Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/sjWkdYBB2UkHwaKfaaZCR6gxnVs.roa
File: sjWkdYBB2UkHwaKfaaZCR6gxnVs.roa (raw, json)
Hash identifier: hoBmGguSdXWL/PWVFKOxFlaQAcq2eoP4xZ6tzA4hpTM=
Subject key identifier: B2:35:A4:75:80:41:D9:49:07:C1:A2:9F:69:A6:42:47:A8:31:9D:5B
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 01942369EE124F7D94B62B78D788B1B1C70E
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/sjWkdYBB2UkHwaKfaaZCR6gxnVs.roa
Signing time: Wed 01 Jan 2025 19:48:52 +0000
ROA not before: Wed 01 Jan 2025 19:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201335
IP address blocks: 2a0f:7803:ffa0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:ee:12:4f:7d:94:b6:2b:78:d7:88:b1:b1:c7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Jan 1 19:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b235a4758041d94907c1a29f69a64247a8319d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:56:e5:5d:e2:bd:3c:b6:47:27:99:19:38:e2:
03:30:cc:59:74:af:2a:4a:8e:3d:e5:1a:01:c5:a5:
a2:1c:b7:da:5e:df:59:f9:9a:13:ac:a8:41:c7:4c:
0e:8f:b2:d8:3c:31:76:a3:3b:fb:30:a1:a5:29:60:
ec:a5:2d:1f:38:9b:d1:c6:51:b7:56:6a:26:95:46:
60:d2:f2:06:ea:ed:54:45:01:d5:e0:64:e1:3c:95:
4e:d0:d4:1e:67:cc:64:2b:78:d1:27:eb:d1:e6:8b:
28:65:d4:e8:cb:5e:c7:b3:7c:80:e9:a9:88:97:a0:
a5:71:79:03:66:ac:a7:09:b2:52:b2:8c:57:de:2b:
ef:ab:85:cb:2c:b8:14:07:b3:bc:47:3b:b6:48:8f:
d1:1f:a8:5d:b2:4a:80:87:ed:25:c5:39:28:02:83:
a7:39:96:4f:e8:8e:ab:cd:6f:37:83:5e:be:3b:4d:
06:f5:66:da:db:a3:77:a8:89:f1:f7:ce:f6:1a:f9:
3d:38:ee:a8:5b:bb:2d:94:ce:94:6b:1a:fd:56:17:
db:29:a2:2a:de:b1:63:e6:79:4a:08:03:4e:cc:7c:
bb:76:1d:53:55:35:4c:3a:e2:c7:f8:6f:65:a6:d7:
45:d0:ba:af:ab:bd:3f:93:60:96:86:cb:0b:41:44:
4b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:35:A4:75:80:41:D9:49:07:C1:A2:9F:69:A6:42:47:A8:31:9D:5B
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/sjWkdYBB2UkHwaKfaaZCR6gxnVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7803:ffa0::/48
Signature Algorithm: sha256WithRSAEncryption
54:78:de:f6:5b:cc:98:41:ed:6c:a5:bf:db:8f:b9:3a:63:6a:
fe:2b:21:c7:41:cb:c1:82:34:43:b8:80:43:9f:e4:bc:76:86:
4d:a7:f6:e4:f6:f7:28:9d:fc:06:3e:d6:11:9e:2b:5d:e6:e4:
c0:85:d4:2e:18:31:25:59:98:f4:fd:12:cd:d0:bf:c2:3e:64:
2e:3e:71:09:30:c5:8d:99:46:c4:80:8f:5a:b5:dc:93:60:56:
a7:b8:d5:30:5f:81:ef:05:f5:e0:b1:03:42:7b:07:6f:e9:b2:
da:0a:92:ab:20:3c:13:bc:2f:1f:60:83:64:18:fd:f6:75:3c:
1e:2f:b2:ee:82:2a:b1:1f:d7:30:5a:23:f9:08:95:9b:4d:bc:
64:37:ba:b3:bb:f5:6e:2e:e7:01:70:7b:14:6c:87:27:1a:f3:
ca:01:b3:90:3e:0c:e7:84:fb:64:1e:b8:59:10:5d:05:10:bf:
93:6e:7b:8f:8c:62:89:bb:af:e0:c2:ae:ca:21:59:b8:b7:18:
56:48:21:ec:c9:18:2b:15:eb:4d:70:07:0f:87:53:24:2e:c0:
2e:8b:a5:b8:38:2e:43:54:af:96:0b:04:d5:77:a9:35:d4:50:
c1:e1:df:da:fc:42:98:60:5c:da:3e:89:cc:78:fd:25:c8:61:
72:84:30:d8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjae4ST32Utit414ixsccOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwMTAxMTk0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjM1YTQ3NTgwNDFkOTQ5MDdjMWEyOWY2OWE2NDI0N2E4MzE5ZDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FblXeK9PLZHJ5kZOOIDMMxZdK8q
So495RoBxaWiHLfaXt9Z+ZoTrKhBx0wOj7LYPDF2ozv7MKGlKWDspS0fOJvRxlG3
VmomlUZg0vIG6u1URQHV4GThPJVO0NQeZ8xkK3jRJ+vR5osoZdToy17Hs3yA6amI
l6ClcXkDZqynCbJSsoxX3ivvq4XLLLgUB7O8Rzu2SI/RH6hdskqAh+0lxTkoAoOn
OZZP6I6rzW83g16+O00G9Wba26N3qInx9872Gvk9OO6oW7stlM6Uaxr9VhfbKaIq
3rFj5nlKCANOzHy7dh1TVTVMOuLH+G9lptdF0Lqvq70/k2CWhssLQURL8QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLI1pHWAQdlJB8Gin2mmQkeoMZ1bMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvc2pXa2RZQkIyVWtId2FLZmFhWkNSNmd4blZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg94A/+g
MA0GCSqGSIb3DQEBCwUAA4IBAQBUeN72W8yYQe1spb/bj7k6Y2r+KyHHQcvBgjRD
uIBDn+S8doZNp/bk9vconfwGPtYRnitd5uTAhdQuGDElWZj0/RLN0L/CPmQuPnEJ
MMWNmUbEgI9atdyTYFanuNUwX4HvBfXgsQNCewdv6bLaCpKrIDwTvC8fYINkGP32
dTweL7LugiqxH9cwWiP5CJWbTbxkN7qzu/VuLucBcHsUbIcnGvPKAbOQPgznhPtk
HrhZEF0FEL+TbnuPjGKJu6/gwq7KIVm4txhWSCHsyRgrFetNcAcPh1MkLsAui6W4
OC5DVK+WCwTVd6k11FDB4d/a/EKYYFzaPonMeP0lyGFyhDDY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:48 2025 by rpki-client