Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/0-WwVD2zFPGNgQhhntKyco3wY3I.roa
File: 0-WwVD2zFPGNgQhhntKyco3wY3I.roa (raw, json)
Hash identifier: bPryhs2CIXqAzaBTX4TIyszyma7cGcWiYG+PS79estE=
Subject key identifier: D3:E5:B0:54:3D:B3:14:F1:8D:81:08:61:9E:D2:B2:72:8D:F0:63:72
Certificate issuer: /CN=33306f83dd9c68d1bb5ae91b50c26e929c81d2fd
Certificate serial: 0195DCA13F7559A8E9207CDE0CBCA220F1A7
Authority key identifier: 33:30:6F:83:DD:9C:68:D1:BB:5A:E9:1B:50:C2:6E:92:9C:81:D2:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzBvg92caNG7WukbUMJukpyB0v0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/0-WwVD2zFPGNgQhhntKyco3wY3I.roa
Signing time: Fri 28 Mar 2025 12:01:49 +0000
ROA not before: Fri 28 Mar 2025 12:01:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 2a14:b580::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:dc:a1:3f:75:59:a8:e9:20:7c:de:0c:bc:a2:20:f1:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33306f83dd9c68d1bb5ae91b50c26e929c81d2fd
Validity
Not Before: Mar 28 12:01:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3e5b0543db314f18d8108619ed2b2728df06372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f2:a7:f8:f0:3d:d8:1c:2e:65:dd:51:88:f9:
2e:58:71:b5:da:92:5e:6e:c1:3b:84:5b:e6:8e:62:
53:ba:0a:56:a5:4c:29:bc:9a:59:50:1c:5c:50:e6:
8f:3f:dc:f5:5d:cc:f5:6a:55:df:0f:66:7d:c9:3f:
1a:27:68:9c:d4:f4:3d:78:35:87:e7:77:77:cc:6a:
b1:a5:34:6b:81:c5:7c:d3:86:51:5d:a0:a7:72:3a:
ef:20:e1:d1:0d:59:50:60:c2:9c:7f:d3:71:9b:60:
a9:fd:27:43:cf:8a:d1:c4:0a:c8:22:25:8f:61:0b:
1e:6f:83:9f:b4:1b:fc:27:56:3e:11:e7:44:f9:ec:
cf:02:fc:49:01:46:c9:3d:57:c1:e9:3b:7c:fb:54:
04:73:2e:95:12:82:85:9d:fc:34:cc:ef:6e:8a:28:
25:07:36:d5:5b:ea:16:18:e8:5c:f7:3a:34:16:0e:
57:5b:40:f9:af:60:1f:c2:f7:9a:9c:aa:00:49:2c:
24:2a:bd:3d:44:7c:c3:e2:b7:b7:6a:6f:f7:7d:93:
11:5d:ac:4a:5a:66:c4:5f:4f:02:9b:59:d1:05:06:
b2:98:d1:9a:d9:18:13:7d:40:8e:2e:31:e6:4d:0e:
0e:aa:fa:20:13:5e:9a:20:ba:1c:dd:68:bc:40:35:
23:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E5:B0:54:3D:B3:14:F1:8D:81:08:61:9E:D2:B2:72:8D:F0:63:72
X509v3 Authority Key Identifier:
keyid:33:30:6F:83:DD:9C:68:D1:BB:5A:E9:1B:50:C2:6E:92:9C:81:D2:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzBvg92caNG7WukbUMJukpyB0v0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/0-WwVD2zFPGNgQhhntKyco3wY3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/408e37-fae2-48b5-bd15-73d94cb54526/1/MzBvg92caNG7WukbUMJukpyB0v0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:b580::/40
