Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/1-iPwYqnaIFqm8UVhvCM9Cf-VdqM.roa
File: 1-iPwYqnaIFqm8UVhvCM9Cf-VdqM.roa (raw, json)
Hash identifier: sCHzgAeRpQdZzF/zNLlEwDSVoRCf/M2pntB/Cm9KAcM=
Subject key identifier: FA:23:F0:62:A9:DA:20:5A:A6:F1:45:61:BC:23:3D:09:FF:95:76:A3
Certificate issuer: /CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Certificate serial: 0194221FB54A86DD83C00BE4A0B365A0D898
Authority key identifier: 18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/1-iPwYqnaIFqm8UVhvCM9Cf-VdqM.roa
Signing time: Wed 01 Jan 2025 13:48:10 +0000
ROA not before: Wed 01 Jan 2025 13:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a0e:c147::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:b5:4a:86:dd:83:c0:0b:e4:a0:b3:65:a0:d8:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Validity
Not Before: Jan 1 13:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa23f062a9da205aa6f14561bc233d09ff9576a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0a:98:7d:df:2b:59:4a:20:10:c3:94:5a:5b:
56:c2:1e:da:78:ef:35:c8:08:c4:a3:3a:4d:b7:28:
31:35:6e:f0:5c:29:ff:6c:91:d5:1b:0f:31:7e:a7:
08:c4:1e:cc:2d:3c:96:29:20:44:5e:4b:c5:a5:f4:
ed:78:84:0c:a1:a6:f4:2e:2b:23:83:9f:73:8e:11:
8a:2e:b5:db:ac:6d:0f:66:e4:77:17:62:89:2b:03:
03:5c:0e:59:57:a9:8a:e2:72:1f:bb:37:38:56:5d:
6c:63:b2:74:08:dd:18:a8:ef:26:44:de:b0:7f:dd:
44:71:b9:5e:cc:e5:73:f0:07:10:f6:e0:bb:1d:88:
9f:c0:8c:ad:60:0b:b0:ab:a6:67:d4:28:e1:dc:0f:
dc:4b:a9:76:da:10:f9:41:b3:29:0a:cb:ae:3c:40:
1d:0e:19:16:af:7e:1b:2c:14:eb:58:51:63:9e:8e:
70:e7:20:ab:33:aa:09:cc:29:80:d6:df:b6:db:79:
5e:7c:cc:be:ff:a3:e3:52:d7:d8:eb:9f:1b:95:31:
eb:25:be:f6:e8:e7:ff:3c:27:d8:1e:3f:ff:d6:ee:
7e:9a:cd:e4:dd:20:9d:46:36:cd:2a:2b:89:ab:ca:
86:3b:fb:97:6f:8f:ea:88:bb:f6:25:55:a5:0d:60:
25:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:23:F0:62:A9:DA:20:5A:A6:F1:45:61:BC:23:3D:09:FF:95:76:A3
X509v3 Authority Key Identifier:
keyid:18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/1-iPwYqnaIFqm8UVhvCM9Cf-VdqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c147::/32
Signature Algorithm: sha256WithRSAEncryption
72:d9:03:c5:70:d6:e5:5a:13:1f:66:ec:01:95:23:fa:4e:5d:
2d:dc:e5:db:c0:ae:b6:b3:37:96:e8:51:7d:d3:96:f5:83:cd:
a7:33:e0:0a:bf:fe:eb:72:62:a8:29:60:c2:a6:79:65:5d:dd:
a3:d5:2d:e5:27:fc:18:c0:ba:b6:25:85:3d:2c:2c:ad:4e:64:
f4:04:f4:c5:8d:de:f3:f5:5b:e5:90:6d:11:31:45:98:8c:0c:
4b:b4:32:89:a0:b8:e0:6d:29:c4:6e:be:81:f0:01:d1:bb:7e:
ef:b1:8c:17:ad:f2:a7:0f:61:0d:99:a6:31:bc:73:06:49:c8:
44:00:f3:b8:4f:fe:00:6b:0f:2b:8c:45:64:91:a5:a5:85:c0:
a4:27:3e:da:d9:8c:a5:20:ce:a8:1c:80:60:3a:99:9a:fd:f0:
ed:94:7b:f2:27:b4:d0:25:e8:bc:6e:8d:d2:09:e0:64:45:83:
48:f5:7a:36:1b:91:59:7a:fd:a3:76:02:4d:a7:ca:3d:46:d8:
d6:cb:17:b8:df:2c:1b:f4:c7:0e:8c:e5:ee:59:35:b6:03:93:
62:91:1b:64:2d:30:7c:c1:70:6a:c2:ce:31:db:48:a6:de:03:
a0:ff:56:fa:99:c1:24:6a:43:60:cc:66:36:59:dc:58:d9:37:
a9:de:68:af
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQiH7VKht2DwAvkoLNloNiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTE3MzJmMmM4MGUzZWE0ZDcyNzlkMjUyYjg3NGE2MTY0
YzM1YjQwHhcNMjUwMTAxMTM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTIzZjA2MmE5ZGEyMDVhYTZmMTQ1NjFiYzIzM2QwOWZmOTU3NmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAqYfd8rWUogEMOUWltWwh7aeO81
yAjEozpNtygxNW7wXCn/bJHVGw8xfqcIxB7MLTyWKSBEXkvFpfTteIQMoab0Lisj
g59zjhGKLrXbrG0PZuR3F2KJKwMDXA5ZV6mK4nIfuzc4Vl1sY7J0CN0YqO8mRN6w
f91EcblezOVz8AcQ9uC7HYifwIytYAuwq6Zn1Cjh3A/cS6l22hD5QbMpCsuuPEAd
DhkWr34bLBTrWFFjno5w5yCrM6oJzCmA1t+223lefMy+/6PjUtfY658blTHrJb72
6Of/PCfYHj//1u5+ms3k3SCdRjbNKiuJq8qGO/uXb4/qiLv2JVWlDWAlbwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPoj8GKp2iBapvFFYbwjPQn/lXajMB8GA1UdIwQY
MBaAFBjhcy8sgOPqTXJ50lK4dKYWTDW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQt
ZTQwOTI2MDAxNWVmLzEvMS1pUHdZcW5hSUZxbThVVmh2Q005Q2YtVmRxTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWIvYWNlMThmLWVkN2MtNDc5Zi04NTVkLWU0MDkyNjAwMTVl
Zi8xL0dPRnpMeXlBNC1wTmNublNVcmgwcGhaTU5iUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoOwUcw
DQYJKoZIhvcNAQELBQADggEBAHLZA8Vw1uVaEx9m7AGVI/pOXS3c5dvArrazN5bo
UX3TlvWDzacz4Aq//utyYqgpYMKmeWVd3aPVLeUn/BjAurYlhT0sLK1OZPQE9MWN
3vP1W+WQbRExRZiMDEu0MomguOBtKcRuvoHwAdG7fu+xjBet8qcPYQ2ZpjG8cwZJ
yEQA87hP/gBrDyuMRWSRpaWFwKQnPtrZjKUgzqgcgGA6mZr98O2Ue/IntNAl6Lxu
jdIJ4GRFg0j1ejYbkVl6/aN2Ak2nyj1G2NbLF7jfLBv0xw6M5e5ZNbYDk2KRG2Qt
MHzBcGrCzjHbSKbeA6D/VvqZwSRqQ2DMZjZZ3FjZN6neaK8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:12 2025 by rpki-client