB392AF8300D98A
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/3XdVfOjfVaq9BZ0fyP2jtZDgalQ.roa
Signing time: Wed 01 Jan 2025 19:48:49 +0000
ROA not before: Wed 01 Jan 2025 19:48:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 2a0f:7803:f98f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e2:9d:ed:14:d1:27:bb:b3:92:af:83:00:d9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd77557ce8df55aabd059d1fc8fda3b590e06a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:cf:32:9b:54:52:a4:7c:54:fc:91:05:82:94:
be:a5:35:00:71:90:4f:34:a3:2f:2b:fd:7e:1a:4c:
36:8f:b9:47:bf:be:77:d0:9e:b2:a7:fd:5a:3c:6c:
7a:6f:23:4c:e6:88:3a:0e:d4:50:80:0e:25:66:ff:
f1:9f:cd:85:76:34:c0:ce:58:c2:17:c5:cc:61:31:
47:c1:40:51:84:40:f1:af:59:99:79:9c:62:40:8a:
3d:27:55:b2:24:e7:8c:74:4a:32:9f:5c:1b:66:98:
8e:21:bc:09:0a:17:ba:55:fa:29:66:fe:a4:aa:e0:
08:27:0e:57:3f:a6:fb:10:10:50:26:40:ff:65:6e:
50:17:cd:02:8b:c5:94:19:a2:8a:4a:9a:28:53:7c:
37:53:b8:8a:6a:0a:74:87:0b:8b:51:7b:80:7b:fd:
e6:6b:85:9e:5d:53:e2:9f:50:ca:9f:23:5f:d2:14:
1c:c3:e8:7c:cb:eb:b4:69:6e:e6:62:38:d0:ef:07:
54:03:17:99:94:b0:f8:08:42:22:e1:17:ee:4d:bd:
8a:e5:d9:a1:b9:a4:f9:cd:44:60:4d:4b:86:83:1f:
15:67:5c:aa:6d:a1:f8:25:fb:8f:3b:91:17:c1:f7:
3e:5e:f9:aa:42:39:02:a2:5d:be:e7:d7:55:03:1e:
32:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:77:55:7C:E8:DF:55:AA:BD:05:9D:1F:C8:FD:A3:B5:90:E0:6A:54
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/3XdVfOjfVaq9BZ0fyP2jtZDgalQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:f98f::/48
Signature Algorithm: sha256WithRSAEncryption
96:ce:82:d2:70:2d:28:7a:02:00:fa:e0:c1:3e:e8:6c:60:21:
ad:fb:60:a6:3f:b6:d3:a4:63:6c:df:82:1d:c6:67:4d:9a:7f:
f1:61:95:f6:64:d6:56:67:27:c7:9a:c5:f2:d3:7d:5d:1f:00:
d6:6c:e9:b6:15:26:a3:fa:2f:34:60:ad:e6:cd:f0:2a:62:7e:
49:c4:aa:d9:9e:4c:f4:8a:4e:45:69:78:75:7b:b3:35:46:b0:
5a:a8:ba:ed:34:2e:0a:1e:93:58:68:30:0d:33:48:ad:01:2c:
71:1b:50:87:f2:67:2b:0a:b1:a9:e8:55:42:ba:28:b1:6a:b6:
61:22:15:8c:e4:4c:e1:1f:93:6f:b6:68:11:13:c3:d5:cc:ef:
3f:ea:c2:31:a1:70:48:4d:17:43:64:34:9d:7c:d0:06:2f:d0:
26:2b:74:47:84:73:5d:10:56:c3:b3:9b:0e:63:10:14:c7:32:
2b:87:ab:65:d8:e2:c3:b0:97:fd:8d:f0:ae:3e:29:7b:ae:37:
d9:b3:1e:ba:10:cd:55:78:f3:9e:a5:a1:73:0e:31:20:ca:82:
e0:5f:57:28:d6:27:ac:ff:dc:36:c3:36:d2:4d:d8:79:71:14:
8f:c2:16:85:ed:dc:2b:e3:9e:77:ec:5a:3f:20:4a:46:e2:05:
b8:0f:90:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjaeKd7RTRJ7uzkq+DANmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDc3NTU3Y2U4ZGY1NWFhYmQwNTlkMWZjOGZkYTNiNTkwZTA2YTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6s8ym1RSpHxU/JEFgpS+pTUAcZBP
NKMvK/1+Gkw2j7lHv7530J6yp/1aPGx6byNM5og6DtRQgA4lZv/xn82FdjTAzljC
F8XMYTFHwUBRhEDxr1mZeZxiQIo9J1WyJOeMdEoyn1wbZpiOIbwJChe6VfopZv6k
quAIJw5XP6b7EBBQJkD/ZW5QF80Ci8WUGaKKSpooU3w3U7iKagp0hwuLUXuAe/3m
a4WeXVPin1DKnyNf0hQcw+h8y+u0aW7mYjjQ7wdUAxeZlLD4CEIi4RfuTb2K5dmh
uaT5zURgTUuGgx8VZ1yqbaH4JfuPO5EXwfc+XvmqQjkCol2+59dVAx4yKQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN13VXzo31WqvQWdH8j9o7WQ4GpUMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvM1hkVmZPamZWYXE5QlowZnlQMmp0WkRnYWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg94A/mP
MA0GCSqGSIb3DQEBCwUAA4IBAQCWzoLScC0oegIA+uDBPuhsYCGt+2CmP7bTpGNs
34IdxmdNmn/xYZX2ZNZWZyfHmsXy031dHwDWbOm2FSaj+i80YK3mzfAqYn5JxKrZ
nkz0ik5FaXh1e7M1RrBaqLrtNC4KHpNYaDANM0itASxxG1CH8mcrCrGp6FVCuiix
arZhIhWM5EzhH5NvtmgRE8PVzO8/6sIxoXBITRdDZDSdfNAGL9AmK3RHhHNdEFbD
s5sOYxAUxzIrh6tl2OLDsJf9jfCuPil7rjfZsx66EM1VePOepaFzDjEgyoLgX1co
1ies/9w2wzbSTdh5cRSPwhaF7dwr45537Fo/IEpG4gW4D5Aq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:31 2025 by rpki-client