Signature Algorithm: sha256WithRSAEncryption
ca:80:3b:92:8f:20:97:7c:4a:d6:27:cc:e9:69:f3:e7:49:53:
85:dc:98:37:bd:b7:21:88:13:cb:06:c4:6e:3d:14:1b:ab:66:
bd:c0:b4:3f:df:d6:bc:c4:de:0e:c7:90:26:cf:7c:2f:6e:eb:
0a:e6:1f:22:aa:36:96:09:ab:61:33:c8:ed:7a:ce:19:43:9b:
ac:f3:36:3e:d0:df:9e:e2:45:17:ab:2e:ab:70:99:36:33:52:
aa:81:06:b8:20:5e:10:46:cb:e0:4f:0e:74:56:24:75:8a:01:
95:db:5f:aa:8b:85:35:30:5d:7e:94:90:ef:01:eb:82:0b:fa:
ae:95:88:fc:33:d9:9f:62:be:55:f5:7f:63:52:d9:c3:fb:b2:
44:fb:02:17:c3:3d:93:8b:53:ab:3f:e5:47:9d:e2:8f:a3:79:
7c:77:d5:65:cc:69:18:18:78:ba:c6:d2:15:d4:61:2e:fd:52:
86:96:bc:82:27:13:e0:9d:82:8d:84:80:34:06:d7:2c:a0:5d:
eb:c1:7f:4e:0c:fe:ce:24:03:38:41:0e:fc:99:eb:ef:39:2b:
7c:98:74:75:4d:da:9d:88:16:39:fe:8c:b3:b8:81:f8:e3:7d:
34:64:78:d9:ab:e4:49:97:35:cb:5e:89:34:c7:ad:08:73:69:
ab:e1:24:58
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZXcoT91WajpIHzeDLyiIPGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzA2ZjgzZGQ5YzY4ZDFiYjVhZTkxYjUwYzI2ZTkyOWM4
MWQyZmQwHhcNMjUwMzI4MTIwMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U1YjA1NDNkYjMxNGYxOGQ4MTA4NjE5ZWQyYjI3MjhkZjA2MzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPKn+PA92BwuZd1RiPkuWHG12pJe
bsE7hFvmjmJTugpWpUwpvJpZUBxcUOaPP9z1Xcz1alXfD2Z9yT8aJ2ic1PQ9eDWH
53d3zGqxpTRrgcV804ZRXaCncjrvIOHRDVlQYMKcf9Nxm2Cp/SdDz4rRxArIIiWP
YQseb4OftBv8J1Y+EedE+ezPAvxJAUbJPVfB6Tt8+1QEcy6VEoKFnfw0zO9uiigl
BzbVW+oWGOhc9zo0Fg5XW0D5r2AfwveanKoASSwkKr09RHzD4re3am/3fZMRXaxK
WmbEX08Cm1nRBQaymNGa2RgTfUCOLjHmTQ4OqvogE16aILoc3Wi8QDUjIwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNPlsFQ9sxTxjYEIYZ7SsnKN8GNyMB8GA1UdIwQY
MBaAFDMwb4PdnGjRu1rpG1DCbpKcgdL9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpCdmc5MmNhTkc3V3VrYlVNSnVrcHlCMHYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80MDhlMzctZmFlMi00OGI1LWJkMTUt
NzNkOTRjYjU0NTI2LzEvMC1Xd1ZEMnpGUEdOZ1FoaG50S3ljbzN3WTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80MDhlMzctZmFlMi00OGI1LWJkMTUtNzNkOTRjYjU0NTI2
LzEvTXpCdmc5MmNhTkc3V3VrYlVNSnVrcHlCMHYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhS1gAAw
DQYJKoZIhvcNAQELBQADggEBAMqAO5KPIJd8StYnzOlp8+dJU4XcmDe9tyGIE8sG
xG49FBurZr3AtD/f1rzE3g7HkCbPfC9u6wrmHyKqNpYJq2EzyO16zhlDm6zzNj7Q
357iRRerLqtwmTYzUqqBBrggXhBGy+BPDnRWJHWKAZXbX6qLhTUwXX6UkO8B64IL
+q6ViPwz2Z9ivlX1f2NS2cP7skT7AhfDPZOLU6s/5Ued4o+jeXx31WXMaRgYeLrG
0hXUYS79UoaWvIInE+Cdgo2EgDQG1yygXevBf04M/s4kAzhBDvyZ6+85K3yYdHVN
2p2IFjn+jLO4gfjjfTRkeNmr5EmXNcteiTTHrQhzaavhJFg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:47:40 2025 by rpki-client