Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/2ryoTZBN5F3OiNCuF51I0QKaurE.roa
File: 2ryoTZBN5F3OiNCuF51I0QKaurE.roa (raw, json)
Hash identifier: Osws3/zgkZy8Uyd/0g/4WCaZXYz7WNin28TFS0n+qzE=
Subject key identifier: DA:BC:A8:4D:90:4D:E4:5D:CE:88:D0:AE:17:9D:48:D1:02:9A:BA:B1
Certificate issuer: /CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Certificate serial: 0194228DE1758001D1D89FA240045D404215
Authority key identifier: 21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/2ryoTZBN5F3OiNCuF51I0QKaurE.roa
Signing time: Wed 01 Jan 2025 15:48:31 +0000
ROA not before: Wed 01 Jan 2025 15:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16347
IP address blocks: 2a0a:2f81::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e1:75:80:01:d1:d8:9f:a2:40:04:5d:40:42:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21cb2ac377fc603f95faecc54ac7d590f2cc319d
Validity
Not Before: Jan 1 15:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dabca84d904de45dce88d0ae179d48d1029abab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:06:5a:6b:4a:bd:e5:d2:f6:c0:a6:6e:dd:db:
b7:ee:3c:83:d7:78:2a:59:be:88:dd:70:e3:63:86:
8e:45:11:de:c0:0e:dc:a9:91:80:56:b6:ec:fb:4c:
cd:41:5a:2f:77:85:37:46:22:33:76:a4:b4:06:e5:
ca:f7:e4:bc:f4:cc:c6:d2:9b:04:6b:84:66:3e:a9:
8e:fd:b4:6c:ba:39:a2:9b:21:8b:bc:7e:1b:f7:a4:
57:4b:11:c4:f3:14:8b:a3:29:20:99:68:1f:d4:0a:
0a:7a:23:41:c0:0e:12:bc:a8:7c:1e:57:89:f6:e1:
a8:4f:c2:f1:8c:9b:03:b7:64:76:5a:a0:38:b6:60:
57:be:9e:6e:cd:d5:d5:f0:8c:ce:86:df:54:cb:df:
4d:38:2d:34:c2:f1:a9:96:2c:9d:14:a1:98:79:5d:
80:19:a3:a1:89:04:bb:a5:06:e8:5a:f7:86:30:b4:
ad:35:63:e1:05:fa:d1:23:7f:76:e4:37:cf:68:8e:
20:42:9f:18:0b:61:16:fb:04:3f:81:48:b8:21:1f:
f9:0e:8a:6e:99:b1:a8:3b:ab:95:23:80:3e:e4:f8:
db:bc:d8:e0:18:fa:cb:45:da:8f:10:b1:57:53:71:
0d:a4:35:2b:e9:3b:4b:e9:cb:2a:b1:eb:82:82:13:
39:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BC:A8:4D:90:4D:E4:5D:CE:88:D0:AE:17:9D:48:D1:02:9A:BA:B1
X509v3 Authority Key Identifier:
keyid:21:CB:2A:C3:77:FC:60:3F:95:FA:EC:C5:4A:C7:D5:90:F2:CC:31:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/2ryoTZBN5F3OiNCuF51I0QKaurE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/67c21d-0e92-4242-994e-fb40d6da2468/1/Icsqw3f8YD-V-uzFSsfVkPLMMZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2f81::/32
Signature Algorithm: sha256WithRSAEncryption
