Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/i0TxbNyv7RcQTWpf-03pv78MBxU.roa
File: i0TxbNyv7RcQTWpf-03pv78MBxU.roa (raw, json)
Hash identifier: b+kgxXybqQGolTgGagxX4JFLSq77EVC9Y4YMDRGOzG0=
Subject key identifier: 8B:44:F1:6C:DC:AF:ED:17:10:4D:6A:5F:FB:4D:E9:BF:BF:0C:07:15
Certificate issuer: /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial: 0194FF9109240F02740DEA34D652FB8AB018
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/i0TxbNyv7RcQTWpf-03pv78MBxU.roa
Signing time: Thu 13 Feb 2025 13:48:02 +0000
ROA not before: Thu 13 Feb 2025 13:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60751
IP address blocks: 2a04:2e00::/32 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ff:91:09:24:0f:02:74:0d:ea:34:d6:52:fb:8a:b0:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Validity
Not Before: Feb 13 13:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b44f16cdcafed17104d6a5ffb4de9bfbf0c0715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cd:9b:7f:e5:bb:2a:01:21:5a:bf:f9:c3:78:
21:c8:8c:18:4d:02:21:76:6e:43:08:3f:a3:9a:bc:
8e:94:47:10:9f:6c:0c:10:ad:22:01:03:2b:2d:fc:
ad:0a:82:a6:57:ef:9c:01:b1:f6:ac:e1:33:30:7c:
d4:98:50:89:13:83:85:92:d4:18:56:2c:08:e9:17:
5a:97:42:12:5d:41:ed:d9:f5:ec:03:0d:bb:2f:80:
11:dc:05:85:11:d5:30:4d:f7:fa:9e:f8:bd:bb:ea:
69:6f:2f:96:a9:40:f1:ee:1b:7c:0c:75:d5:fd:22:
7d:70:c2:68:97:6e:8d:d2:85:db:dd:9f:18:83:8b:
6a:ed:63:bd:83:a8:77:86:ed:4b:b8:75:7a:3a:55:
bc:6c:4e:03:e2:ed:75:82:ff:f5:bc:e8:6f:a9:2d:
4a:fe:5a:b6:75:ae:0d:2d:11:f2:67:12:d3:fa:f7:
6a:45:0a:ef:a7:2b:a3:75:41:e1:6e:b8:21:2d:85:
ba:a2:51:89:0e:a8:29:83:ab:59:e2:24:2a:aa:d4:
ab:2b:c5:df:e3:30:8d:8e:15:a6:e0:5e:38:38:a9:
5e:18:61:12:77:07:b9:7b:c3:e2:04:30:78:05:60:
8a:85:67:e1:6f:82:4a:e2:a5:46:9b:84:82:71:9c:
65:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:44:F1:6C:DC:AF:ED:17:10:4D:6A:5F:FB:4D:E9:BF:BF:0C:07:15
X509v3 Authority Key Identifier:
keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/i0TxbNyv7RcQTWpf-03pv78MBxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2e00::/32
Signature Algorithm: sha256WithRSAEncryption
6e:b4:e3:37:bf:cb:8a:09:0e:a2:b6:9d:7a:49:b5:b7:c9:f9:
7e:90:7a:57:e1:b5:09:cf:6f:a6:a1:dc:f4:40:a8:04:6a:9d:
ea:2b:b7:64:c1:fc:a0:ca:91:07:08:ba:0e:01:39:73:8f:a6:
89:70:c9:ce:f9:e4:f4:1c:63:c1:bb:0a:55:1a:de:a5:58:cd:
ab:d7:38:2b:0f:ea:68:cf:5b:58:f8:13:1a:8f:dd:07:76:bd:
70:ea:97:f7:03:fa:6d:96:61:c4:20:69:f6:d4:21:fa:0e:2b:
8d:4f:75:79:b2:ef:00:42:eb:d6:d8:d7:25:0a:f0:99:13:87:
ff:04:e2:87:44:2c:bf:6b:69:69:06:94:1d:e0:fe:e9:d7:b0:
bd:d6:cb:f9:76:50:5e:54:1a:79:83:a9:0e:fa:3e:e4:0e:e4:
66:6d:4f:66:f0:9a:4b:67:8f:85:c5:2f:df:02:c1:a8:1c:6c:
de:b3:1b:5e:45:7c:d9:b5:9b:94:53:3b:bf:61:94:fb:0a:4a:
26:dc:ac:7c:b8:e3:62:c3:03:e0:e3:aa:c6:dd:80:de:e8:e6:
08:c0:7c:77:03:88:59:40:a3:cf:c0:22:57:3e:16:ad:ad:c9:
81:80:5c:26:8f:3f:46:53:e9:3b:4a:79:85:db:c4:46:ce:d9:
67:2d:4c:ec
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZT/kQkkDwJ0Deo01lL7irAYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjUwMjEzMTM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ0ZjE2Y2RjYWZlZDE3MTA0ZDZhNWZmYjRkZTliZmJmMGMwNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM2bf+W7KgEhWr/5w3ghyIwYTQIh
dm5DCD+jmryOlEcQn2wMEK0iAQMrLfytCoKmV++cAbH2rOEzMHzUmFCJE4OFktQY
ViwI6Rdal0ISXUHt2fXsAw27L4AR3AWFEdUwTff6nvi9u+ppby+WqUDx7ht8DHXV
/SJ9cMJol26N0oXb3Z8Yg4tq7WO9g6h3hu1LuHV6OlW8bE4D4u11gv/1vOhvqS1K
/lq2da4NLRHyZxLT+vdqRQrvpyujdUHhbrghLYW6olGJDqgpg6tZ4iQqqtSrK8Xf
4zCNjhWm4F44OKleGGESdwe5e8PiBDB4BWCKhWfhb4JK4qVGm4SCcZxlwwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFItE8Wzcr+0XEE1qX/tN6b+/DAcVMB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvaTBUeGJOeXY3UmNRVFdwZi0wM3B2NzhNQnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgQuADAN
BgkqhkiG9w0BAQsFAAOCAQEAbrTjN7/LigkOoradekm1t8n5fpB6V+G1Cc9vpqHc
9ECoBGqd6iu3ZMH8oMqRBwi6DgE5c4+miXDJzvnk9BxjwbsKVRrepVjNq9c4Kw/q
aM9bWPgTGo/dB3a9cOqX9wP6bZZhxCBp9tQh+g4rjU91ebLvAELr1tjXJQrwmROH
/wTih0Qsv2tpaQaUHeD+6dewvdbL+XZQXlQaeYOpDvo+5A7kZm1PZvCaS2ePhcUv
3wLBqBxs3rMbXkV82bWblFM7v2GU+wpKJtysfLjjYsMD4OOqxt2A3ujmCMB8dwOI
WUCjz8AiVz4Wra3JgYBcJo8/RlPpO0p5hdvERs7ZZy1M7A==
-----END CERTIFICATE-----
Generated at Wed Apr 30 06:00:17 2025 by rpki-client