Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/8d40c2-c28e-45dd-ac10-07fe7760a979/1/2gfwezai5BIQ-m1CrbAdKgdniTY.roa
File: 2gfwezai5BIQ-m1CrbAdKgdniTY.roa (raw, json)
Hash identifier: fO5GdtJXv2Aqp85eK2VdLNwZTSsN2h8LJAY736FEeuk=
Subject key identifier: DA:07:F0:7B:36:A2:E4:12:10:FA:6D:42:AD:B0:1D:2A:07:67:89:36
Certificate issuer: /CN=868e89c7ab4e1512a9b46d5389b5de9c6a1d7e99
Certificate serial: 38093533
Authority key identifier: 86:8E:89:C7:AB:4E:15:12:A9:B4:6D:53:89:B5:DE:9C:6A:1D:7E:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ho6Jx6tOFRKptG1TibXenGodfpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/8d40c2-c28e-45dd-ac10-07fe7760a979/1/2gfwezai5BIQ-m1CrbAdKgdniTY.roa
Signing time: Sat 01 Jan 2022 11:54:27 +0000
ROA not before: Sat 01 Jan 2022 11:54:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44581
IP address blocks: 2a02:7b8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940127539 (0x38093533)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=868e89c7ab4e1512a9b46d5389b5de9c6a1d7e99
Validity
Not Before: Jan 1 11:54:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da07f07b36a2e41210fa6d42adb01d2a07678936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ac:8c:79:7f:6f:34:57:39:c7:b9:76:b1:71:
16:79:58:98:c2:ef:3c:0d:c6:e0:f5:b4:73:84:76:
b1:7c:b3:8d:c8:35:6d:e6:97:a4:19:68:f1:c9:fa:
e5:61:12:d4:58:91:8b:59:f1:82:bd:c6:69:99:d5:
8d:95:33:43:3d:71:32:85:4a:18:40:51:bb:c9:c4:
0e:95:59:b0:0a:fb:8d:76:5a:04:48:2d:a7:a7:f2:
06:d3:9a:e7:bc:bc:aa:e5:29:ac:79:74:0e:2d:8d:
6d:ca:f9:72:f0:d0:6d:d6:52:33:2c:bc:e3:47:4d:
a3:5e:e3:b4:e9:7a:88:95:39:a3:96:0a:82:2f:cd:
d0:15:02:da:91:8a:b3:d7:3b:1c:90:4d:67:71:f7:
fc:a9:2e:47:d2:6a:19:eb:15:44:06:55:49:cb:f4:
15:87:a9:01:6c:9c:b2:f5:30:ca:a2:c5:e2:86:15:
76:e0:51:3b:d4:65:d7:36:eb:5a:ac:62:5a:9b:63:
07:44:b7:5d:a4:26:c6:25:e8:c2:bc:21:4a:ae:88:
87:9d:41:54:cc:b9:88:ca:bf:81:f9:ae:18:41:58:
27:af:0b:13:c8:b2:8f:4f:3b:f9:f2:fd:00:52:74:
b0:95:7a:2c:9d:1a:6e:54:3c:f7:dd:d2:1e:c9:31:
d4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:07:F0:7B:36:A2:E4:12:10:FA:6D:42:AD:B0:1D:2A:07:67:89:36
X509v3 Authority Key Identifier:
keyid:86:8E:89:C7:AB:4E:15:12:A9:B4:6D:53:89:B5:DE:9C:6A:1D:7E:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ho6Jx6tOFRKptG1TibXenGodfpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8d40c2-c28e-45dd-ac10-07fe7760a979/1/2gfwezai5BIQ-m1CrbAdKgdniTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8d40c2-c28e-45dd-ac10-07fe7760a979/1/ho6Jx6tOFRKptG1TibXenGodfpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:7b8::/32
