Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/U8lnC6TG0pv6pWZXKVHzbslUv7Y.roa
File: U8lnC6TG0pv6pWZXKVHzbslUv7Y.roa (raw, json)
Hash identifier: en2pnR7bb0v314EN8AtTeDNZJOdRSB9qKOFTcoTcCf0=
Subject key identifier: 53:C9:67:0B:A4:C6:D2:9B:FA:A5:66:57:29:51:F3:6E:C9:54:BF:B6
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0194214405CB739824493929F2E9F0B387C8
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/U8lnC6TG0pv6pWZXKVHzbslUv7Y.roa
Signing time: Wed 01 Jan 2025 09:48:13 +0000
ROA not before: Wed 01 Jan 2025 09:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12859
IP address blocks: 2a05:1500:fe00::/40 maxlen: 48
2a0b:8f80:201::/48 maxlen: 48
2a0b:8f80:301::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:05:cb:73:98:24:49:39:29:f2:e9:f0:b3:87:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Jan 1 09:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53c9670ba4c6d29bfaa566572951f36ec954bfb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:11:88:aa:f9:2f:0b:2e:65:91:ac:74:c9:db:
0b:ab:b0:27:66:26:79:5e:d1:b5:2f:31:47:bd:cd:
8f:8e:6f:48:cb:86:bc:6b:9e:42:ef:e3:d8:34:56:
8c:ed:43:8f:cd:8a:14:0e:a6:d8:6d:35:d0:ef:58:
78:4f:6d:0d:df:fd:be:5f:b5:3f:47:5a:67:31:db:
5a:5e:4e:99:31:8f:d2:77:bd:f2:29:a1:43:09:0d:
61:14:f9:c0:55:fb:85:0e:18:a5:37:d1:b0:1a:b9:
c8:f5:8e:9e:a5:04:66:ab:92:0e:75:0f:9f:d1:95:
2f:7c:c0:24:7b:14:ab:44:2c:45:96:f0:da:9c:40:
9a:62:2b:5f:7e:4a:0d:10:b5:9d:fb:a8:bb:93:b9:
0c:11:96:ef:53:e1:bc:b7:b5:33:a0:65:25:64:b4:
14:d9:aa:fd:af:ff:84:cd:77:ba:a2:2a:6a:80:a9:
63:41:ee:7b:ad:0a:39:bb:e2:b2:6a:b0:67:e2:16:
06:8a:5b:99:ff:57:21:e0:b1:b5:7d:e0:67:61:ae:
01:9b:ae:08:2b:b4:ca:b5:8d:4c:60:24:f7:f2:6f:
80:65:44:ea:b1:7c:7f:85:0a:0b:b7:c3:0c:ae:c1:
a5:d6:c3:61:be:5f:9e:97:90:f8:5f:a2:98:64:ec:
74:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C9:67:0B:A4:C6:D2:9B:FA:A5:66:57:29:51:F3:6E:C9:54:BF:B6
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/U8lnC6TG0pv6pWZXKVHzbslUv7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:1500:fe00::/40
2a0b:8f80:201::/48
2a0b:8f80:301::/48
Signature Algorithm: sha256WithRSAEncryption
69:10:69:c5:3f:06:73:59:18:3a:eb:f3:d2:21:36:56:b7:ac:
2e:6f:04:d1:14:b1:8c:b9:df:0e:c4:90:d9:ba:81:ce:3d:46:
5c:84:26:1c:0b:f4:49:12:71:f3:e3:a7:94:4d:8e:a1:30:87:
4a:07:87:3e:e8:62:fd:7e:a7:f3:d1:ee:4b:78:4e:6b:82:c5:
db:2a:60:df:e0:58:d6:ba:bd:47:4e:80:a1:5f:66:4a:ec:6a:
d4:32:8f:68:80:f2:b8:f5:d0:01:d2:08:c1:20:2f:df:70:eb:
7f:e4:60:d3:2b:8c:a7:09:0e:9e:a5:b1:ba:48:bf:57:ef:d3:
e2:4a:a5:e6:d0:fb:20:6d:e2:c8:d8:5d:4c:cb:00:84:80:fc:
40:44:2b:37:73:06:01:c9:50:5c:f7:5c:de:2e:eb:d5:8a:04:
e2:74:ff:97:ce:5e:1d:12:ea:e7:5d:61:70:74:91:7c:e3:ab:
eb:6d:7c:63:63:e2:1b:8a:7d:6b:f3:7d:f8:1c:d4:fa:d0:a7:
c3:b1:50:01:88:d5:c9:db:e8:ae:03:e2:89:6a:53:18:99:6b:
7f:84:99:bc:65:74:c5:27:9d:2a:17:f0:1b:cf:ea:5a:09:53:
ff:c9:b3:ce:12:30:9a:1e:26:f8:eb:32:11:db:da:8d:a1:05:
94:a4:da:96
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQhRAXLc5gkSTkp8unws4fIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjUwMTAxMDk0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2M5NjcwYmE0YzZkMjliZmFhNTY2NTcyOTUxZjM2ZWM5NTRiZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBGIqvkvCy5lkax0ydsLq7AnZiZ5
XtG1LzFHvc2Pjm9Iy4a8a55C7+PYNFaM7UOPzYoUDqbYbTXQ71h4T20N3/2+X7U/
R1pnMdtaXk6ZMY/Sd73yKaFDCQ1hFPnAVfuFDhilN9GwGrnI9Y6epQRmq5IOdQ+f
0ZUvfMAkexSrRCxFlvDanECaYitffkoNELWd+6i7k7kMEZbvU+G8t7UzoGUlZLQU
2ar9r/+EzXe6oipqgKljQe57rQo5u+KyarBn4hYGiluZ/1ch4LG1feBnYa4Bm64I
K7TKtY1MYCT38m+AZUTqsXx/hQoLt8MMrsGl1sNhvl+el5D4X6KYZOx0hwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFPJZwukxtKb+qVmVylR827JVL+2MB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvVThsbkM2VEcwcHY2cFdaWEtWSHpic2xVdjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwYAKgUVAP4D
BwAqC4+AAgEDBwAqC4+AAwEwDQYJKoZIhvcNAQELBQADggEBAGkQacU/BnNZGDrr
89IhNla3rC5vBNEUsYy53w7EkNm6gc49RlyEJhwL9EkScfPjp5RNjqEwh0oHhz7o
Yv1+p/PR7kt4TmuCxdsqYN/gWNa6vUdOgKFfZkrsatQyj2iA8rj10AHSCMEgL99w
63/kYNMrjKcJDp6lsbpIv1fv0+JKpebQ+yBt4sjYXUzLAISA/EBEKzdzBgHJUFz3
XN4u69WKBOJ0/5fOXh0S6uddYXB0kXzjq+ttfGNj4huKfWvzffgc1PrQp8OxUAGI
1cnb6K4D4olqUxiZa3+EmbxldMUnnSoX8BvP6loJU//Js84SMJoeJvjrMhHb2o2h
BZSk2pY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:07:36 2025 by rpki-client