Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/DzfEbFPfYy4xpas3bsxIDlFZktA.roa
File: DzfEbFPfYy4xpas3bsxIDlFZktA.roa (raw, json)
Hash identifier: THhbtWRVoUEwxJC8CZKbYrVSasGjOcgtKoQ/LVP3UKA=
Subject key identifier: 0F:37:C4:6C:53:DF:63:2E:31:A5:AB:37:6E:CC:48:0E:51:59:92:D0
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 01942068549C84C7E1075C8949EA7038BE70
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/DzfEbFPfYy4xpas3bsxIDlFZktA.roa
Signing time: Wed 01 Jan 2025 05:48:15 +0000
ROA not before: Wed 01 Jan 2025 05:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26769
IP address blocks: 2001:4de0:2001::/48 maxlen: 48
2001:4de0:2003::/48 maxlen: 48
2001:4de0:2106::/48 maxlen: 48
2001:4de0:2107::/48 maxlen: 48
2001:4de0:2201::/48 maxlen: 48
2001:4de0:2203::/48 maxlen: 48
2001:4de0:2204::/48 maxlen: 48
2001:4de0:2205::/48 maxlen: 48
2001:4de0:3005::/48 maxlen: 48
2001:4de0:3103::/48 maxlen: 48
2001:4de0:3104::/48 maxlen: 48
2001:4de0:3106::/48 maxlen: 48
2001:4de0:4001:1::/64 maxlen: 64
2001:4de0:4001:5::/64 maxlen: 64
2001:4de0:4003::/48 maxlen: 48
2001:4de0:4004::/48 maxlen: 48
2001:4de0:4008::/48 maxlen: 48
2001:4de0:4103::/48 maxlen: 48
2001:4de0:4105::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:54:9c:84:c7:e1:07:5c:89:49:ea:70:38:be:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 05:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f37c46c53df632e31a5ab376ecc480e515992d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:82:e2:69:b9:43:74:71:ad:70:3c:aa:5a:7d:
4b:74:50:b0:f7:f8:47:cd:eb:14:54:35:b9:ba:96:
fd:de:3a:6b:e7:47:21:c3:18:00:97:77:0e:95:0e:
10:7e:a9:a7:dd:c8:83:79:09:f7:78:f7:32:02:ca:
d5:b3:db:de:d0:1b:db:b0:49:4c:a3:97:f6:8e:31:
de:68:78:32:5b:c0:ff:b3:71:a3:7e:69:dd:18:b3:
d9:78:a3:b6:ca:bf:a5:92:08:a1:12:d3:97:18:ce:
4d:e3:5b:9b:e7:bf:0b:f5:8d:7d:f3:e0:95:e3:3d:
66:e8:b9:95:a3:e3:71:41:d4:be:8e:17:9c:c7:73:
ce:2c:ba:64:3d:e2:1c:d7:e6:c0:72:bd:77:cf:b1:
e4:4b:eb:70:11:52:7f:14:05:c0:6d:1d:3c:30:47:
74:fe:bd:40:2d:87:30:95:21:9f:b0:6a:8c:6b:1f:
3a:ca:e7:f5:d1:2b:d4:c3:39:48:87:9e:a9:51:4c:
e6:41:06:f0:3a:92:6e:61:a8:87:e6:70:78:43:8a:
80:c8:1f:f7:f2:45:91:99:d0:74:ef:03:ec:f6:78:
6a:56:e2:10:b6:d1:a1:df:c8:fb:3e:00:f1:c8:af:
49:b6:0b:e6:63:f2:16:02:4f:dd:b9:fb:6a:17:7f:
d6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:37:C4:6C:53:DF:63:2E:31:A5:AB:37:6E:CC:48:0E:51:59:92:D0
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/DzfEbFPfYy4xpas3bsxIDlFZktA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:4de0:2001::/48
2001:4de0:2003::/48
2001:4de0:2106::/47
2001:4de0:2201::/48
2001:4de0:2203::-2001:4de0:2205:ffff:ffff:ffff:ffff:ffff