a1:d0:5b:22:97:3d:63:51:bc:14:55:b2:a8:af:80:02:3a:7b:
67:da:43:aa:6f:81:10:34:1e:d2:ea:98:0d:c8:13:05:35:72:
81:e6:c7:b6:8c:57:c2:93:f8:f6:75:f4:2c:ee:ab:12:3e:49:
1f:98:d5:7b:fe:3a:62:8f:ec:d2:70:87:ac:ea:d7:a3:bf:92:
41:73:b8:4d:37:fc:e9:bc:a0:9d:2e:55:c1:25:26:16:ca:c1:
0c:6b:64:c3:3d:17:96:36:df:e9:16:0c:d6:9f:a6:e6:b3:38:
6d:0e:dd:8f:af:50:cf:56:f1:34:14:3a:e4:e3:31:bc:42:ac:
17:3c:de:c6:c9:f6:dc:74:07:d1:40:8c:f2:65:f0:1b:d7:1d:
9a:83:74:77:5d:db:a7:60:29:36:b3:4c:c3:69:be:2d:e4:7c:
16:79:32:7f:dc:92:6e:69:5d:64:f5:10:12:15:6b:20:ad:8c:
42:d1:e3:02:4b:54:a0:30:43:fa:fc:47:6f:bf:2c:8c:54:f7:
23:78:f8:9f:58:31:65:d8:2a:6a:9c:d5:28:cb:13:16:2d:ef:
8d:9f:2b:d3:52:44:38:e6:61:de:a7:67:98:dc:66:ed:de:6e:
17:0b:8e:3a:b3:25:8d:d4:18:54:11:ef:fb:5d:4a:22:05:13:
6c:ea:ad:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQijeF1gAHR2J+iQARdQEIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxY2IyYWMzNzdmYzYwM2Y5NWZhZWNjNTRhYzdkNTkwZjJj
YzMxOWQwHhcNMjUwMTAxMTU0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJjYTg0ZDkwNGRlNDVkY2U4OGQwYWUxNzlkNDhkMTAyOWFiYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwZaa0q95dL2wKZu3du37jyD13gq
Wb6I3XDjY4aORRHewA7cqZGAVrbs+0zNQVovd4U3RiIzdqS0BuXK9+S89MzG0psE
a4RmPqmO/bRsujmimyGLvH4b96RXSxHE8xSLoykgmWgf1AoKeiNBwA4SvKh8HleJ
9uGoT8LxjJsDt2R2WqA4tmBXvp5uzdXV8IzOht9Uy99NOC00wvGpliydFKGYeV2A
GaOhiQS7pQboWveGMLStNWPhBfrRI3925DfPaI4gQp8YC2EW+wQ/gUi4IR/5Dopu
mbGoO6uVI4A+5PjbvNjgGPrLRdqPELFXU3ENpDUr6TtL6csqseuCghM5CwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNq8qE2QTeRdzojQrhedSNECmrqxMB8GA1UdIwQY
MBaAFCHLKsN3/GA/lfrsxUrH1ZDyzDGdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUt
ZmI0MGQ2ZGEyNDY4LzEvMnJ5b1RaQk41RjNPaU5DdUY1MUkwUUthdXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy82N2MyMWQtMGU5Mi00MjQyLTk5NGUtZmI0MGQ2ZGEyNDY4
LzEvSWNzcXczZjhZRC1WLXV6RlNzZlZrUExNTVowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgovgTAN
BgkqhkiG9w0BAQsFAAOCAQEAodBbIpc9Y1G8FFWyqK+AAjp7Z9pDqm+BEDQe0uqY
DcgTBTVygebHtoxXwpP49nX0LO6rEj5JH5jVe/46Yo/s0nCHrOrXo7+SQXO4TTf8
6bygnS5VwSUmFsrBDGtkwz0Xljbf6RYM1p+m5rM4bQ7dj69Qz1bxNBQ65OMxvEKs
Fzzexsn23HQH0UCM8mXwG9cdmoN0d13bp2ApNrNMw2m+LeR8Fnkyf9ySbmldZPUQ
EhVrIK2MQtHjAktUoDBD+vxHb78sjFT3I3j4n1gxZdgqapzVKMsTFi3vjZ8r01JE
OOZh3qdnmNxm7d5uFwuOOrMljdQYVBHv+11KIgUTbOqtkA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:43:57 2025 by rpki-client