Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/20w83vHPyYnLSWr2qqWCmD2gZNY.roa
File: 20w83vHPyYnLSWr2qqWCmD2gZNY.roa (raw, json)
Hash identifier: ClK+X58yEmA5ygXK0mo1ANs6qUTT/V8TWnwZD7Tusy4=
Subject key identifier: DB:4C:3C:DE:F1:CF:C9:89:CB:49:6A:F6:AA:A5:82:98:3D:A0:64:D6
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019426D9FF4130649B07882B5612F34BA812
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/20w83vHPyYnLSWr2qqWCmD2gZNY.roa
Signing time: Thu 02 Jan 2025 11:50:08 +0000
ROA not before: Thu 02 Jan 2025 11:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47172
IP address blocks: 2a03:f85:6::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ff:41:30:64:9b:07:88:2b:56:12:f3:4b:a8:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 2 11:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db4c3cdef1cfc989cb496af6aaa582983da064d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5c:02:87:b3:04:5e:24:d3:dd:e1:51:d1:5f:
f3:8c:86:33:98:68:5f:d8:0c:d5:43:2c:5e:c6:66:
be:22:e5:0f:a5:87:30:56:5f:cb:16:04:07:9d:48:
5c:7c:07:d7:89:78:4d:db:79:94:32:1e:9b:13:ce:
59:66:10:21:e5:ab:ad:16:d1:6f:e5:71:57:a1:86:
39:16:be:87:b3:d9:d2:c4:15:5d:95:0e:17:a3:47:
32:fb:66:0c:5f:d3:ee:ec:03:2c:4f:fe:94:be:44:
7e:77:3b:63:3c:2c:04:4a:e7:84:61:2c:e1:0f:da:
6f:52:5c:5c:48:0d:16:fc:fd:70:c7:6a:60:c0:52:
79:28:d4:0e:c7:3b:d4:41:5f:3e:4e:05:31:7b:b3:
6f:9d:f0:4d:a8:21:22:28:54:de:a8:17:c3:d6:55:
0f:67:25:7d:93:e4:69:8b:a6:b2:e0:4e:0a:84:9a:
37:23:ca:28:ca:f2:2c:66:04:fa:fc:8a:75:6a:ce:
19:5d:1e:f5:86:8c:c8:a8:6f:1c:80:94:b6:ce:94:
31:3b:5d:c1:8f:36:9e:a0:ff:6e:be:16:40:9b:91:
22:5f:32:3a:e5:fb:61:69:60:af:8b:f5:86:3d:7d:
bc:2a:29:50:57:68:bc:e6:0b:0a:38:e3:03:43:6c:
77:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4C:3C:DE:F1:CF:C9:89:CB:49:6A:F6:AA:A5:82:98:3D:A0:64:D6
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/20w83vHPyYnLSWr2qqWCmD2gZNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f85:6::/48
Signature Algorithm: sha256WithRSAEncryption
51:45:32:45:93:1e:a2:16:92:21:5a:ff:32:e9:99:9a:8f:d8:
2f:03:80:b1:9a:32:19:51:d6:4e:8b:d8:59:bf:a1:96:91:ff:
f5:d1:7a:52:22:d4:50:c5:cb:49:88:5c:c1:94:ea:cc:8d:63:
5e:e6:84:de:75:62:20:b3:a0:90:83:2f:8c:37:77:f4:65:fe:
42:7c:87:d0:05:37:14:cb:d3:c7:aa:a7:2d:e2:87:c7:a7:d5:
47:23:a0:d0:5e:e2:41:9a:d3:59:76:0d:85:94:1d:bd:76:13:
2f:c9:d3:7a:9c:02:fe:dd:6c:4a:c3:f4:ac:92:a6:b2:ee:6e:
91:e4:e4:88:78:ee:95:82:64:a2:26:ae:4a:d7:fc:98:59:dd:
13:08:6e:8e:a3:fb:6f:d8:8f:bd:fb:7c:9f:d1:39:5a:f7:bf:
3f:4c:da:5e:85:0c:f8:3f:29:0e:ba:8d:e7:34:0a:b2:f6:41:
8a:eb:5c:1c:b8:da:e4:01:cf:2f:15:83:9d:72:ab:ea:e2:bd:
94:f9:dc:f1:54:c8:fb:91:34:bf:ea:c5:37:3b:42:2f:b5:8d:
ef:49:8d:a6:3e:5c:9b:56:9e:4d:d1:bb:8a:e6:41:83:67:6b:
f1:ca:f3:d8:af:25:8b:90:2a:90:79:f3:7d:b5:95:7a:d9:ac:
85:cf:4b:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2f9BMGSbB4grVhLzS6gSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwMTAyMTE1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRjM2NkZWYxY2ZjOTg5Y2I0OTZhZjZhYWE1ODI5ODNkYTA2NGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlwCh7MEXiTT3eFR0V/zjIYzmGhf
2AzVQyxexma+IuUPpYcwVl/LFgQHnUhcfAfXiXhN23mUMh6bE85ZZhAh5autFtFv
5XFXoYY5Fr6Hs9nSxBVdlQ4Xo0cy+2YMX9Pu7AMsT/6UvkR+dztjPCwESueEYSzh
D9pvUlxcSA0W/P1wx2pgwFJ5KNQOxzvUQV8+TgUxe7NvnfBNqCEiKFTeqBfD1lUP
ZyV9k+Rpi6ay4E4KhJo3I8ooyvIsZgT6/Ip1as4ZXR71hozIqG8cgJS2zpQxO13B
jzaeoP9uvhZAm5EiXzI65fthaWCvi/WGPX28KilQV2i85gsKOOMDQ2x3NQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNtMPN7xz8mJy0lq9qqlgpg9oGTWMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvMjB3ODN2SFB5WW5MU1dyMnFxV0NtRDJnWk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgMPhQAG
MA0GCSqGSIb3DQEBCwUAA4IBAQBRRTJFkx6iFpIhWv8y6Zmaj9gvA4CxmjIZUdZO
i9hZv6GWkf/10XpSItRQxctJiFzBlOrMjWNe5oTedWIgs6CQgy+MN3f0Zf5CfIfQ
BTcUy9PHqqct4ofHp9VHI6DQXuJBmtNZdg2FlB29dhMvydN6nAL+3WxKw/Sskqay
7m6R5OSIeO6VgmSiJq5K1/yYWd0TCG6Oo/tv2I+9+3yf0Tla978/TNpehQz4PykO
uo3nNAqy9kGK61wcuNrkAc8vFYOdcqvq4r2U+dzxVMj7kTS/6sU3O0IvtY3vSY2m
PlybVp5N0buK5kGDZ2vxyvPYryWLkCqQefN9tZV62ayFz0tS
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:45:59 2025 by rpki-client