Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/pckV3Ny46TaKVnOLD2SsKXbY_nE.roa
File: pckV3Ny46TaKVnOLD2SsKXbY_nE.roa (raw, json)
Hash identifier: wXkkeRI/oAjuXh/YFmny+LydKMS24wNW7vGV6jYr8h8=
Subject key identifier: A5:C9:15:DC:DC:B8:E9:36:8A:56:73:8B:0F:64:AC:29:76:D8:FE:71
Certificate issuer: /CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Certificate serial: 0194258F3910410B08DAA7876CCA60780815
Authority key identifier: 31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/pckV3Ny46TaKVnOLD2SsKXbY_nE.roa
Signing time: Thu 02 Jan 2025 05:48:50 +0000
ROA not before: Thu 02 Jan 2025 05:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33988
IP address blocks: 2a0b:8f00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:39:10:41:0b:08:da:a7:87:6c:ca:60:78:08:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Validity
Not Before: Jan 2 05:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5c915dcdcb8e9368a56738b0f64ac2976d8fe71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:12:40:26:42:ac:94:04:a9:a0:83:d8:33:42:
52:bb:b3:c2:1e:76:f7:2c:a5:1b:5f:63:c6:25:7d:
33:50:18:64:44:9c:fc:8c:cf:67:04:60:0b:e2:9c:
08:04:f8:6c:9c:73:f4:4c:a4:18:f5:96:eb:58:a0:
f0:93:ac:96:8d:b0:7a:01:20:30:60:e1:12:5a:78:
50:51:0d:b9:82:5a:f5:fa:e0:2d:cc:51:f5:15:9e:
e6:28:fa:91:80:53:dd:72:6c:9f:94:1e:a4:4f:c2:
3e:18:3d:ca:6c:d4:48:bf:a7:3f:18:32:52:ba:ff:
25:76:04:96:24:43:39:c0:69:61:3d:7a:c2:81:65:
bf:ca:09:66:cb:b1:4b:61:43:ae:a5:5f:a9:0b:8d:
68:12:02:81:7a:29:83:f5:8c:19:68:d4:10:c3:93:
39:6c:d7:e4:75:ab:22:94:5c:c5:79:83:c0:2e:f3:
8c:23:b9:fd:5f:98:de:bd:48:52:34:4b:d7:fd:e2:
66:dd:18:b8:5d:e4:05:fd:fe:89:dd:47:45:be:90:
b3:32:8c:7b:79:2b:73:b0:cb:ba:aa:76:8f:41:a2:
55:21:91:53:9f:45:aa:94:03:bc:f7:a5:a9:b2:81:
a2:86:79:d0:ec:23:96:9e:ad:a2:e2:c7:56:a7:a5:
aa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C9:15:DC:DC:B8:E9:36:8A:56:73:8B:0F:64:AC:29:76:D8:FE:71
X509v3 Authority Key Identifier:
keyid:31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/pckV3Ny46TaKVnOLD2SsKXbY_nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
99:19:12:d7:8d:f7:00:53:17:c2:60:3c:15:cf:24:52:2d:50:
1a:f6:35:a7:3f:4a:25:e0:33:7f:1e:df:e0:b5:a8:44:67:8e:
eb:4c:00:f9:2d:9e:9d:0f:e1:53:c2:a3:47:a0:a1:19:95:06:
6a:12:de:78:08:ed:96:a7:3e:ef:b1:5a:7c:3c:e1:4a:ff:02:
71:b6:24:d5:de:27:b0:c4:eb:f0:54:8e:de:19:c7:7e:25:aa:
d8:69:5b:90:c7:5b:7c:10:76:9e:ab:33:8f:15:81:e3:8c:a6:
a5:d6:df:cf:6e:7c:85:0e:1f:b7:2d:4f:2d:ea:40:4c:95:32:
9f:85:29:0d:29:e1:6c:be:c2:7d:a9:35:83:ce:d3:3d:a3:5b:
29:e7:dc:4c:a6:c3:8a:ca:e3:4e:53:fb:7a:16:df:ee:1c:d5:
75:c2:77:24:9c:77:a5:57:d1:44:c7:a5:cb:de:60:9b:a0:99:
1a:72:3d:e2:8c:7e:9b:2c:ba:0d:d0:aa:46:e0:61:4f:3d:4a:
4a:54:98:4e:43:aa:fb:6f:df:e2:dd:3a:eb:5d:ce:14:71:16:
20:3e:0d:fc:6e:4e:53:97:f1:37:34:7c:bb:61:03:65:0e:37:
0e:98:cb:6e:32:57:51:bd:64:89:31:ff:2b:66:58:d1:58:f0:
52:69:d6:83
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQljzkQQQsI2qeHbMpgeAgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODhmYWUzZWJiYjNkNzRmZWVkZGNmNTA3ZjgzZTY3ZGI4
ODUwYTIwHhcNMjUwMTAyMDU0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM5MTVkY2RjYjhlOTM2OGE1NjczOGIwZjY0YWMyOTc2ZDhmZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhJAJkKslASpoIPYM0JSu7PCHnb3
LKUbX2PGJX0zUBhkRJz8jM9nBGAL4pwIBPhsnHP0TKQY9ZbrWKDwk6yWjbB6ASAw
YOESWnhQUQ25glr1+uAtzFH1FZ7mKPqRgFPdcmyflB6kT8I+GD3KbNRIv6c/GDJS
uv8ldgSWJEM5wGlhPXrCgWW/yglmy7FLYUOupV+pC41oEgKBeimD9YwZaNQQw5M5
bNfkdasilFzFeYPALvOMI7n9X5jevUhSNEvX/eJm3Ri4XeQF/f6J3UdFvpCzMox7
eStzsMu6qnaPQaJVIZFTn0WqlAO896WpsoGihnnQ7COWnq2i4sdWp6WqtwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKXJFdzcuOk2ilZziw9krCl22P5xMB8GA1UdIwQY
MBaAFDGI+uPruz10/u3c9Qf4PmfbiFCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmIt
Yjg1M2RmZjg3NjVjLzEvcGNrVjNOeTQ2VGFLVm5PTEQyU3NLWGJZX25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmItYjg1M2RmZjg3NjVj
LzEvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguPADAN
BgkqhkiG9w0BAQsFAAOCAQEAmRkS1433AFMXwmA8Fc8kUi1QGvY1pz9KJeAzfx7f
4LWoRGeO60wA+S2enQ/hU8KjR6ChGZUGahLeeAjtlqc+77FafDzhSv8CcbYk1d4n
sMTr8FSO3hnHfiWq2GlbkMdbfBB2nqszjxWB44ympdbfz258hQ4fty1PLepATJUy
n4UpDSnhbL7Cfak1g87TPaNbKefcTKbDisrjTlP7ehbf7hzVdcJ3JJx3pVfRRMel
y95gm6CZGnI94ox+myy6DdCqRuBhTz1KSlSYTkOq+2/f4t06613OFHEWID4N/G5O
U5fxNzR8u2EDZQ43DpjLbjJXUb1kiTH/K2ZY0VjwUmnWgw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 00:59:40 2025 by rpki-client