Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/gdQzieOsDk19MHxPUsWlQ5yL-6E.roa
File: gdQzieOsDk19MHxPUsWlQ5yL-6E.roa (raw, json)
Hash identifier: O4NLUsT+6P2pJIZ4vji37jHYnfU3emApXIC6cXFBisM=
Subject key identifier: 81:D4:33:89:E3:AC:0E:4D:7D:30:7C:4F:52:C5:A5:43:9C:8B:FB:A1
Certificate issuer: /CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Certificate serial: 019425FD5C890070953B9E1D5A58B939807A
Authority key identifier: DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/gdQzieOsDk19MHxPUsWlQ5yL-6E.roa
Signing time: Thu 02 Jan 2025 07:49:08 +0000
ROA not before: Thu 02 Jan 2025 07:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200040
IP address blocks: 2a14:10c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:5c:89:00:70:95:3b:9e:1d:5a:58:b9:39:80:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd046af5edc11964096dc20f6af1de55d9c9030
Validity
Not Before: Jan 2 07:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81d43389e3ac0e4d7d307c4f52c5a5439c8bfba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c6:b7:00:29:d6:e7:de:a5:9c:d7:22:11:88:
1f:00:6c:2a:d0:88:91:3e:bc:85:6e:92:41:41:6c:
ba:e1:c0:55:64:07:09:04:f2:36:cf:6b:b0:e0:0f:
a4:55:b9:df:04:ef:e9:03:c5:b5:d6:07:3f:6d:68:
b8:e5:18:8d:36:df:82:50:49:ac:ab:3a:a1:ca:b3:
45:46:04:69:9e:22:80:3b:60:95:37:20:90:56:1c:
79:f6:62:d4:cf:fa:22:24:76:b9:df:9b:3e:f4:ef:
3b:ca:36:8d:22:b3:90:d5:87:e3:6f:82:79:71:d9:
7c:71:92:d6:49:d5:ad:e2:31:a4:80:18:f4:36:2e:
bd:8e:51:dd:17:cf:dc:18:c6:c1:0a:9e:6d:be:d6:
d2:fb:03:29:8f:dd:04:f5:f2:bf:4b:b1:f8:73:50:
d2:82:00:67:ed:01:8d:ca:91:a9:c4:1a:14:ce:3e:
d5:e6:cb:b5:61:23:7c:76:20:ac:27:38:2b:c0:3f:
c6:bd:26:c4:53:17:a2:a1:aa:00:4f:7a:09:83:1b:
60:bf:f1:a1:86:20:cf:64:7e:be:6f:9f:d0:ae:59:
52:14:c9:d9:4b:ff:59:f1:1f:8b:f7:00:33:3f:70:
59:53:b2:16:be:95:a0:21:d5:a7:31:09:19:bd:97:
8d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D4:33:89:E3:AC:0E:4D:7D:30:7C:4F:52:C5:A5:43:9C:8B:FB:A1
X509v3 Authority Key Identifier:
keyid:DF:D0:46:AF:5E:DC:11:96:40:96:DC:20:F6:AF:1D:E5:5D:9C:90:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39BGr17cEZZAltwg9q8d5V2ckDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/gdQzieOsDk19MHxPUsWlQ5yL-6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/bfd0ff-845e-4e12-ac7c-588e0d923c15/1/39BGr17cEZZAltwg9q8d5V2ckDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
c5:95:bf:29:3e:3f:7f:35:0d:0d:15:b9:63:0c:dd:78:37:23:
39:4b:b9:83:ed:5e:2f:08:07:b6:c5:38:f2:7c:c0:52:d8:cf:
93:23:9c:ba:47:a9:7c:3e:7d:3a:47:d3:8d:42:d9:65:94:8a:
51:6b:74:c6:e0:77:68:17:cf:7d:ed:3c:47:a0:3d:e7:36:93:
b2:d2:fc:70:34:ef:87:f1:4e:87:a4:e3:05:14:12:55:16:90:
55:0d:4a:0f:5d:43:ec:42:85:39:ff:1c:da:3c:ff:5f:7b:35:
ec:fd:d9:33:0d:0e:9c:75:ee:2b:5a:9c:21:18:7d:60:8f:1e:
2c:12:3c:4e:26:bf:bf:c5:dc:32:2d:40:dc:9c:8f:b5:95:ea:
d6:4c:d2:9c:86:0b:19:9c:4b:70:06:ff:fb:d6:e4:75:d6:2c:
f5:4a:40:6e:59:56:cd:d8:2b:ab:1a:4f:41:b5:23:af:5f:69:
4e:98:fe:d5:6b:94:b4:10:b9:b0:c9:29:7d:f8:ef:58:b7:13:
a8:33:92:a7:66:71:5b:a8:0c:61:b6:b6:2f:52:70:7c:ef:ec:
3c:49:31:43:40:3e:58:38:c3:4a:7b:85:00:6e:c1:55:bb:80:
f8:4a:e9:94:41:ef:36:d6:cd:d7:1d:ff:59:c4:8c:68:b8:b7:
8e:81:ff:74
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/VyJAHCVO54dWli5OYB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDA0NmFmNWVkYzExOTY0MDk2ZGMyMGY2YWYxZGU1NWQ5
YzkwMzAwHhcNMjUwMTAyMDc0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQ0MzM4OWUzYWMwZTRkN2QzMDdjNGY1MmM1YTU0MzljOGJmYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqca3ACnW596lnNciEYgfAGwq0IiR
PryFbpJBQWy64cBVZAcJBPI2z2uw4A+kVbnfBO/pA8W11gc/bWi45RiNNt+CUEms
qzqhyrNFRgRpniKAO2CVNyCQVhx59mLUz/oiJHa535s+9O87yjaNIrOQ1Yfjb4J5
cdl8cZLWSdWt4jGkgBj0Ni69jlHdF8/cGMbBCp5tvtbS+wMpj90E9fK/S7H4c1DS
ggBn7QGNypGpxBoUzj7V5su1YSN8diCsJzgrwD/GvSbEUxeioaoAT3oJgxtgv/Gh
hiDPZH6+b5/QrllSFMnZS/9Z8R+L9wAzP3BZU7IWvpWgIdWnMQkZvZeN5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIHUM4njrA5NfTB8T1LFpUOci/uhMB8GA1UdIwQY
MBaAFN/QRq9e3BGWQJbcIPavHeVdnJAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2Mt
NTg4ZTBkOTIzYzE1LzEvZ2RRemllT3NEazE5TUh4UFVzV2xRNXlMLTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iZmQwZmYtODQ1ZS00ZTEyLWFjN2MtNTg4ZTBkOTIzYzE1
LzEvMzlCR3IxN2NFWlpBbHR3ZzlxOGQ1VjJja0RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAxZW/KT4/fzUNDRW5YwzdeDcjOUu5g+1eLwgHtsU4
8nzAUtjPkyOcukepfD59OkfTjULZZZSKUWt0xuB3aBfPfe08R6A95zaTstL8cDTv
h/FOh6TjBRQSVRaQVQ1KD11D7EKFOf8c2jz/X3s17P3ZMw0OnHXuK1qcIRh9YI8e
LBI8Tia/v8XcMi1A3JyPtZXq1kzSnIYLGZxLcAb/+9bkddYs9UpAbllWzdgrqxpP
QbUjr19pTpj+1WuUtBC5sMkpffjvWLcTqDOSp2ZxW6gMYba2L1JwfO/sPEkxQ0A+
WDjDSnuFAG7BVbuA+ErplEHvNtbN1x3/WcSMaLi3joH/dA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 15:22:22 2025 by rpki-client