Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/2cab1a-df66-4187-b182-703cab4d0598/1/dUqyD5dBwTvJ_qoTBxGI93eGedY.roa
File: dUqyD5dBwTvJ_qoTBxGI93eGedY.roa (raw, json)
Hash identifier: u/v6Ya7ReNYFR+FOK7OzZoy9GOIB91+hBxT7UAGsW1U=
Subject key identifier: 75:4A:B2:0F:97:41:C1:3B:C9:FE:AA:13:07:11:88:F7:77:86:79:D6
Certificate issuer: /CN=6894e1b8da80cac2ad1a2f3f09bf9db5a12486a4
Certificate serial: 019421B1BD83033CEA8902A9E95F28A75867
Authority key identifier: 68:94:E1:B8:DA:80:CA:C2:AD:1A:2F:3F:09:BF:9D:B5:A1:24:86:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJThuNqAysKtGi8_Cb-dtaEkhqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/2cab1a-df66-4187-b182-703cab4d0598/1/dUqyD5dBwTvJ_qoTBxGI93eGedY.roa
Signing time: Wed 01 Jan 2025 11:48:04 +0000
ROA not before: Wed 01 Jan 2025 11:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51405
IP address blocks: 46.29.176.0/21 maxlen: 24
2a02:2290::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:bd:83:03:3c:ea:89:02:a9:e9:5f:28:a7:58:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6894e1b8da80cac2ad1a2f3f09bf9db5a12486a4
Validity
Not Before: Jan 1 11:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=754ab20f9741c13bc9feaa13071188f7778679d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9e:14:12:03:82:3c:dc:0c:68:5b:f5:2b:89:
59:30:63:f6:4f:46:d1:a3:26:4b:9f:90:38:db:fc:
8b:3a:9c:59:48:5b:c1:54:58:5b:00:0e:27:38:8e:
79:9c:9c:96:9b:2e:d6:04:ac:25:ec:c4:fd:95:43:
1b:0e:5b:6c:bc:dd:b5:ff:b7:a0:38:48:2a:c1:80:
ee:90:83:39:78:5e:96:89:14:51:29:ef:f6:9b:a6:
01:1e:9a:38:f9:d2:b6:7a:e0:e7:64:2c:8d:99:63:
fb:ad:c4:d2:ff:fc:df:e0:93:b6:14:f7:fa:2f:80:
fd:64:00:c3:d7:35:2f:04:d9:f1:dc:16:46:45:95:
9d:7e:9f:c8:a1:f7:05:af:f8:d3:6d:eb:ec:7e:b0:
60:86:60:9e:7f:08:db:99:1f:19:44:ec:07:cc:e5:
94:c9:1a:d8:ac:31:db:9e:f7:5e:bd:68:e2:1d:63:
f3:7f:19:c3:b8:21:c4:a9:6a:c2:1e:e4:41:d2:94:
9a:d9:64:46:c2:b4:2c:21:a6:d7:b0:e5:bf:13:66:
b7:73:47:f2:e5:bc:20:da:22:a3:d8:a8:d9:e6:c6:
b7:06:94:0d:3e:66:e7:20:a4:af:2a:14:39:0d:71:
08:20:21:30:00:b2:53:44:c2:78:fe:5e:b5:49:0a:
1a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4A:B2:0F:97:41:C1:3B:C9:FE:AA:13:07:11:88:F7:77:86:79:D6
X509v3 Authority Key Identifier:
keyid:68:94:E1:B8:DA:80:CA:C2:AD:1A:2F:3F:09:BF:9D:B5:A1:24:86:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJThuNqAysKtGi8_Cb-dtaEkhqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2cab1a-df66-4187-b182-703cab4d0598/1/dUqyD5dBwTvJ_qoTBxGI93eGedY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/2cab1a-df66-4187-b182-703cab4d0598/1/aJThuNqAysKtGi8_Cb-dtaEkhqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.176.0/21