Signature Algorithm: sha256WithRSAEncryption
9f:ca:b6:c1:ce:6b:50:5c:13:bf:d1:ed:c9:a2:e1:49:18:5c:
62:47:4c:70:b4:2c:43:2f:9e:0f:d7:bd:77:0c:ca:19:cd:37:
fc:3f:af:3a:0a:17:99:83:35:4f:e1:ef:1f:a2:0b:dd:d5:43:
2c:cd:5e:03:94:f0:2d:1e:60:da:38:4e:9f:82:66:85:1d:a0:
b3:4d:82:db:ad:05:f5:0d:20:8f:72:bf:98:c7:b7:ae:f0:a6:
24:d0:83:b0:98:60:da:fc:af:3d:c2:c1:13:19:0c:0e:1b:42:
98:9f:8e:0f:68:d2:88:a8:c4:41:e7:50:81:10:ef:d1:05:50:
9d:41:34:5a:e7:b0:9f:36:51:1f:36:06:cc:4a:57:f7:62:99:
bf:bb:0c:6f:24:d7:2b:0c:a0:eb:11:0e:59:ab:06:bd:2e:17:
36:92:e9:49:cd:33:dc:f1:08:2a:66:a0:cf:8c:93:12:6a:90:
cc:77:a3:7f:b1:e9:63:13:9c:f7:45:25:a8:3e:5d:02:1c:26:
96:be:dc:f0:d2:48:8e:ba:38:4c:9d:ef:c0:d8:e8:83:51:78:
d0:69:a5:51:d0:b7:00:23:62:f4:8b:5d:70:ef:75:88:9c:e2:
2f:6b:6a:06:24:ff:7e:9a:83:27:4c:5c:ad:fa:df:f5:18:2d:
9a:a1:72:97
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEOAk1MzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjhlODljN2FiNGUxNTEyYTliNDZkNTM4OWI1ZGU5YzZhMWQ3ZTk5MB4XDTIyMDEw
MTExNTQyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGEwN2YwN2IzNmEy
ZTQxMjEwZmE2ZDQyYWRiMDFkMmEwNzY3ODkzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIisjHl/bzRXOce5drFxFnlYmMLvPA3G4PW0c4R2sXyzjcg1
beaXpBlo8cn65WES1FiRi1nxgr3GaZnVjZUzQz1xMoVKGEBRu8nEDpVZsAr7jXZa
BEgtp6fyBtOa57y8quUprHl0Di2Nbcr5cvDQbdZSMyy840dNo17jtOl6iJU5o5YK
gi/N0BUC2pGKs9c7HJBNZ3H3/KkuR9JqGesVRAZVScv0FYepAWycsvUwyqLF4oYV
duBRO9Rl1zbrWqxiWptjB0S3XaQmxiXowrwhSq6Ih51BVMy5iMq/gfmuGEFYJ68L
E8iyj087+fL9AFJ0sJV6LJ0ablQ8993SHskx1AsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTaB/B7NqLkEhD6bUKtsB0qB2eJNjAfBgNVHSMEGDAWgBSGjonHq04VEqm0
bVOJtd6cah1+mTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hvNkp4NnRPRlJLcHRHMVRpYlhlbkdvZGZway5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvOGQ0MGMyLWMyOGUtNDVkZC1hYzEwLTA3ZmU3NzYwYTk3OS8x
LzJnZndlemFpNUJJUS1tMUNyYkFkS2dkbmlUWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
OGQ0MGMyLWMyOGUtNDVkZC1hYzEwLTA3ZmU3NzYwYTk3OS8xL2hvNkp4NnRPRlJL
cHRHMVRpYlhlbkdvZGZway5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoCB7gwDQYJKoZIhvcNAQELBQAD
ggEBAJ/KtsHOa1BcE7/R7cmi4UkYXGJHTHC0LEMvng/XvXcMyhnNN/w/rzoKF5mD
NU/h7x+iC93VQyzNXgOU8C0eYNo4Tp+CZoUdoLNNgtutBfUNII9yv5jHt67wpiTQ
g7CYYNr8rz3CwRMZDA4bQpifjg9o0oioxEHnUIEQ79EFUJ1BNFrnsJ82UR82BsxK
V/dimb+7DG8k1ysMoOsRDlmrBr0uFzaS6UnNM9zxCCpmoM+MkxJqkMx3o3+x6WMT
nPdFJag+XQIcJpa+3PDSSI66OEyd78DY6INReNBppVHQtwAjYvSLXXDvdYic4i9r
agYk/36agydMXK363/UYLZqhcpc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:06 2025 by rpki-client