Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/dNgsJxplyBIdN0aFghsbI0uLoiA.roa
File: dNgsJxplyBIdN0aFghsbI0uLoiA.roa (raw, json)
Hash identifier: CotLpiY9ZJ1LzZdIjbzRKpHMH68ToWHXGhtpPv2E3iM=
Subject key identifier: 74:D8:2C:27:1A:65:C8:12:1D:37:46:85:82:1B:1B:23:4B:8B:A2:20
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 01942747AA2431CBFFF7854389F1C7745FAE
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/dNgsJxplyBIdN0aFghsbI0uLoiA.roa
Signing time: Thu 02 Jan 2025 13:49:55 +0000
ROA not before: Thu 02 Jan 2025 13:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22781
IP address blocks: 2a03:efc0:4500::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:aa:24:31:cb:ff:f7:85:43:89:f1:c7:74:5f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jan 2 13:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74d82c271a65c8121d374685821b1b234b8ba220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ff:f7:27:50:40:f4:c4:9b:c5:32:70:17:02:
ad:14:5c:bd:bd:64:57:77:25:a3:75:a9:1f:ba:39:
ab:28:17:1b:9c:30:fe:af:b1:04:77:cd:f5:26:53:
22:13:fd:15:ee:42:e7:34:e7:ca:e9:7e:33:28:23:
cd:2d:23:bc:85:c6:f9:21:10:29:bb:28:69:3d:b8:
a6:6b:d1:3f:3a:00:b8:18:4e:34:1c:ed:e8:5b:1e:
c0:d2:29:62:74:f2:3e:31:b1:cf:35:a9:f0:6d:4f:
e5:60:13:74:b6:a3:51:27:c2:fa:e3:ec:37:63:72:
17:86:25:87:e7:55:6e:0a:92:81:4b:f2:d2:f2:fd:
a3:1b:ce:e5:45:df:b1:61:b9:64:a8:4d:a2:6a:74:
b9:b7:53:4b:f8:ca:3d:da:1f:c2:c4:31:60:6b:0c:
80:39:d6:46:04:83:6f:e2:da:21:24:8f:d7:44:e3:
d0:44:77:dc:6c:b7:64:3c:ba:f9:7d:3b:ad:eb:b9:
37:b2:ca:77:e8:8a:44:51:cd:73:28:b1:08:1d:48:
59:12:69:77:46:87:37:f5:59:10:c3:76:13:f9:eb:
e0:8f:33:17:d8:d0:a5:ae:79:f4:cb:2c:44:d9:6c:
28:84:cc:e9:0b:b2:03:51:b0:51:2e:2b:21:1e:00:
99:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:D8:2C:27:1A:65:C8:12:1D:37:46:85:82:1B:1B:23:4B:8B:A2:20
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/dNgsJxplyBIdN0aFghsbI0uLoiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:4500::/40
Signature Algorithm: sha256WithRSAEncryption
c4:a5:67:9f:cb:36:c8:1f:c4:a2:c0:cc:f0:91:bc:fc:7f:c9:
8a:70:5d:3a:b6:52:e1:bb:66:b4:4a:64:dc:40:6f:f7:a8:f9:
70:6c:68:39:40:dd:02:e9:91:0e:02:55:60:75:8a:b2:79:7d:
84:46:1b:35:d3:9e:94:8d:8f:cf:5f:b9:cb:69:c9:e5:b4:48:
93:c6:76:d4:18:2d:7c:4c:39:f0:ff:64:d1:ab:d1:68:6a:c2:
b6:09:2f:23:5c:c8:c0:1a:dc:b3:9b:83:74:5f:61:1d:1f:c5:
65:93:4e:74:5e:3b:d1:48:e7:e9:76:cc:b2:a1:f2:1d:69:26:
11:54:ea:30:e2:e7:02:b7:ac:8d:70:06:14:86:03:4d:84:74:
9c:d3:8a:f9:d6:90:c9:3a:13:c6:e3:91:c7:74:8d:1a:2c:22:
1b:7a:42:5e:ee:bf:8b:61:f3:a0:37:b1:4d:7a:f2:ae:73:b7:
26:fd:b6:ae:0c:09:a3:d0:5c:31:53:64:a6:d1:6f:52:d1:a3:
87:8e:27:18:1d:aa:da:dc:22:4e:b2:d7:8d:ea:90:eb:5a:b2:
57:b8:de:6a:9a:c0:43:66:a2:c6:73:fa:d8:96:cc:2a:d6:b5:
77:21:0a:81:ad:fa:4f:95:9a:e2:81:bd:91:d1:2c:f1:6a:ab:
58:48:7b:2a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQnR6okMcv/94VDifHHdF+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjUwMTAyMTM0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGQ4MmMyNzFhNjVjODEyMWQzNzQ2ODU4MjFiMWIyMzRiOGJhMjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv/3J1BA9MSbxTJwFwKtFFy9vWRX
dyWjdakfujmrKBcbnDD+r7EEd831JlMiE/0V7kLnNOfK6X4zKCPNLSO8hcb5IRAp
uyhpPbima9E/OgC4GE40HO3oWx7A0ilidPI+MbHPNanwbU/lYBN0tqNRJ8L64+w3
Y3IXhiWH51VuCpKBS/LS8v2jG87lRd+xYblkqE2ianS5t1NL+Mo92h/CxDFgawyA
OdZGBINv4tohJI/XROPQRHfcbLdkPLr5fTut67k3ssp36IpEUc1zKLEIHUhZEml3
Roc39VkQw3YT+evgjzMX2NClrnn0yyxE2WwohMzpC7IDUbBRLishHgCZ8QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHTYLCcaZcgSHTdGhYIbGyNLi6IgMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvZE5nc0p4cGx5QklkTjBhRmdoc2JJMHVMb2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgPvwEUw
DQYJKoZIhvcNAQELBQADggEBAMSlZ5/LNsgfxKLAzPCRvPx/yYpwXTq2UuG7ZrRK
ZNxAb/eo+XBsaDlA3QLpkQ4CVWB1irJ5fYRGGzXTnpSNj89fuctpyeW0SJPGdtQY
LXxMOfD/ZNGr0WhqwrYJLyNcyMAa3LObg3RfYR0fxWWTTnReO9FI5+l2zLKh8h1p
JhFU6jDi5wK3rI1wBhSGA02EdJzTivnWkMk6E8bjkcd0jRosIht6Ql7uv4th86A3
sU168q5ztyb9tq4MCaPQXDFTZKbRb1LRo4eOJxgdqtrcIk6y143qkOtasle43mqa
wENmosZz+tiWzCrWtXchCoGt+k+VmuKBvZHRLPFqq1hIeyo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:08:31 2025 by rpki-client