Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/E9PBI9E7d1TVmsv9zIp45ZUIg1I.roa
File: E9PBI9E7d1TVmsv9zIp45ZUIg1I.roa (raw, json)
Hash identifier: QXC+t33mieQYlnnkCq/aJeYBb2KgfRo+r0W2uyeSTKY=
Subject key identifier: 13:D3:C1:23:D1:3B:77:54:D5:9A:CB:FD:CC:8A:78:E5:95:08:83:52
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369F5D81916BECBA24FB660E726455A
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/E9PBI9E7d1TVmsv9zIp45ZUIg1I.roa
Signing time: Wed 01 Jan 2025 19:48:54 +0000
ROA not before: Wed 01 Jan 2025 19:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214747
IP address blocks: 2a0f:7803:faa0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:f5:d8:19:16:be:cb:a2:4f:b6:60:e7:26:45:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13d3c123d13b7754d59acbfdcc8a78e595088352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:a1:e8:a5:6b:3a:cb:53:98:c7:40:15:67:ed:
9e:60:22:65:6c:81:23:fa:2f:62:1c:eb:fa:46:13:
3d:c0:a9:16:94:26:72:25:5d:27:73:1f:c2:75:92:
46:bc:97:df:74:27:fc:59:d5:c8:fe:6b:2f:e0:2d:
56:b9:5a:26:27:44:ed:36:f2:a4:79:b3:ea:12:01:
ff:86:bb:1a:87:f6:b7:ed:61:0b:2a:89:d9:39:8f:
d0:5f:f5:95:14:f7:23:06:e7:31:96:c3:a9:f9:93:
d7:05:cd:22:16:1a:9e:10:a8:da:5c:31:17:91:49:
1b:c1:a5:c9:40:bb:8a:ae:eb:1d:7f:21:cc:35:05:
07:f3:c9:27:ae:60:d5:53:2b:e6:98:b6:a2:54:7c:
1d:4e:07:d3:1b:97:5e:7c:72:d5:62:16:af:e0:1c:
04:be:67:dc:af:3e:21:fc:d9:74:7c:c9:30:fd:97:
b0:d9:06:46:1d:09:5f:26:12:18:ef:d0:99:d0:db:
38:52:73:87:80:8e:69:f6:40:1d:1d:ec:40:3a:63:
56:c7:40:a7:d0:27:b2:0f:0a:53:17:6b:bd:75:17:
2e:46:f9:97:ba:a0:de:e3:34:c0:84:78:79:70:b3:
81:87:eb:f8:61:9e:b7:b4:71:76:90:81:7f:2d:0c:
42:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D3:C1:23:D1:3B:77:54:D5:9A:CB:FD:CC:8A:78:E5:95:08:83:52
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/E9PBI9E7d1TVmsv9zIp45ZUIg1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:faa0::/44
Signature Algorithm: sha256WithRSAEncryption
50:92:c4:27:6c:b5:c7:18:07:b4:fc:76:d0:e9:4b:33:85:47:
37:eb:dd:90:7e:68:e2:71:89:ba:2d:fc:b5:16:75:ac:ed:11:
c6:ae:8b:a2:14:5f:c5:3a:69:b0:65:4c:7b:b6:a7:56:16:50:
55:9b:b5:ed:45:ba:d4:aa:d5:81:17:09:d8:c0:b8:99:60:eb:
19:23:88:77:8f:89:0a:00:d5:f3:3f:ec:95:7a:1f:54:5e:a1:
e0:b1:2d:c1:3c:93:55:f5:b3:2c:26:a1:42:0f:30:74:fd:cc:
09:15:c3:a3:cc:66:27:cf:65:33:8b:04:f5:ec:e1:82:c8:53:
26:85:0e:df:b4:6c:75:c5:f4:2d:02:ea:a2:26:8f:23:dd:d7:
fa:e8:76:70:29:6c:69:22:8e:bd:e5:75:bd:c8:92:d8:af:d0:
9a:4b:80:10:df:c9:1d:58:ad:27:10:37:26:5e:21:99:32:69:
bd:16:63:89:46:b7:1f:59:d4:7f:bf:6e:13:86:6f:70:24:57:
8b:50:ad:61:51:e6:ff:d5:fc:fa:e8:63:35:5d:4e:1e:93:6a:
69:04:26:a4:4e:6d:99:75:bd:52:4f:d7:cf:0f:af:4d:80:05:
bd:58:09:fb:6d:68:dc:40:6f:d5:e5:50:a5:0e:02:03:be:84:
30:5e:e8:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjafXYGRa+y6JPtmDnJkVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2QzYzEyM2QxM2I3NzU0ZDU5YWNiZmRjYzhhNzhlNTk1MDg4MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26HopWs6y1OYx0AVZ+2eYCJlbIEj
+i9iHOv6RhM9wKkWlCZyJV0ncx/CdZJGvJffdCf8WdXI/msv4C1WuVomJ0TtNvKk
ebPqEgH/hrsah/a37WELKonZOY/QX/WVFPcjBucxlsOp+ZPXBc0iFhqeEKjaXDEX
kUkbwaXJQLuKrusdfyHMNQUH88knrmDVUyvmmLaiVHwdTgfTG5defHLVYhav4BwE
vmfcrz4h/Nl0fMkw/Zew2QZGHQlfJhIY79CZ0Ns4UnOHgI5p9kAdHexAOmNWx0Cn
0CeyDwpTF2u9dRcuRvmXuqDe4zTAhHh5cLOBh+v4YZ63tHF2kIF/LQxC1QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBPTwSPRO3dU1ZrL/cyKeOWVCINSMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvRTlQQkk5RTdkMVRWbXN2OXpJcDQ1WlVJZzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/qg
MA0GCSqGSIb3DQEBCwUAA4IBAQBQksQnbLXHGAe0/HbQ6UszhUc3692QfmjicYm6
Lfy1FnWs7RHGrouiFF/FOmmwZUx7tqdWFlBVm7XtRbrUqtWBFwnYwLiZYOsZI4h3
j4kKANXzP+yVeh9UXqHgsS3BPJNV9bMsJqFCDzB0/cwJFcOjzGYnz2UziwT17OGC
yFMmhQ7ftGx1xfQtAuqiJo8j3df66HZwKWxpIo695XW9yJLYr9CaS4AQ38kdWK0n
EDcmXiGZMmm9FmOJRrcfWdR/v24Thm9wJFeLUK1hUeb/1fz66GM1XU4ek2ppBCak
Tm2Zdb1ST9fPD69NgAW9WAn7bWjcQG/V5VClDgIDvoQwXuj5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:31 2025 by rpki-client