Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/40FRfd8mHnlvSshlLcxHCML89vE.roa
File: 40FRfd8mHnlvSshlLcxHCML89vE.roa (raw, json)
Hash identifier: uNWGH/Wf1HWqRJkn2my2YHYIDgBGl8pfUCPgjNRNjYE=
Subject key identifier: E3:41:51:7D:DF:26:1E:79:6F:4A:C8:65:2D:CC:47:08:C2:FC:F6:F1
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369ED7026266AFE1FD202B5F1A51C36
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/40FRfd8mHnlvSshlLcxHCML89vE.roa
Signing time: Wed 01 Jan 2025 19:48:51 +0000
ROA not before: Wed 01 Jan 2025 19:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200827
IP address blocks: 2a0f:7802:f000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ed:70:26:26:6a:fe:1f:d2:02:b5:f1:a5:1c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e341517ddf261e796f4ac8652dcc4708c2fcf6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1b:99:96:80:e9:cb:e8:68:ed:77:81:9e:38:
ce:c6:87:c5:20:f7:bc:ba:61:f1:5f:60:4b:8c:2c:
b0:af:d4:2a:f9:1f:5d:0c:5f:30:1e:65:32:b9:b1:
53:a6:71:22:9f:a2:c5:e8:18:9b:31:22:4b:74:93:
42:37:6f:a5:3a:36:5a:c2:f7:d7:26:7b:81:4c:6f:
f4:f9:f5:2d:e9:be:ac:3f:f7:ce:6f:c6:e9:e1:6b:
16:d7:8c:d4:76:a3:d2:35:ed:eb:14:68:34:be:32:
2a:94:7b:f3:fd:c5:58:f4:f4:5a:9b:45:44:d5:af:
dd:04:0e:39:00:6b:86:cf:7c:bc:1a:c8:8a:a9:e2:
6b:9a:31:e4:94:9b:5b:0c:2a:18:d8:6c:6e:ad:fa:
b2:01:59:a0:ab:84:d2:4c:04:a7:1d:46:c2:49:ed:
8c:b9:d6:fc:97:5e:e9:db:41:97:94:ee:f4:5f:07:
89:6d:45:bd:d3:d1:54:b9:0f:a2:02:52:4c:ab:44:
71:7b:52:a3:5d:d3:b5:27:e9:63:f8:ac:7b:0b:14:
37:72:07:41:2a:0b:96:8c:eb:7f:5c:32:b3:ba:42:
6e:d4:53:64:26:04:bc:1f:4a:1e:00:c4:93:6d:13:
76:42:cd:d0:ca:f3:3b:c5:b0:a7:6d:54:ce:26:fb:
55:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:41:51:7D:DF:26:1E:79:6F:4A:C8:65:2D:CC:47:08:C2:FC:F6:F1
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/40FRfd8mHnlvSshlLcxHCML89vE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7802:f000::/36
Signature Algorithm: sha256WithRSAEncryption
37:eb:28:34:05:76:e3:bd:58:f6:23:15:88:f0:7e:76:67:b4:
49:49:51:f1:61:1c:18:ab:d6:cb:3c:fc:ab:7a:c1:51:d0:c5:
03:c9:63:75:3c:2f:59:5f:8e:02:b8:09:bc:91:cc:74:36:3a:
64:1f:97:3c:d3:f4:43:df:4d:9f:78:6e:01:e2:bc:1e:58:3f:
02:0a:3d:58:c1:a0:7e:08:92:c0:55:de:70:9e:49:08:ae:69:
49:67:6f:53:46:45:67:b8:36:bb:c6:74:2a:48:0c:cb:49:c3:
0c:b4:e1:94:91:ca:ca:62:b8:85:5b:56:5e:1d:7e:43:27:84:
d0:17:3b:c3:6b:3c:ac:c3:0f:ef:49:72:26:be:f8:91:15:08:
3b:22:b6:c2:af:1b:4e:25:1e:db:2b:15:b0:08:40:46:d7:bf:
0d:b5:b2:2d:99:e8:98:e1:e9:2f:c7:1f:b2:b8:45:e3:01:ee:
4a:3d:d2:c9:b0:76:64:ff:83:95:99:f4:ef:59:81:4e:0d:79:
ee:8d:d5:8e:5f:7f:0c:bd:99:2e:61:36:86:8e:74:17:0e:78:
6d:33:f4:40:d5:09:85:14:13:c0:ec:33:05:ad:7e:51:fd:4d:
9e:5e:59:09:de:62:b2:7f:58:e0:e8:95:cf:6f:93:01:96:ac:
fd:83:51:28
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjae1wJiZq/h/SArXxpRw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQxNTE3ZGRmMjYxZTc5NmY0YWM4NjUyZGNjNDcwOGMyZmNmNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBuZloDpy+ho7XeBnjjOxofFIPe8
umHxX2BLjCywr9Qq+R9dDF8wHmUyubFTpnEin6LF6BibMSJLdJNCN2+lOjZawvfX
JnuBTG/0+fUt6b6sP/fOb8bp4WsW14zUdqPSNe3rFGg0vjIqlHvz/cVY9PRam0VE
1a/dBA45AGuGz3y8GsiKqeJrmjHklJtbDCoY2GxurfqyAVmgq4TSTASnHUbCSe2M
udb8l17p20GXlO70XweJbUW909FUuQ+iAlJMq0Rxe1KjXdO1J+lj+Kx7CxQ3cgdB
KguWjOt/XDKzukJu1FNkJgS8H0oeAMSTbRN2Qs3QyvM7xbCnbVTOJvtVvQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFONBUX3fJh55b0rIZS3MRwjC/PbxMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvNDBGUmZkOG1Ibmx2U3NobExjeEhDTUw4OXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKg94AvAw
DQYJKoZIhvcNAQELBQADggEBADfrKDQFduO9WPYjFYjwfnZntElJUfFhHBir1ss8
/Kt6wVHQxQPJY3U8L1lfjgK4CbyRzHQ2OmQflzzT9EPfTZ94bgHivB5YPwIKPVjB
oH4IksBV3nCeSQiuaUlnb1NGRWe4NrvGdCpIDMtJwwy04ZSRyspiuIVbVl4dfkMn
hNAXO8NrPKzDD+9Jcia++JEVCDsitsKvG04lHtsrFbAIQEbXvw21si2Z6Jjh6S/H
H7K4ReMB7ko90smwdmT/g5WZ9O9ZgU4Nee6N1Y5ffwy9mS5hNoaOdBcOeG0z9EDV
CYUUE8DsMwWtflH9TZ5eWQneYrJ/WODolc9vkwGWrP2DUSg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:27 2025 by rpki-client