Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/jfxb2BR-CQiCSpU8DpDydbDz1b0.roa
File: jfxb2BR-CQiCSpU8DpDydbDz1b0.roa (raw, json)
Hash identifier: fObbuEbq3/zFmHWpgeQlp5JFopCYl+4GEGdq5exW77c=
Subject key identifier: 8D:FC:5B:D8:14:7E:09:08:82:4A:95:3C:0E:90:F2:75:B0:F3:D5:BD
Certificate issuer: /CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Certificate serial: 01941F8C6FADE5E02C7473D666998BCD49D1
Authority key identifier: D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/jfxb2BR-CQiCSpU8DpDydbDz1b0.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212970
IP address blocks: 2a0e:e704:45::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6f:ad:e5:e0:2c:74:73:d6:66:99:8b:cd:49:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60f45f7cc4b691fd4a31c1f1c0b4f605d77a6ef
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dfc5bd8147e0908824a953c0e90f275b0f3d5bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:75:27:29:af:00:21:1e:0e:04:d5:f4:54:f4:
be:99:1c:d5:e1:0d:ad:b7:34:96:a2:19:47:4f:89:
aa:0e:a4:5e:c7:14:09:33:f3:6c:de:01:78:23:9f:
be:66:73:c1:90:04:6f:7d:91:fc:9c:b5:60:a6:f5:
11:ce:27:fa:72:5e:c7:6a:ba:32:e1:dd:cf:24:51:
77:9a:2a:f4:a5:81:e1:97:d7:81:0e:36:24:ff:f7:
e5:04:7b:91:c3:b8:0b:90:0e:4b:62:48:8a:0c:e5:
df:7c:b4:fa:7c:07:72:d0:46:43:e9:b2:49:49:56:
f7:67:aa:f1:b1:67:cb:d0:0d:6a:8b:e5:18:fe:8c:
34:83:9f:b7:38:27:31:73:f1:f7:f9:88:0f:89:7c:
ea:66:29:e2:a9:fc:40:b7:35:39:6d:bc:53:cd:a3:
61:a2:77:c5:2a:db:3c:aa:dd:91:7f:03:f9:ad:c5:
db:14:29:06:04:07:b9:9b:0a:39:a7:7d:78:03:06:
89:10:43:bb:f9:41:77:dd:5c:d0:62:89:c2:e2:9b:
99:26:d8:01:5d:da:ef:e8:7e:d6:55:7c:5e:a6:d6:
11:3c:d8:67:ea:36:b6:dc:f5:ac:3e:32:00:93:22:
83:c1:7a:4b:f6:f8:c6:fa:0b:56:11:b9:f9:5a:50:
5f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FC:5B:D8:14:7E:09:08:82:4A:95:3C:0E:90:F2:75:B0:F3:D5:BD
X509v3 Authority Key Identifier:
keyid:D6:0F:45:F7:CC:4B:69:1F:D4:A3:1C:1F:1C:0B:4F:60:5D:77:A6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1g9F98xLaR_UoxwfHAtPYF13pu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/jfxb2BR-CQiCSpU8DpDydbDz1b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ad3044-cdce-46cf-92c9-a954d053994a/1/1g9F98xLaR_UoxwfHAtPYF13pu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e704:45::/48
Signature Algorithm: sha256WithRSAEncryption
90:d4:2d:9d:0a:47:7d:59:af:de:e8:46:5a:fd:83:62:ad:64:
89:f4:cc:01:4b:2a:75:25:53:8f:d8:6f:c9:70:24:64:18:14:
9d:ac:c4:46:ea:f2:53:f3:fd:c9:a8:fd:5b:75:fb:df:31:b8:
31:75:51:12:50:6c:8e:10:0e:c5:ae:46:35:3a:de:36:dc:d8:
4d:40:d7:7b:8e:b7:a8:89:54:ff:e4:0b:4b:36:34:58:58:b8:
95:27:97:07:5b:03:31:7a:29:93:1a:43:91:57:88:1c:05:c9:
49:3d:46:3a:1d:63:64:ce:35:d7:94:70:83:99:5a:ed:79:fb:
05:07:fd:74:0f:62:b6:f1:01:2b:64:80:93:56:64:12:ed:fb:
49:ee:4c:68:20:bb:20:c8:40:b5:15:d6:95:a8:d8:2b:01:51:
a5:11:68:5d:13:66:20:1a:07:19:58:05:ed:a3:3c:67:3d:19:
c6:15:12:34:96:94:bb:10:e6:1c:26:e5:66:ae:3b:18:67:76:
ef:99:dc:b8:85:cf:79:bb:56:e4:4d:f7:a2:6c:d9:f7:8c:ec:
94:b9:3a:6b:b5:a0:dd:dd:8a:3f:20:8d:5c:35:68:e4:92:ed:
b8:eb:f0:52:17:a7:61:b7:8d:66:3c:2b:80:f1:01:fb:4f:95:
4f:87:95:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjG+t5eAsdHPWZpmLzUnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGY0NWY3Y2M0YjY5MWZkNGEzMWMxZjFjMGI0ZjYwNWQ3
N2E2ZWYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGZjNWJkODE0N2UwOTA4ODI0YTk1M2MwZTkwZjI3NWIwZjNkNWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznUnKa8AIR4OBNX0VPS+mRzV4Q2t
tzSWohlHT4mqDqRexxQJM/Ns3gF4I5++ZnPBkARvfZH8nLVgpvURzif6cl7Haroy
4d3PJFF3mir0pYHhl9eBDjYk//flBHuRw7gLkA5LYkiKDOXffLT6fAdy0EZD6bJJ
SVb3Z6rxsWfL0A1qi+UY/ow0g5+3OCcxc/H3+YgPiXzqZiniqfxAtzU5bbxTzaNh
onfFKts8qt2RfwP5rcXbFCkGBAe5mwo5p314AwaJEEO7+UF33VzQYonC4puZJtgB
Xdrv6H7WVXxeptYRPNhn6ja23PWsPjIAkyKDwXpL9vjG+gtWEbn5WlBfmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI38W9gUfgkIgkqVPA6Q8nWw89W9MB8GA1UdIwQY
MBaAFNYPRffMS2kf1KMcHxwLT2Bdd6bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzkt
YTk1NGQwNTM5OTRhLzEvamZ4YjJCUi1DUWlDU3BVOERwRHlkYkR6MWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hZDMwNDQtY2RjZS00NmNmLTkyYzktYTk1NGQwNTM5OTRh
LzEvMWc5Rjk4eExhUl9Vb3h3ZkhBdFBZRjEzcHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg7nBABF
MA0GCSqGSIb3DQEBCwUAA4IBAQCQ1C2dCkd9Wa/e6EZa/YNirWSJ9MwBSyp1JVOP
2G/JcCRkGBSdrMRG6vJT8/3JqP1bdfvfMbgxdVESUGyOEA7FrkY1Ot423NhNQNd7
jreoiVT/5AtLNjRYWLiVJ5cHWwMxeimTGkORV4gcBclJPUY6HWNkzjXXlHCDmVrt
efsFB/10D2K28QErZICTVmQS7ftJ7kxoILsgyEC1FdaVqNgrAVGlEWhdE2YgGgcZ
WAXtozxnPRnGFRI0lpS7EOYcJuVmrjsYZ3bvmdy4hc95u1bkTfeibNn3jOyUuTpr
taDd3Yo/II1cNWjkku246/BSF6dht41mPCuA8QH7T5VPh5VX
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:50:14 2025 by rpki-client