Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/svM12JDKJB3e-TFZ2wiCejW_Bfk.roa
File: svM12JDKJB3e-TFZ2wiCejW_Bfk.roa (raw, json)
Hash identifier: QUass/NjIlJuE2HSs5ern4SfiFA+q7m1ESWTARVsCGk=
Subject key identifier: B2:F3:35:D8:90:CA:24:1D:DE:F9:31:59:DB:08:82:7A:35:BF:05:F9
Certificate issuer: /CN=a81297b1d36a42de38e8480bb929b45bc9030c9d
Certificate serial: 019425FDE52BD2DF8011B7BFD741FAC4CA6E
Authority key identifier: A8:12:97:B1:D3:6A:42:DE:38:E8:48:0B:B9:29:B4:5B:C9:03:0C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBKXsdNqQt446EgLuSm0W8kDDJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/svM12JDKJB3e-TFZ2wiCejW_Bfk.roa
Signing time: Thu 02 Jan 2025 07:49:43 +0000
ROA not before: Thu 02 Jan 2025 07:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a14:3244:2470::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:e5:2b:d2:df:80:11:b7:bf:d7:41:fa:c4:ca:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a81297b1d36a42de38e8480bb929b45bc9030c9d
Validity
Not Before: Jan 2 07:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2f335d890ca241ddef93159db08827a35bf05f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a4:01:1b:1a:d9:e2:8d:01:cc:52:29:16:30:
37:63:72:a9:e1:da:80:33:f7:d1:59:0c:6e:b9:4f:
2c:97:f2:7d:b6:1a:c8:cd:ad:85:c7:c5:b8:3a:1a:
5c:b3:21:5f:60:96:9d:d8:c3:e4:ce:d6:c3:28:24:
11:3a:b3:85:2f:e4:e4:5d:4f:eb:6a:25:e7:32:90:
e0:02:99:b2:ce:43:0f:1b:44:b2:4e:3e:8d:e7:16:
b2:08:29:0f:97:e0:46:c0:d4:cc:f7:18:2a:12:0b:
97:64:ed:84:d8:ec:4e:df:f0:41:53:58:af:14:f4:
8c:61:2e:76:55:b5:4f:25:2d:f0:d4:38:b8:72:19:
2e:b4:a9:9b:17:f0:fe:3d:fd:9c:84:44:e9:b8:ee:
5b:db:7c:72:25:b5:89:fd:dc:51:46:fc:3d:8c:a2:
c9:00:7e:2e:50:6f:84:c8:28:92:81:f4:2f:38:d7:
e9:dd:79:0b:93:2d:27:0c:c8:b8:68:9b:22:03:e3:
b7:5a:06:48:72:56:f8:02:84:0d:c4:5d:8f:4b:1e:
61:94:95:77:e9:aa:26:c1:e3:60:45:cf:97:39:83:
0f:81:2c:71:ce:13:96:50:50:19:ee:0e:41:a2:09:
ce:61:ea:be:72:6c:00:2e:55:38:5a:4d:cd:a9:cd:
5e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F3:35:D8:90:CA:24:1D:DE:F9:31:59:DB:08:82:7A:35:BF:05:F9
X509v3 Authority Key Identifier:
keyid:A8:12:97:B1:D3:6A:42:DE:38:E8:48:0B:B9:29:B4:5B:C9:03:0C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBKXsdNqQt446EgLuSm0W8kDDJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/svM12JDKJB3e-TFZ2wiCejW_Bfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/720e5f-7f33-4d9d-8cde-22dd0f3928d5/1/qBKXsdNqQt446EgLuSm0W8kDDJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:3244:2470::/48
