Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/4l_5ukUgFPciPl6z-yocvb5PwHQ.roa
File: 4l_5ukUgFPciPl6z-yocvb5PwHQ.roa (raw, json)
Hash identifier: FnLNYhnpijeMFESL0doxMu4Wb/ucYe5J+RdFfAagzbo=
Subject key identifier: E2:5F:F9:BA:45:20:14:F7:22:3E:5E:B3:FB:2A:1C:BD:BE:4F:C0:74
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369FE2F29C637F11DE4A4F9F2FEA8CF
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/4l_5ukUgFPciPl6z-yocvb5PwHQ.roa
Signing time: Wed 01 Jan 2025 19:48:56 +0000
ROA not before: Wed 01 Jan 2025 19:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216354
IP address blocks: 2a0f:7803:fec0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:fe:2f:29:c6:37:f1:1d:e4:a4:f9:f2:fe:a8:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e25ff9ba452014f7223e5eb3fb2a1cbdbe4fc074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f9:e5:b4:db:1b:4d:dc:be:8a:c4:f8:db:b4:
14:bb:4a:33:42:86:33:b9:67:60:09:51:f8:46:b1:
17:05:cd:d9:64:a8:fa:26:dd:8d:ac:be:20:a7:78:
9d:76:70:a1:bf:b9:2e:98:2c:0c:55:7a:c2:01:3a:
94:5c:cf:0b:2b:2c:ec:12:45:94:2d:b4:8b:83:24:
c3:e2:7c:14:f9:c4:48:78:b1:cc:05:07:e9:88:8f:
56:57:98:38:c5:5b:34:eb:04:0b:9e:6f:57:7f:58:
15:6b:51:2a:68:a0:ce:4a:3c:c9:ed:a6:a2:ad:db:
c8:40:50:54:36:b8:d3:dc:54:33:5a:00:99:b1:b0:
06:0e:ad:ac:4e:58:e2:c0:77:08:ea:3a:b1:a8:94:
b8:13:6d:3f:a2:c4:e9:22:e9:1c:11:22:82:5a:44:
db:20:aa:3e:90:07:ca:4a:2a:0b:9c:67:ab:3b:99:
ab:2c:27:22:ff:6b:b9:1e:7f:16:3a:98:cd:5a:08:
26:d6:4e:75:78:ea:ef:1d:f0:d5:58:c0:33:e1:f9:
24:dd:46:6c:18:77:82:c7:c7:d5:9e:d2:e4:92:7e:
dd:b8:30:37:a6:d6:f5:45:5f:29:a1:19:87:f7:84:
c4:38:0a:9e:c1:eb:bc:5b:92:d1:a2:5a:8b:f0:54:
c3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5F:F9:BA:45:20:14:F7:22:3E:5E:B3:FB:2A:1C:BD:BE:4F:C0:74
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/4l_5ukUgFPciPl6z-yocvb5PwHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:fec0::/44
Signature Algorithm: sha256WithRSAEncryption
bb:7c:0d:de:a0:83:33:52:49:4c:7a:e1:89:fa:31:be:2b:04:
e4:ea:60:91:c4:3e:5d:0c:43:d4:3d:8d:73:ee:3f:f8:c5:2a:
9f:0e:64:4c:05:9e:47:88:9f:92:84:c2:b2:d0:bf:eb:b0:61:
fe:c5:e8:0b:92:3e:f5:54:b1:d4:e2:d1:81:61:6a:83:42:2e:
fe:c4:ea:2d:b0:2b:67:c9:0b:11:f9:2e:ed:68:86:b2:0c:98:
fe:b6:0b:82:69:57:14:23:9b:8d:c3:68:b2:d6:56:c9:73:ef:
b8:9a:1c:bb:57:03:66:25:6b:87:e7:5e:3b:4c:62:37:a2:84:
c8:ab:e8:12:92:a7:6d:91:9c:dc:a8:ad:a3:5e:30:ae:8b:8b:
c1:0b:ea:58:33:b2:65:4c:ca:b0:87:a3:b0:ac:ed:88:16:17:
84:de:0c:d7:c8:a3:7f:fd:1e:0a:95:f1:7f:09:1c:d5:57:7c:
9a:70:db:eb:91:8a:7a:da:f3:c3:49:2d:c5:f4:a8:73:59:78:
ae:10:03:22:74:4b:35:2f:28:3a:5c:5d:16:be:5d:37:4b:2c:
10:13:db:76:ff:0f:30:70:98:63:cd:f0:12:a8:aa:4f:3e:13:
ea:92:f5:e0:68:f7:37:28:68:2c:9f:de:e8:62:a7:50:e5:64:
9e:f1:2d:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjaf4vKcY38R3kpPny/qjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjVmZjliYTQ1MjAxNGY3MjIzZTVlYjNmYjJhMWNiZGJlNGZjMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPnltNsbTdy+isT427QUu0ozQoYz
uWdgCVH4RrEXBc3ZZKj6Jt2NrL4gp3iddnChv7kumCwMVXrCATqUXM8LKyzsEkWU
LbSLgyTD4nwU+cRIeLHMBQfpiI9WV5g4xVs06wQLnm9Xf1gVa1EqaKDOSjzJ7aai
rdvIQFBUNrjT3FQzWgCZsbAGDq2sTljiwHcI6jqxqJS4E20/osTpIukcESKCWkTb
IKo+kAfKSioLnGerO5mrLCci/2u5Hn8WOpjNWggm1k51eOrvHfDVWMAz4fkk3UZs
GHeCx8fVntLkkn7duDA3ptb1RV8poRmH94TEOAqeweu8W5LRolqL8FTD+QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOJf+bpFIBT3Ij5es/sqHL2+T8B0MB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvNGxfNXVrVWdGUGNpUGw2ei15b2N2YjVQd0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/7A
MA0GCSqGSIb3DQEBCwUAA4IBAQC7fA3eoIMzUklMeuGJ+jG+KwTk6mCRxD5dDEPU
PY1z7j/4xSqfDmRMBZ5HiJ+ShMKy0L/rsGH+xegLkj71VLHU4tGBYWqDQi7+xOot
sCtnyQsR+S7taIayDJj+tguCaVcUI5uNw2iy1lbJc++4mhy7VwNmJWuH5147TGI3
ooTIq+gSkqdtkZzcqK2jXjCui4vBC+pYM7JlTMqwh6OwrO2IFheE3gzXyKN//R4K
lfF/CRzVV3yacNvrkYp62vPDSS3F9KhzWXiuEAMidEs1Lyg6XF0Wvl03SywQE9t2
/w8wcJhjzfASqKpPPhPqkvXgaPc3KGgsn97oYqdQ5WSe8S3H
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:40 2025 by rpki-client