Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/CqYTmXCgqQhI5vX7oIe0RGbrBbA.roa
File: CqYTmXCgqQhI5vX7oIe0RGbrBbA.roa (raw, json)
Hash identifier: jmREtOvtUxLrEd/w+WKon7XtzJQI3q8LrKBrO4sHiAM=
Subject key identifier: 0A:A6:13:99:70:A0:A9:08:48:E6:F5:FB:A0:87:B4:44:66:EB:05:B0
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369F31700A87AD2E234853DFE4693B3
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/CqYTmXCgqQhI5vX7oIe0RGbrBbA.roa
Signing time: Wed 01 Jan 2025 19:48:53 +0000
ROA not before: Wed 01 Jan 2025 19:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214704
IP address blocks: 2a0f:7803:fa20::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f3:17:00:a8:7a:d2:e2:34:85:3d:fe:46:93:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aa6139970a0a90848e6f5fba087b44466eb05b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9a:c1:4d:e3:2e:29:53:63:57:f9:16:c3:e7:
f0:c9:f5:9e:05:4e:26:e9:f3:b9:2c:40:9c:d4:8f:
45:da:a1:52:69:b7:3d:1c:ce:c6:d1:05:30:f8:7b:
0e:76:82:2c:e1:65:e7:ea:36:4c:e7:bd:1e:ad:5d:
ab:a0:71:99:90:50:6d:1e:6a:c4:83:28:9f:3b:92:
2b:0f:46:c6:52:86:e3:5c:4d:5d:cf:c0:cb:9e:5e:
fa:d6:e7:fe:b0:7f:44:43:ce:70:f2:69:03:50:6b:
0f:df:f7:57:69:c8:8f:74:fc:df:a8:73:66:96:d6:
bd:15:3a:5a:73:d5:ac:8b:33:6c:0f:12:2b:16:b7:
e4:ad:0c:1d:e1:41:14:a8:e1:81:80:e0:f9:af:8e:
e2:51:6f:31:55:e3:72:37:f3:ea:ac:fc:c1:45:8a:
37:1d:3a:ba:e3:9f:cd:75:a8:51:4c:4f:6e:15:db:
65:0f:62:55:0c:f2:bf:34:4b:b5:18:5f:29:64:72:
59:e6:e6:a3:74:b0:10:28:d4:f4:81:b0:2a:e1:7b:
e3:21:29:8c:ed:1d:71:05:38:ec:82:09:19:46:33:
4a:ef:87:95:34:e3:77:2d:c8:c1:80:9d:39:3c:77:
d9:dc:a9:d5:c9:aa:ab:72:35:07:fd:29:98:0a:d7:
42:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A6:13:99:70:A0:A9:08:48:E6:F5:FB:A0:87:B4:44:66:EB:05:B0
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/CqYTmXCgqQhI5vX7oIe0RGbrBbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:fa20::/44
Signature Algorithm: sha256WithRSAEncryption
2e:b2:f1:62:3e:1e:78:1e:34:81:59:d0:60:0a:8e:49:19:8f:
b3:93:74:7a:50:c2:c3:6f:e1:d0:b2:29:44:46:8f:3b:63:3c:
a3:9f:c8:26:69:1a:b9:36:24:28:74:26:75:60:6e:7d:2b:fa:
48:67:2c:7f:0d:ab:95:f4:77:7c:49:0a:46:77:33:d5:43:ab:
ba:e6:86:b2:55:f1:93:15:55:e8:96:bd:6a:67:0f:09:43:5d:
d3:2c:0c:8c:90:8c:66:a5:e9:f3:3a:ca:e5:5d:0e:92:ba:f4:
65:5d:a6:3e:d2:7a:75:6c:1d:e8:1f:db:48:43:d9:a4:06:1d:
fa:f3:74:06:53:e5:ee:ab:02:17:eb:ba:3d:35:a7:61:0c:69:
e6:31:fb:1d:96:ec:d8:f5:a4:7e:5a:e4:61:ba:3f:48:ce:d1:
4b:c8:e6:2f:68:28:17:3d:48:fd:b7:94:ef:6c:c7:43:87:d0:
0f:21:9a:f8:5e:12:ae:9c:84:a2:d7:22:33:c4:72:b6:99:33:
af:b3:2f:6a:e9:d4:6d:bf:b3:10:ac:72:21:fe:b2:a2:9a:3a:
51:ab:5d:7e:20:ab:cd:8e:1b:4b:10:e9:e5:aa:c9:ff:f2:87:
94:1e:65:7b:f1:67:fc:67:75:6f:1a:4f:ed:3a:a0:f5:7a:fa:
6e:3a:6a:80
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjafMXAKh60uI0hT3+RpOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWE2MTM5OTcwYTBhOTA4NDhlNmY1ZmJhMDg3YjQ0NDY2ZWIwNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJrBTeMuKVNjV/kWw+fwyfWeBU4m
6fO5LECc1I9F2qFSabc9HM7G0QUw+HsOdoIs4WXn6jZM570erV2roHGZkFBtHmrE
gyifO5IrD0bGUobjXE1dz8DLnl761uf+sH9EQ85w8mkDUGsP3/dXaciPdPzfqHNm
lta9FTpac9WsizNsDxIrFrfkrQwd4UEUqOGBgOD5r47iUW8xVeNyN/PqrPzBRYo3
HTq645/NdahRTE9uFdtlD2JVDPK/NEu1GF8pZHJZ5uajdLAQKNT0gbAq4XvjISmM
7R1xBTjsggkZRjNK74eVNON3LcjBgJ05PHfZ3KnVyaqrcjUH/SmYCtdCSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAqmE5lwoKkISOb1+6CHtERm6wWwMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvQ3FZVG1YQ2dxUWhJNXZYN29JZTBSR2JyQmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/og
MA0GCSqGSIb3DQEBCwUAA4IBAQAusvFiPh54HjSBWdBgCo5JGY+zk3R6UMLDb+HQ
silERo87Yzyjn8gmaRq5NiQodCZ1YG59K/pIZyx/DauV9Hd8SQpGdzPVQ6u65oay
VfGTFVXolr1qZw8JQ13TLAyMkIxmpenzOsrlXQ6SuvRlXaY+0np1bB3oH9tIQ9mk
Bh3683QGU+XuqwIX67o9NadhDGnmMfsdluzY9aR+WuRhuj9IztFLyOYvaCgXPUj9
t5TvbMdDh9APIZr4XhKunISi1yIzxHK2mTOvsy9q6dRtv7MQrHIh/rKimjpRq11+
IKvNjhtLEOnlqsn/8oeUHmV78Wf8Z3VvGk/tOqD1evpuOmqA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:12 2025 by rpki-client