Signature Algorithm: sha256WithRSAEncryption
3e:4a:44:c6:4b:74:95:73:2f:06:29:09:b2:8c:b3:0d:73:b2:
d9:57:2d:d2:6b:1c:39:0a:56:0d:f9:96:ef:28:bd:5b:43:69:
b7:24:8a:e0:0b:57:0f:a7:2b:b6:1a:31:62:ee:a5:00:83:4a:
00:26:12:f4:d6:74:26:9c:45:c3:db:73:06:64:22:92:54:d7:
37:17:62:d2:df:45:2a:72:6b:a0:f6:63:ef:ab:09:fb:f2:69:
2e:3d:7e:f8:ed:4a:67:68:8f:c7:41:12:76:32:7d:8a:d4:82:
9e:62:d0:55:62:3d:ec:e1:14:d3:3f:bb:be:c9:82:42:00:02:
cc:9d:d8:ff:85:e4:75:34:38:8d:64:b0:76:8a:01:08:ce:ad:
20:33:8c:54:0e:8c:fd:5c:93:9a:ba:c2:18:d9:28:cc:3c:f9:
51:37:9f:8b:7a:7f:40:ae:a0:6f:d0:04:9d:64:7c:12:07:94:
4d:0f:c4:01:e4:4d:c3:73:20:b2:66:f6:a3:05:7c:60:5d:fa:
75:9d:90:e6:1d:89:8c:50:09:82:f2:ca:31:5f:cc:ce:3b:95:
45:9d:f3:be:7a:29:a2:55:75:1c:d4:14:99:05:33:ba:57:5e:
da:30:4a:bd:a2:ee:6b:90:1d:f4:27:c3:5c:e7:9d:6c:83:8a:
96:27:94:98
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/eUr0t+AEbe/10H6xMpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTI5N2IxZDM2YTQyZGUzOGU4NDgwYmI5MjliNDViYzkw
MzBjOWQwHhcNMjUwMTAyMDc0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmYzMzVkODkwY2EyNDFkZGVmOTMxNTlkYjA4ODI3YTM1YmYwNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaQBGxrZ4o0BzFIpFjA3Y3Kp4dqA
M/fRWQxuuU8sl/J9thrIza2Fx8W4OhpcsyFfYJad2MPkztbDKCQROrOFL+TkXU/r
aiXnMpDgApmyzkMPG0SyTj6N5xayCCkPl+BGwNTM9xgqEguXZO2E2OxO3/BBU1iv
FPSMYS52VbVPJS3w1Di4chkutKmbF/D+Pf2chETpuO5b23xyJbWJ/dxRRvw9jKLJ
AH4uUG+EyCiSgfQvONfp3XkLky0nDMi4aJsiA+O3WgZIclb4AoQNxF2PSx5hlJV3
6aomweNgRc+XOYMPgSxxzhOWUFAZ7g5BognOYeq+cmwALlU4Wk3Nqc1eNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLLzNdiQyiQd3vkxWdsIgno1vwX5MB8GA1UdIwQY
MBaAFKgSl7HTakLeOOhIC7kptFvJAwydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJLWHNkTnFRdDQ0NkVnTHVTbTBXOGtEREowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83MjBlNWYtN2YzMy00ZDlkLThjZGUt
MjJkZDBmMzkyOGQ1LzEvc3ZNMTJKREtKQjNlLVRGWjJ3aUNlaldfQmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83MjBlNWYtN2YzMy00ZDlkLThjZGUtMjJkZDBmMzkyOGQ1
LzEvcUJLWHNkTnFRdDQ0NkVnTHVTbTBXOGtEREowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhQyRCRw
MA0GCSqGSIb3DQEBCwUAA4IBAQA+SkTGS3SVcy8GKQmyjLMNc7LZVy3Saxw5ClYN
+ZbvKL1bQ2m3JIrgC1cPpyu2GjFi7qUAg0oAJhL01nQmnEXD23MGZCKSVNc3F2LS
30Uqcmug9mPvqwn78mkuPX747UpnaI/HQRJ2Mn2K1IKeYtBVYj3s4RTTP7u+yYJC
AALMndj/heR1NDiNZLB2igEIzq0gM4xUDoz9XJOausIY2SjMPPlRN5+Len9ArqBv
0ASdZHwSB5RND8QB5E3DcyCyZvajBXxgXfp1nZDmHYmMUAmC8soxX8zOO5VFnfO+
eimiVXUc1BSZBTO6V17aMEq9ou5rkB30J8Nc551sg4qWJ5SY
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:14:53 2025 by rpki-client