Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/U5MjMe7sq9QhciMhBsqkAcgoOc8.roa
File: U5MjMe7sq9QhciMhBsqkAcgoOc8.roa (raw, json)
Hash identifier: AttJnibiqhmT9C2Pn8Q6zsdO/wjIuWHmaJ2E/be22rI=
Subject key identifier: 53:93:23:31:EE:EC:AB:D4:21:72:23:21:06:CA:A4:01:C8:28:39:CF
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01941FFA688ED14203D29DBFD73FB4118E82
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/U5MjMe7sq9QhciMhBsqkAcgoOc8.roa
Signing time: Wed 01 Jan 2025 03:48:11 +0000
ROA not before: Wed 01 Jan 2025 03:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 2a0e:d785::/32 maxlen: 48
2a0e:d786::/32 maxlen: 48
2a11:f881::/32 maxlen: 48
2a11:f882::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:68:8e:d1:42:03:d2:9d:bf:d7:3f:b4:11:8e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 03:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53932331eeecabd42172232106caa401c82839cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:eb:5c:37:5f:00:2c:6e:5f:d1:41:35:1d:c5:
77:cc:9f:af:79:d9:ac:d2:84:eb:0f:af:9d:52:be:
97:36:82:68:94:1f:1b:53:a9:3f:c0:b2:9b:0e:90:
a8:35:11:c4:4a:94:cb:54:03:9c:56:74:c3:d4:67:
76:6e:1a:a8:0f:c2:6a:b9:f2:10:74:e9:18:4d:bb:
d1:62:6a:d4:f5:a1:37:5a:05:db:bb:87:7f:4c:3a:
8f:db:c2:fd:0e:4d:e8:53:fd:dc:e8:3d:d9:b5:d5:
2d:c6:8e:10:f0:c4:5a:94:62:22:8d:fc:56:21:f3:
41:8b:60:ae:63:d3:4e:af:64:3c:00:d1:cf:23:8e:
ec:a2:57:39:9c:23:8f:31:58:56:a6:c3:42:95:c3:
08:fd:75:7d:7d:69:e3:c1:1a:27:39:f1:71:31:21:
a0:c9:50:f0:43:62:84:e2:c0:b4:66:4c:d4:1b:aa:
85:9c:40:7f:43:f1:8a:a5:6a:d8:5a:22:fb:48:d7:
48:ee:c4:61:ac:b4:84:ab:25:77:65:94:a0:b9:48:
3d:f2:da:c7:d0:3d:40:9d:ee:79:73:cf:f7:98:55:
20:d9:aa:02:a7:66:93:84:18:af:31:27:2b:57:26:
d8:02:44:95:e5:3c:87:4a:24:d4:07:dd:82:0d:ec:
a3:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:93:23:31:EE:EC:AB:D4:21:72:23:21:06:CA:A4:01:C8:28:39:CF
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/U5MjMe7sq9QhciMhBsqkAcgoOc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:d785::-2a0e:d786:ffff:ffff:ffff:ffff:ffff:ffff
2a11:f881::-2a11:f882:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
59:9d:f9:9e:e4:03:de:c3:ab:35:53:f7:73:cc:d9:51:a2:d6:
83:97:49:52:24:c7:64:77:e0:d1:42:a3:a0:94:95:28:b9:2d:
b4:78:b6:8d:ba:97:88:2e:4d:f8:c6:05:85:40:49:78:7a:53:
19:6e:5c:80:4b:12:bf:53:2b:46:0f:b2:df:f9:a6:cc:14:78:
73:67:da:45:5a:6b:cc:c8:95:55:00:b4:59:5c:88:49:bc:36:
35:70:6c:70:4c:2a:e3:79:1d:b1:00:bd:8e:28:04:a9:10:82:
2f:9c:ac:eb:ca:3a:ed:42:28:f1:81:ab:4d:b6:82:b3:77:5b:
36:04:40:a1:cc:4f:7d:46:1d:8b:a3:ed:0e:8f:5b:1a:34:cd:
c1:68:3e:53:81:c0:e0:10:b5:21:e5:98:50:cb:0c:77:06:a5:
44:34:1e:65:11:0c:b4:bb:45:e9:0a:5d:d2:af:90:18:d8:ee:
2e:5d:04:f8:49:6f:c0:71:15:09:12:ed:7d:c4:8d:1a:cd:99:
3e:36:e0:9a:db:0a:38:68:ca:a7:86:36:61:c6:cc:00:13:60:
89:fd:bb:64:a9:62:4e:94:4c:01:97:d9:f1:38:f8:19:21:8d:
2f:d8:e5:8e:ab:f3:04:d0:a4:ae:55:7c:d5:6c:84:56:54:91:
9b:b4:43:26
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQf+miO0UID0p2/1z+0EY6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjUwMTAxMDM0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzkzMjMzMWVlZWNhYmQ0MjE3MjIzMjEwNmNhYTQwMWM4MjgzOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OtcN18ALG5f0UE1HcV3zJ+vedms
0oTrD6+dUr6XNoJolB8bU6k/wLKbDpCoNRHESpTLVAOcVnTD1Gd2bhqoD8JqufIQ
dOkYTbvRYmrU9aE3WgXbu4d/TDqP28L9Dk3oU/3c6D3ZtdUtxo4Q8MRalGIijfxW
IfNBi2CuY9NOr2Q8ANHPI47solc5nCOPMVhWpsNClcMI/XV9fWnjwRonOfFxMSGg
yVDwQ2KE4sC0ZkzUG6qFnEB/Q/GKpWrYWiL7SNdI7sRhrLSEqyV3ZZSguUg98trH
0D1Ane55c8/3mFUg2aoCp2aThBivMScrVybYAkSV5TyHSiTUB92CDeyjewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFOTIzHu7KvUIXIjIQbKpAHIKDnPMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvVTVNak1lN3NxOVFoY2lNaEJzcWtBY2dvT2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgMA4DBQAqDteF
AwUAKg7XhjAOAwUAKhH4gQMFACoR+IIwDQYJKoZIhvcNAQELBQADggEBAFmd+Z7k
A97DqzVT93PM2VGi1oOXSVIkx2R34NFCo6CUlSi5LbR4to26l4guTfjGBYVASXh6
UxluXIBLEr9TK0YPst/5pswUeHNn2kVaa8zIlVUAtFlciEm8NjVwbHBMKuN5HbEA
vY4oBKkQgi+crOvKOu1CKPGBq022grN3WzYEQKHMT31GHYuj7Q6PWxo0zcFoPlOB
wOAQtSHlmFDLDHcGpUQ0HmURDLS7RekKXdKvkBjY7i5dBPhJb8BxFQkS7X3EjRrN
mT424JrbCjhoyqeGNmHGzAATYIn9u2SpYk6UTAGX2fE4+BkhjS/Y5Y6r8wTQpK5V
fNVshFZUkZu0QyY=
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:35:45 2025 by rpki-client