Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/L8tZWjNWSaekHdWevyC5u7iiRhg.roa
File: L8tZWjNWSaekHdWevyC5u7iiRhg.roa (raw, json)
Hash identifier: DDADheuyCv7Y8aoIkSHBJ1cn3r/VmkmC6hn4sBqnHu8=
Subject key identifier: 2F:CB:59:5A:33:56:49:A7:A4:1D:D5:9E:BF:20:B9:BB:B8:A2:46:18
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 018CC424662EC929A663609D095D51ED0E99
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/L8tZWjNWSaekHdWevyC5u7iiRhg.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202888
IP address blocks: 2a0f:7800::/31 maxlen: 48
2a0f:7804::/31 maxlen: 48
2a0f:7806::/31 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:66:2e:c9:29:a6:63:60:9d:09:5d:51:ed:0e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fcb595a335649a7a41dd59ebf20b9bbb8a24618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:02:a6:66:a6:0e:07:7e:81:9d:25:17:f8:58:
ac:2f:69:54:5e:57:86:a7:ba:90:d1:43:24:cf:6c:
8e:d2:37:dd:81:71:35:2c:25:7c:ea:9d:dd:a7:23:
a3:ac:89:34:04:59:58:5c:eb:b3:38:e5:97:f8:a7:
b5:ad:c5:41:ff:fe:c0:31:93:7b:02:fe:3f:57:9b:
fb:b2:2d:00:83:61:0c:94:97:54:27:48:a2:8f:e3:
05:9b:3b:d3:9d:ad:a1:46:59:af:92:9e:e3:da:86:
3d:b0:7f:5d:b2:c6:d3:71:b2:92:bf:87:77:21:b8:
99:d4:61:bc:03:2c:33:c3:a8:eb:7d:69:bf:f4:03:
d6:fb:a1:c6:54:84:53:6a:d1:02:1d:96:30:91:59:
4d:53:93:81:6d:6d:27:c1:16:a3:18:54:40:8c:1c:
15:3a:53:11:4f:5a:99:b6:0a:62:86:aa:98:cb:70:
d2:94:d1:60:e5:01:16:45:73:71:a3:de:de:f6:02:
19:69:fe:78:b4:25:8a:97:28:b8:bb:d4:52:60:dd:
35:4e:f2:47:8c:6e:a5:84:35:7b:cf:11:46:95:6e:
c1:94:5d:85:0c:f8:a5:08:08:f8:09:32:ab:82:06:
31:69:2b:37:08:b6:f8:ec:0d:df:6c:8b:ea:0c:06:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CB:59:5A:33:56:49:A7:A4:1D:D5:9E:BF:20:B9:BB:B8:A2:46:18
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/L8tZWjNWSaekHdWevyC5u7iiRhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7800::/31
2a0f:7804::/30
Signature Algorithm: sha256WithRSAEncryption
99:63:d8:f0:01:2b:55:0d:17:41:24:22:74:f1:97:7d:d8:ea:
da:a7:f5:1b:c8:14:88:7e:8f:1a:f1:25:31:03:4d:28:c5:8a:
8c:4b:9b:a0:86:2b:e0:4d:c7:59:b3:2f:f5:56:a7:b6:29:1a:
eb:db:29:61:a0:01:a2:c2:f0:3a:76:96:6c:ab:f2:f8:bd:30:
fb:92:a8:63:30:f1:31:dc:73:21:9a:be:a9:f4:8f:97:31:48:
42:4f:c8:bb:45:c6:76:4e:92:a8:d4:c0:d5:22:87:35:15:ea:
c5:39:bb:93:e5:ac:25:72:e1:e3:bc:8e:a3:83:a4:f0:54:25:
2b:d7:6a:a6:a9:c6:94:1f:93:d3:15:72:e7:6b:e2:37:72:0b:
20:12:17:5d:64:ba:a1:3e:a1:03:5e:cf:5f:d1:e4:65:85:d6:
85:96:73:d0:91:80:ba:cb:96:56:3e:83:e9:b6:af:2d:7c:0d:
7a:a9:bc:f8:11:24:4e:73:72:55:f6:c0:83:1e:f0:62:a4:ea:
09:23:37:c6:d3:44:34:76:67:d6:b9:d7:6a:1a:2a:96:ec:5d:
d8:aa:6d:eb:1a:42:e1:69:bf:2b:68:72:0c:4b:2d:b4:c6:e7:
92:c2:4f:3b:d2:f1:c4:70:24:91:c1:47:66:73:f1:37:ad:dd:
df:17:39:d7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJGYuySmmY2CdCV1R7Q6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmNiNTk1YTMzNTY0OWE3YTQxZGQ1OWViZjIwYjliYmI4YTI0NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngKmZqYOB36BnSUX+FisL2lUXleG
p7qQ0UMkz2yO0jfdgXE1LCV86p3dpyOjrIk0BFlYXOuzOOWX+Ke1rcVB//7AMZN7
Av4/V5v7si0Ag2EMlJdUJ0iij+MFmzvTna2hRlmvkp7j2oY9sH9dssbTcbKSv4d3
IbiZ1GG8Aywzw6jrfWm/9APW+6HGVIRTatECHZYwkVlNU5OBbW0nwRajGFRAjBwV
OlMRT1qZtgpihqqYy3DSlNFg5QEWRXNxo97e9gIZaf54tCWKlyi4u9RSYN01TvJH
jG6lhDV7zxFGlW7BlF2FDPilCAj4CTKrggYxaSs3CLb47A3fbIvqDAZD/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC/LWVozVkmnpB3Vnr8gubu4okYYMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvTDh0WldqTldTYWVrSGRXZXZ5QzV1N2lpUmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUBKg94AAMF
AioPeAQwDQYJKoZIhvcNAQELBQADggEBAJlj2PABK1UNF0EkInTxl33Y6tqn9RvI
FIh+jxrxJTEDTSjFioxLm6CGK+BNx1mzL/VWp7YpGuvbKWGgAaLC8Dp2lmyr8vi9
MPuSqGMw8THccyGavqn0j5cxSEJPyLtFxnZOkqjUwNUihzUV6sU5u5PlrCVy4eO8
jqODpPBUJSvXaqapxpQfk9MVcudr4jdyCyASF11kuqE+oQNez1/R5GWF1oWWc9CR
gLrLllY+g+m2ry18DXqpvPgRJE5zclX2wIMe8GKk6gkjN8bTRDR2Z9a512oaKpbs
XdiqbesaQuFpvytocgxLLbTG55LCTzvS8cRwJJHBR2Zz8Tet3d8XOdc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:49 2025 by rpki-client