Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/iTjFygNDhIALmLLrKa2DTNHQC80.roa
File: iTjFygNDhIALmLLrKa2DTNHQC80.roa (raw, json)
Hash identifier: 3pgQROzECnhrPuoiF3I3M3jaas7dCaBcWa4D8NJyuWY=
Subject key identifier: 89:38:C5:CA:03:43:84:80:0B:98:B2:EB:29:AD:83:4C:D1:D0:0B:CD
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0194A8FE02AB180014B407F965F121C79E3C
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/iTjFygNDhIALmLLrKa2DTNHQC80.roa
Signing time: Mon 27 Jan 2025 18:20:06 +0000
ROA not before: Mon 27 Jan 2025 18:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47741
IP address blocks: 2a0f:7803:ff00::/44 maxlen: 48
2a0f:7806:fffb::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a8:fe:02:ab:18:00:14:b4:07:f9:65:f1:21:c7:9e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 27 18:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8938c5ca034384800b98b2eb29ad834cd1d00bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3b:5e:4a:62:fa:5c:43:46:67:5b:ed:c6:8e:
bb:30:61:9d:e3:7d:b3:53:b3:c4:d4:9d:1a:52:ad:
4f:1d:e5:7a:38:a1:1a:62:93:8a:9b:6e:64:ca:64:
2d:fb:3c:76:48:da:b5:a4:79:5a:0c:23:16:9e:f0:
33:ed:2f:b3:2f:a3:91:6f:9a:f4:57:7e:19:1b:5b:
3e:22:07:f2:04:c9:6b:b3:39:2f:e3:0e:93:40:89:
67:28:96:6a:5b:b7:73:8d:02:a7:61:bc:d8:83:a8:
6c:56:a6:7e:bd:d9:e0:81:55:d9:ef:ed:ab:a6:ed:
e1:68:7b:74:93:ee:c7:f0:69:e4:db:ab:0a:2d:93:
37:df:34:56:71:87:58:88:69:6b:c2:0e:4e:a0:73:
a4:7d:fb:42:97:a2:27:78:c2:d2:2e:c2:16:45:48:
98:82:48:d9:e6:b5:20:82:66:69:86:77:a1:45:d0:
78:fc:2d:db:4d:e9:cf:e4:4d:bd:95:85:81:d3:e8:
6e:5b:24:3c:43:19:eb:f2:86:78:80:9d:97:c2:6c:
f3:27:61:f7:45:9b:94:76:4d:3e:44:a7:d2:c7:30:
47:b4:aa:6a:44:77:e2:f3:18:a3:90:52:bf:58:ca:
7e:1e:ef:d9:85:fb:57:b0:94:74:75:fa:8e:ef:44:
7a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:38:C5:CA:03:43:84:80:0B:98:B2:EB:29:AD:83:4C:D1:D0:0B:CD
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/iTjFygNDhIALmLLrKa2DTNHQC80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:ff00::/44
2a0f:7806:fffb::/48
Signature Algorithm: sha256WithRSAEncryption
ae:17:8d:18:27:eb:22:bf:d4:33:31:de:48:47:49:7b:2d:fa:
0f:a6:b1:4f:5a:92:e2:93:27:a8:af:f2:4c:23:bb:7e:a2:69:
6e:cc:cd:76:c5:75:47:8b:52:4c:3b:e3:ab:cb:e8:b7:2d:dd:
47:a6:8e:d4:22:09:a1:7f:6c:40:51:c7:1d:f5:85:a3:e2:9c:
11:0d:2d:ff:43:71:e1:91:ac:d8:dc:99:ee:ab:c4:86:83:76:
a5:ae:44:f1:dd:55:bb:17:c9:1e:fa:10:aa:41:d9:a0:b5:24:
b9:88:60:25:c8:22:24:17:5c:ee:e4:63:78:05:a2:79:b8:d5:
69:af:dd:99:17:c6:12:a2:a5:0a:e4:c2:99:42:52:9a:3e:e2:
de:0a:16:56:a0:e7:b5:ea:8f:b3:5d:aa:63:5a:0d:3b:f3:6f:
06:88:b5:71:52:c3:58:16:ef:b4:a3:ee:27:72:30:37:bb:20:
2f:3f:cf:52:99:60:49:9c:f0:db:53:05:bb:de:bc:17:8f:76:
76:1c:6b:11:fc:8c:51:e7:6c:b4:35:be:03:44:b3:88:22:ae:
19:b5:20:c1:9e:81:51:da:cf:33:69:f0:8b:d2:51:3a:00:83:
a8:58:f9:40:8c:e5:d8:45:40:a9:25:eb:92:ad:e2:da:f3:46:
62:7d:a5:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZSo/gKrGAAUtAf5ZfEhx548MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTI3MTgyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTM4YzVjYTAzNDM4NDgwMGI5OGIyZWIyOWFkODM0Y2QxZDAwYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5DteSmL6XENGZ1vtxo67MGGd432z
U7PE1J0aUq1PHeV6OKEaYpOKm25kymQt+zx2SNq1pHlaDCMWnvAz7S+zL6ORb5r0
V34ZG1s+IgfyBMlrszkv4w6TQIlnKJZqW7dzjQKnYbzYg6hsVqZ+vdnggVXZ7+2r
pu3haHt0k+7H8Gnk26sKLZM33zRWcYdYiGlrwg5OoHOkfftCl6IneMLSLsIWRUiY
gkjZ5rUggmZphnehRdB4/C3bTenP5E29lYWB0+huWyQ8Qxnr8oZ4gJ2XwmzzJ2H3
RZuUdk0+RKfSxzBHtKpqRHfi8xijkFK/WMp+Hu/ZhftXsJR0dfqO70R6FQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIk4xcoDQ4SAC5iy6ymtg0zR0AvNMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvaVRqRnlnTkRoSUFMbUxMckthMkRUTkhRQzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg94A/8A
AwcAKg94Bv/7MA0GCSqGSIb3DQEBCwUAA4IBAQCuF40YJ+siv9QzMd5IR0l7LfoP
prFPWpLikyeor/JMI7t+omluzM12xXVHi1JMO+Ory+i3Ld1Hpo7UIgmhf2xAUccd
9YWj4pwRDS3/Q3HhkazY3Jnuq8SGg3alrkTx3VW7F8ke+hCqQdmgtSS5iGAlyCIk
F1zu5GN4BaJ5uNVpr92ZF8YSoqUK5MKZQlKaPuLeChZWoOe16o+zXapjWg07828G
iLVxUsNYFu+0o+4ncjA3uyAvP89SmWBJnPDbUwW73rwXj3Z2HGsR/IxR52y0Nb4D
RLOIIq4ZtSDBnoFR2s8zafCL0lE6AIOoWPlAjOXYRUCpJeuSreLa80ZifaVZ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:01 2025 by rpki-client