IPv6:
2a02:2290::/29
Signature Algorithm: sha256WithRSAEncryption
10:1a:89:d6:f8:6e:31:90:f2:23:ec:4c:ec:1b:22:66:65:26:
0a:d9:0a:97:3e:78:59:ef:e3:33:c5:96:e2:45:c2:08:a1:73:
38:c0:04:cb:f4:40:19:ee:90:f7:07:5e:47:cf:57:a8:16:5a:
ca:b4:d1:3b:92:fd:60:65:64:f8:a9:d4:d2:42:ef:1b:42:be:
77:7a:67:2e:f6:ed:cb:66:99:23:4e:93:43:36:36:a2:a9:8b:
d5:23:76:ec:a8:6c:75:6b:80:0a:97:da:e6:7d:95:9d:ac:92:
38:13:dc:7a:35:7d:e1:95:8d:ad:9c:9a:65:60:55:b5:e2:33:
8d:a0:b5:38:28:16:da:b6:7b:fc:52:6a:ff:f5:ad:7b:00:0c:
65:0a:e3:e9:1d:99:2e:83:ac:2e:78:3f:06:8c:24:1f:8c:f3:
6d:bc:0e:fc:74:f9:0d:51:09:af:77:a6:fc:99:f3:02:77:08:
79:29:79:b5:e8:d3:18:7a:f9:12:30:3b:24:33:fd:b7:b3:f9:
be:10:54:db:0a:9d:17:c1:7e:b9:f4:f3:ec:7d:22:56:be:13:
b0:f6:0c:6a:d9:e0:75:67:d2:b2:4a:6c:95:8d:5c:13:b4:bd:
ed:88:53:2d:11:56:af:60:35:6d:df:18:e8:b4:d4:05:c7:37:
9f:56:42:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsb2DAzzqiQKp6V8op1hnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4OTRlMWI4ZGE4MGNhYzJhZDFhMmYzZjA5YmY5ZGI1YTEy
NDg2YTQwHhcNMjUwMTAxMTE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRhYjIwZjk3NDFjMTNiYzlmZWFhMTMwNzExODhmNzc3ODY3OWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq54UEgOCPNwMaFv1K4lZMGP2T0bR
oyZLn5A42/yLOpxZSFvBVFhbAA4nOI55nJyWmy7WBKwl7MT9lUMbDltsvN21/7eg
OEgqwYDukIM5eF6WiRRRKe/2m6YBHpo4+dK2euDnZCyNmWP7rcTS//zf4JO2FPf6
L4D9ZADD1zUvBNnx3BZGRZWdfp/IofcFr/jTbevsfrBghmCefwjbmR8ZROwHzOWU
yRrYrDHbnvdevWjiHWPzfxnDuCHEqWrCHuRB0pSa2WRGwrQsIabXsOW/E2a3c0fy
5bwg2iKj2KjZ5sa3BpQNPmbnIKSvKhQ5DXEIICEwALJTRMJ4/l61SQoaWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHVKsg+XQcE7yf6qEwcRiPd3hnnWMB8GA1UdIwQY
MBaAFGiU4bjagMrCrRovPwm/nbWhJIakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUpUaHVOcUF5c0t0R2k4X0NiLWR0YUVraHFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8yY2FiMWEtZGY2Ni00MTg3LWIxODIt
NzAzY2FiNGQwNTk4LzEvZFVxeUQ1ZEJ3VHZKX3FvVEJ4R0k5M2VHZWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8yY2FiMWEtZGY2Ni00MTg3LWIxODItNzAzY2FiNGQwNTk4
LzEvYUpUaHVOcUF5c0t0R2k4X0NiLWR0YUVraHFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLh2wMA0E
AgACMAcDBQMqAiKQMA0GCSqGSIb3DQEBCwUAA4IBAQAQGonW+G4xkPIj7EzsGyJm
ZSYK2QqXPnhZ7+MzxZbiRcIIoXM4wATL9EAZ7pD3B15Hz1eoFlrKtNE7kv1gZWT4
qdTSQu8bQr53emcu9u3LZpkjTpNDNjaiqYvVI3bsqGx1a4AKl9rmfZWdrJI4E9x6
NX3hlY2tnJplYFW14jONoLU4KBbatnv8Umr/9a17AAxlCuPpHZkug6wueD8GjCQf
jPNtvA78dPkNUQmvd6b8mfMCdwh5KXm16NMYevkSMDskM/23s/m+EFTbCp0XwX65
9PPsfSJWvhOw9gxq2eB1Z9KySmyVjVwTtL3tiFMtEVavYDVt3xjotNQFxzefVkKL
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:40:18 2025 by rpki-client