2001:4de0:3005::/48
2001:4de0:3103::-2001:4de0:3104:ffff:ffff:ffff:ffff:ffff
2001:4de0:3106::/48
2001:4de0:4001:1::/64
2001:4de0:4001:5::/64
2001:4de0:4003::-2001:4de0:4004:ffff:ffff:ffff:ffff:ffff
2001:4de0:4008::/48
2001:4de0:4103::/48
2001:4de0:4105::/48
Signature Algorithm: sha256WithRSAEncryption
1e:47:49:2f:d2:10:62:95:b5:b9:98:f3:c5:0b:71:76:c9:c4:
e5:f3:b7:ff:0a:8a:4b:bb:c3:fa:1e:c5:09:d5:d7:56:69:d3:
4c:ed:e2:7c:77:37:24:1a:e9:b4:83:64:58:76:b3:59:9a:ab:
00:5f:04:5a:ef:ef:79:71:16:9f:80:73:23:87:21:aa:7d:5c:
19:77:3a:28:82:e7:51:f8:bb:d3:60:27:2f:f5:e7:64:33:df:
7a:fe:27:8e:9e:1e:a3:ff:6f:04:8d:73:e0:11:b2:6e:42:ce:
d4:98:34:cd:15:81:bd:a2:3e:64:de:3d:21:79:26:16:19:98:
e4:e3:5a:78:9c:02:2f:81:7a:7b:3e:76:12:9f:25:e7:e0:83:
8e:cf:f6:27:35:84:07:3f:72:0a:23:76:82:ea:9b:ba:8b:40:
cd:66:1e:24:d1:f3:ac:7a:39:44:28:46:26:ee:f1:66:1a:91:
07:e7:73:99:4b:c7:90:fa:82:72:bd:9d:ea:cf:73:01:d3:5e:
e3:07:67:0d:b7:0d:83:cf:47:b7:aa:f6:3d:27:85:e8:05:af:
db:91:57:3c:58:ef:e8:35:de:4b:b8:1c:2d:37:17:ea:90:ed:
c8:87:2d:29:df:e1:4c:fe:74:ae:d0:e2:fb:92:16:80:ec:06:
7e:d2:04:9e
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAZQgaFSchMfhB1yJSepwOL5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjUwMTAxMDU0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjM3YzQ2YzUzZGY2MzJlMzFhNWFiMzc2ZWNjNDgwZTUxNTk5MmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqILiablDdHGtcDyqWn1LdFCw9/hH
zesUVDW5upb93jpr50chwxgAl3cOlQ4Qfqmn3ciDeQn3ePcyAsrVs9ve0BvbsElM
o5f2jjHeaHgyW8D/s3GjfmndGLPZeKO2yr+lkgihEtOXGM5N41ub578L9Y198+CV
4z1m6LmVo+NxQdS+jhecx3POLLpkPeIc1+bAcr13z7HkS+twEVJ/FAXAbR08MEd0
/r1ALYcwlSGfsGqMax86yuf10SvUwzlIh56pUUzmQQbwOpJuYaiH5nB4Q4qAyB/3
8kWRmdB07wPs9nhqVuIQttGh38j7PgDxyK9JtgvmY/IWAk/duftqF3/W2QIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFA83xGxT32MuMaWrN27MSA5RWZLQMB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvRHpmRWJGUGZZeTR4cGFzM2JzeElEbEZaa3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBqgQCAAIwgaMDBwAg
AU3gIAEDBwAgAU3gIAMDBwEgAU3gIQYDBwAgAU3gIgEwEgMHACABTeAiAwMHASAB
TeAiBAMHACABTeAwBTASAwcAIAFN4DEDAwcAIAFN4DEEAwcAIAFN4DEGAwkAIAFN
4EABAAEDCQAgAU3gQAEABTASAwcAIAFN4EADAwcAIAFN4EAEAwcAIAFN4EAIAwcA
IAFN4EEDAwcAIAFN4EEFMA0GCSqGSIb3DQEBCwUAA4IBAQAeR0kv0hBilbW5mPPF
C3F2ycTl87f/CopLu8P6HsUJ1ddWadNM7eJ8dzckGum0g2RYdrNZmqsAXwRa7+95
cRafgHMjhyGqfVwZdzoogudR+LvTYCcv9edkM996/ieOnh6j/28EjXPgEbJuQs7U
mDTNFYG9oj5k3j0heSYWGZjk41p4nAIvgXp7PnYSnyXn4IOOz/YnNYQHP3IKI3aC
6pu6i0DNZh4k0fOsejlEKEYm7vFmGpEH53OZS8eQ+oJyvZ3qz3MB017jB2cNtw2D
z0e3qvY9J4XoBa/bkVc8WO/oNd5LuBwtNxfqkO3Ihy0p3+FM/nSu0OL7khaA7AZ+
0gSe
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:03:07 2025 by rpki-client