Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/DDotDGxvVqfHzQUKIdqNZjL6I0Q.roa
File: DDotDGxvVqfHzQUKIdqNZjL6I0Q.roa (raw, json)
Hash identifier: sMg43UN/gdg+NoR/7BTQI+4KqXRII5o94BppxKuF23U=
Subject key identifier: 0C:3A:2D:0C:6C:6F:56:A7:C7:CD:05:0A:21:DA:8D:66:32:FA:23:44
Certificate issuer: /CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Certificate serial: 019421437D3B1C37494D40C9366EE4AA5760
Authority key identifier: A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/DDotDGxvVqfHzQUKIdqNZjL6I0Q.roa
Signing time: Wed 01 Jan 2025 09:47:38 +0000
ROA not before: Wed 01 Jan 2025 09:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30893
IP address blocks: 2a01:298:f001::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:7d:3b:1c:37:49:4d:40:c9:36:6e:e4:aa:57:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4767bc5fbcbcefb1c1c747bb0eb5337dab691c0
Validity
Not Before: Jan 1 09:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c3a2d0c6c6f56a7c7cd050a21da8d6632fa2344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9b:54:bd:06:30:1f:0b:2b:57:47:29:b7:98:
79:a4:5e:ca:9a:7d:ac:bc:67:0b:92:48:8f:03:20:
06:be:5a:22:85:7f:a0:cf:db:03:c4:67:6a:4b:06:
c4:ed:a7:f5:fc:64:bf:61:2f:87:ea:ef:ef:02:7e:
56:27:82:15:cc:04:79:fc:71:f8:a1:57:06:98:20:
76:61:4a:a3:21:dd:ab:14:be:16:7e:ae:d1:1a:49:
79:16:32:d1:5d:32:39:e2:ab:02:de:67:e6:2d:53:
62:4a:fe:58:93:88:5d:8f:98:f1:2d:f9:ad:f0:f9:
fc:44:08:0c:21:fc:66:aa:4a:a6:36:18:44:09:ce:
f3:6e:e6:a8:51:7b:62:0a:cb:f7:71:3b:f3:9a:47:
33:d9:3f:94:78:3b:61:d7:85:7e:c0:7d:ae:14:ff:
f1:cd:ac:60:f5:f6:e3:86:1d:d3:cc:54:7a:0b:aa:
62:38:4e:cf:83:1d:7f:bd:7f:2e:8d:c2:0b:1c:0e:
91:50:89:5e:2d:48:62:d4:90:2d:28:15:d2:43:f2:
c2:dd:ff:bf:d5:56:6d:d2:60:81:e7:4f:df:e7:95:
d8:23:9b:ac:c2:8c:77:57:60:46:11:b9:95:bb:5c:
bf:37:6a:9e:9d:04:b8:1d:cc:8a:16:98:67:b1:fe:
31:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3A:2D:0C:6C:6F:56:A7:C7:CD:05:0A:21:DA:8D:66:32:FA:23:44
X509v3 Authority Key Identifier:
keyid:A4:76:7B:C5:FB:CB:CE:FB:1C:1C:74:7B:B0:EB:53:37:DA:B6:91:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pHZ7xfvLzvscHHR7sOtTN9q2kcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/DDotDGxvVqfHzQUKIdqNZjL6I0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/8065d5-04d0-43e5-a2f4-041a48d2123f/1/pHZ7xfvLzvscHHR7sOtTN9q2kcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:298:f001::/48
