Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rNDOvM5UxXc5fH47oHCEP_VORSM.roa
File: rNDOvM5UxXc5fH47oHCEP_VORSM.roa (raw, json)
Hash identifier: hLwFkJIpP7sAFfrwj7IvT50Kv+kzkPnYlFZV3e8VSCU=
Subject key identifier: AC:D0:CE:BC:CE:54:C5:77:39:7C:7E:3B:A0:70:84:3F:F5:4E:45:23
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B5728F8ACCACE06B5A754EC119BA3D
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rNDOvM5UxXc5fH47oHCEP_VORSM.roa
Signing time: Thu 02 Jan 2025 15:49:50 +0000
ROA not before: Thu 02 Jan 2025 15:49:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212165
IP address blocks: 2a0f:db80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:72:8f:8a:cc:ac:e0:6b:5a:75:4e:c1:19:ba:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acd0cebcce54c577397c7e3ba070843ff54e4523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:50:b2:38:a2:fd:9b:2b:a8:22:3d:08:a5:36:
72:27:af:4a:dc:cb:e3:91:6a:34:a4:79:ca:1b:9e:
95:e2:b8:fc:f2:84:a3:b1:14:b8:2a:01:f2:58:3a:
f0:5d:9f:bc:3b:25:57:09:3b:a8:20:94:a0:0d:93:
59:37:8a:39:a7:af:f6:46:b0:82:25:59:0d:6e:d5:
d4:80:4c:00:43:70:33:97:92:5f:41:d9:24:d6:d7:
74:c6:35:ac:56:cb:15:9f:c6:dc:6b:57:7a:57:2a:
8c:fd:0f:54:c6:e8:c6:4d:0f:5f:61:d7:df:ba:c9:
dd:91:63:a5:3e:fa:43:ba:10:b1:61:b5:15:f0:b9:
d4:41:3d:a7:8d:88:9b:3c:3a:ce:34:d2:b9:90:96:
5b:4d:8f:d9:47:2f:3c:63:5f:88:d4:d4:c0:ec:d8:
ea:b2:ed:9a:3c:ef:d8:34:5a:ed:83:77:93:2d:13:
24:85:24:1a:21:25:89:7e:bd:ca:95:c8:70:0c:3e:
40:44:54:30:72:00:86:57:09:57:00:2d:0c:5e:d7:
45:d2:b2:ab:b1:c7:12:0a:31:54:32:2e:14:22:a8:
1e:d1:f7:b5:16:38:0d:57:57:48:14:c2:93:bd:f5:
95:68:b9:05:d2:be:c7:9b:ea:17:c7:3e:7d:b7:d1:
9a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D0:CE:BC:CE:54:C5:77:39:7C:7E:3B:A0:70:84:3F:F5:4E:45:23
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/rNDOvM5UxXc5fH47oHCEP_VORSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:db80::/29
Signature Algorithm: sha256WithRSAEncryption
73:b7:47:38:97:43:4f:0f:ed:a3:d9:72:ed:8e:2e:19:65:81:
29:1d:85:aa:2c:bd:d0:7d:11:f5:c9:89:d2:33:49:73:0a:33:
6b:fc:1d:59:6d:2e:c1:02:d9:0c:0b:2b:f4:1c:f3:0e:01:c6:
a4:e4:1b:55:2b:42:a4:29:ed:a1:c2:7f:8c:cc:0e:6b:84:93:
25:b3:99:f4:6d:fe:67:2d:d0:cd:2d:6f:66:35:20:fa:8f:46:
2f:21:80:9a:58:e5:50:d4:fb:28:8c:f4:54:70:ec:3c:5b:7d:
b3:6c:72:8a:57:94:be:c3:98:8b:e4:3f:d6:1b:17:6a:71:55:
f3:b7:11:b2:3c:b9:c9:f3:a4:93:3c:1c:57:c6:62:62:76:06:
f9:d5:90:2d:3b:d0:55:94:97:90:a6:9b:24:14:dc:12:d5:7f:
4b:3e:1d:17:66:62:c1:9f:9f:89:74:1b:6f:00:19:ea:a1:7f:
67:98:79:ec:d4:a2:a8:23:96:7c:a3:aa:fb:53:df:bf:31:57:
ad:70:ca:a5:fc:bc:27:18:72:44:5f:40:48:89:bc:8f:14:d7:
8a:c2:bb:06:a8:c8:3a:9d:98:8f:82:9f:d9:46:e9:f3:6a:85:
bf:1a:28:8a:a2:23:03:bb:3f:c8:38:26:8b:d2:45:56:88:e8:
2f:46:e5:0a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntXKPisys4GtadU7BGbo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QwY2ViY2NlNTRjNTc3Mzk3YzdlM2JhMDcwODQzZmY1NGU0NTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01CyOKL9myuoIj0IpTZyJ69K3Mvj
kWo0pHnKG56V4rj88oSjsRS4KgHyWDrwXZ+8OyVXCTuoIJSgDZNZN4o5p6/2RrCC
JVkNbtXUgEwAQ3Azl5JfQdkk1td0xjWsVssVn8bca1d6VyqM/Q9UxujGTQ9fYdff
usndkWOlPvpDuhCxYbUV8LnUQT2njYibPDrONNK5kJZbTY/ZRy88Y1+I1NTA7Njq
su2aPO/YNFrtg3eTLRMkhSQaISWJfr3KlchwDD5ARFQwcgCGVwlXAC0MXtdF0rKr
sccSCjFUMi4UIqge0fe1FjgNV1dIFMKTvfWVaLkF0r7Hm+oXxz59t9GaFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKzQzrzOVMV3OXx+O6BwhD/1TkUjMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvck5ET3ZNNVV4WGM1Zkg0N29IQ0VQX1ZPUlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/bgDAN
BgkqhkiG9w0BAQsFAAOCAQEAc7dHOJdDTw/to9ly7Y4uGWWBKR2Fqiy90H0R9cmJ
0jNJcwoza/wdWW0uwQLZDAsr9BzzDgHGpOQbVStCpCntocJ/jMwOa4STJbOZ9G3+
Zy3QzS1vZjUg+o9GLyGAmljlUNT7KIz0VHDsPFt9s2xyileUvsOYi+Q/1hsXanFV
87cRsjy5yfOkkzwcV8ZiYnYG+dWQLTvQVZSXkKabJBTcEtV/Sz4dF2ZiwZ+fiXQb
bwAZ6qF/Z5h57NSiqCOWfKOq+1PfvzFXrXDKpfy8JxhyRF9ASIm8jxTXisK7BqjI
Op2Yj4Kf2Ubp82qFvxooiqIjA7s/yDgmi9JFVojoL0blCg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:41 2025 by rpki-client