Signature Algorithm: sha256WithRSAEncryption
0f:f4:87:7c:32:4a:0e:e5:3a:3e:7c:b4:0d:de:ab:46:2d:1e:
b5:db:ac:dd:05:cb:41:b7:15:d0:b8:00:d3:40:21:a4:82:86:
c7:31:2a:e0:ef:cb:d1:14:bc:b1:92:1b:a2:51:a0:48:90:48:
fa:72:ad:f5:d1:36:9e:52:7d:b1:88:83:1d:79:26:60:83:f6:
21:96:8a:23:d9:ee:c3:18:ab:ff:63:8e:80:d7:7c:40:5d:3a:
86:95:55:39:df:3b:f2:d3:94:86:50:63:6e:f7:05:20:6b:fb:
0b:99:ef:bc:77:37:8d:3c:1f:93:89:96:4c:bd:8f:dd:10:5c:
ab:0c:91:99:b7:a8:bb:d6:76:9f:fd:07:46:88:5d:92:8a:01:
65:fb:49:37:28:c9:2b:b3:0d:9d:9e:ce:d2:af:be:9b:0e:bd:
6d:25:74:9f:30:0f:53:1a:75:7b:37:26:47:62:f1:e9:a6:6d:
14:2c:e3:f9:1b:e0:63:dd:4f:0d:3c:64:a7:75:86:11:01:af:
af:25:1f:df:98:49:1e:b5:b6:0b:0c:3c:59:80:77:71:71:63:
c0:a3:62:fb:1d:e5:09:6a:c5:41:71:c7:6c:39:49:22:84:fe:
ea:e5:51:b1:f6:9f:b4:1e:54:5e:d4:82:06:52:64:d4:9a:3e:
51:f2:be:cd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ307HDdJTUDJNm7kqldgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NzY3YmM1ZmJjYmNlZmIxYzFjNzQ3YmIwZWI1MzM3ZGFi
NjkxYzAwHhcNMjUwMTAxMDk0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNhMmQwYzZjNmY1NmE3YzdjZDA1MGEyMWRhOGQ2NjMyZmEyMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJtUvQYwHwsrV0cpt5h5pF7Kmn2s
vGcLkkiPAyAGvloihX+gz9sDxGdqSwbE7af1/GS/YS+H6u/vAn5WJ4IVzAR5/HH4
oVcGmCB2YUqjId2rFL4Wfq7RGkl5FjLRXTI54qsC3mfmLVNiSv5Yk4hdj5jxLfmt
8Pn8RAgMIfxmqkqmNhhECc7zbuaoUXtiCsv3cTvzmkcz2T+UeDth14V+wH2uFP/x
zaxg9fbjhh3TzFR6C6piOE7Pgx1/vX8ujcILHA6RUIleLUhi1JAtKBXSQ/LC3f+/
1VZt0mCB50/f55XYI5uswox3V2BGEbmVu1y/N2qenQS4HcyKFphnsf4xnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAw6LQxsb1anx80FCiHajWYy+iNEMB8GA1UdIwQY
MBaAFKR2e8X7y877HBx0e7DrUzfatpHAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQt
MDQxYTQ4ZDIxMjNmLzEvRERvdERHeHZWcWZIelFVS0lkcU5aakw2STBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS84MDY1ZDUtMDRkMC00M2U1LWEyZjQtMDQxYTQ4ZDIxMjNm
LzEvcEhaN3hmdkx6dnNjSEhSN3NPdFROOXEya2NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgECmPAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAP9Id8MkoO5To+fLQN3qtGLR6126zdBctBtxXQ
uADTQCGkgobHMSrg78vRFLyxkhuiUaBIkEj6cq310TaeUn2xiIMdeSZgg/Yhlooj
2e7DGKv/Y46A13xAXTqGlVU53zvy05SGUGNu9wUga/sLme+8dzeNPB+TiZZMvY/d
EFyrDJGZt6i71naf/QdGiF2SigFl+0k3KMkrsw2dns7Sr76bDr1tJXSfMA9TGnV7
NyZHYvHppm0ULOP5G+Bj3U8NPGSndYYRAa+vJR/fmEketbYLDDxZgHdxcWPAo2L7
HeUJasVBccdsOUkihP7q5VGx9p+0HlRe1IIGUmTUmj5R8r7N
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:06:27 2025 by rpki-client