Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/5cce56yI8-njF3_oVU54RGqkYFo.roa
File: 5cce56yI8-njF3_oVU54RGqkYFo.roa (raw, json)
Hash identifier: JbtaX2hM1jH19fmd1Dso4r9hL0n4oLwnVCzO6xQf3SE=
Subject key identifier: E5:C7:1E:E7:AC:88:F3:E9:E3:17:7F:E8:55:4E:78:44:6A:A4:60:5A
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018C8C78D6508BEF31831D08481F823C1172
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/5cce56yI8-njF3_oVU54RGqkYFo.roa
Signing time: Thu 21 Dec 2023 13:02:58 +0000
ROA not before: Thu 21 Dec 2023 13:02:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 215889
IP address blocks: 2a09:a740::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:78:d6:50:8b:ef:31:83:1d:08:48:1f:82:3c:11:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Dec 21 13:02:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5c71ee7ac88f3e9e3177fe8554e78446aa4605a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:39:57:9d:30:19:91:27:0b:62:57:45:59:37:
2a:69:74:f0:cf:3e:30:2f:45:2e:fb:eb:64:48:7a:
38:94:c2:93:cb:fa:f7:48:4b:2a:5d:63:97:af:6e:
59:19:f6:35:a8:77:57:5d:7f:e7:32:53:d4:b6:31:
9c:e3:b3:00:dc:67:3f:5b:15:da:76:df:a8:38:68:
b0:03:38:0b:0e:f1:56:71:1c:aa:28:d9:dc:ba:1b:
40:42:e4:a2:99:65:d7:66:fb:0c:bd:8c:70:75:06:
f1:a2:68:74:2c:ef:63:b1:47:2f:01:e8:58:c8:00:
81:ce:1c:65:43:bf:90:e4:c5:be:0a:b1:11:fd:16:
31:f6:6b:c3:e8:24:a8:c8:c7:b4:51:28:0f:c5:d3:
6d:e2:c7:42:94:d4:fd:20:12:df:c0:7f:10:5d:3e:
be:2a:af:32:89:02:bf:d7:ce:0a:29:ff:4e:ea:a1:
b3:fc:af:ef:bc:fb:54:08:6c:ad:61:ec:55:35:f4:
8f:62:6b:7b:03:b6:8c:48:6d:ac:e1:d1:b1:1c:55:
bf:34:a6:fc:35:43:21:b6:40:25:b8:72:9f:e6:78:
71:ee:ed:32:9f:20:f2:3e:4c:9d:4a:c6:47:9e:20:
55:b8:e2:83:b7:db:17:5c:e6:c8:86:29:b5:a7:03:
33:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C7:1E:E7:AC:88:F3:E9:E3:17:7F:E8:55:4E:78:44:6A:A4:60:5A
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/5cce56yI8-njF3_oVU54RGqkYFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a740::/32
Signature Algorithm: sha256WithRSAEncryption
4c:9f:5a:72:90:f0:50:ae:2b:0e:a9:f0:2e:ab:ad:fc:63:9c:
6e:b4:73:41:9b:8f:87:29:aa:1d:9b:a7:b9:7d:7a:43:b4:4d:
d0:d6:e2:bc:c4:62:b6:82:a0:6f:14:64:40:7d:50:c2:1b:75:
f3:b0:67:e6:2f:1e:a9:d6:f3:91:8d:65:bc:b6:b1:63:95:f5:
ca:df:c4:b3:2f:eb:75:0d:f5:49:13:6e:51:b5:d2:f3:c3:31:
3e:05:84:ff:c6:83:be:81:1d:a0:cb:8e:fe:7c:64:c9:17:1f:
07:55:53:81:33:0f:b7:93:8a:95:bc:78:cc:64:2f:2e:a4:12:
a0:58:bf:eb:6a:e3:38:c9:fd:22:53:ca:da:15:e8:02:91:b2:
3a:4f:1e:2b:5f:f0:15:c9:6d:50:3a:6c:b1:d5:48:20:f0:b0:
82:26:0d:2a:70:b4:24:4e:c9:07:bc:56:1d:1e:6d:3c:ba:c6:
08:84:ff:70:51:d7:3d:b6:16:f7:df:2e:38:04:3f:59:5b:1c:
ef:f3:09:79:ce:ba:3a:86:c2:27:f1:7b:e3:47:f8:27:49:31:
98:4e:84:d5:ab:3f:cf:cb:04:5d:1c:83:72:65:94:72:63:c5:
1e:99:df:e7:80:74:74:fc:e1:36:bf:e4:c9:66:30:4f:97:d5:
69:3a:ac:ca
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyMeNZQi+8xgx0ISB+CPBFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMxMjIxMTMwMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWM3MWVlN2FjODhmM2U5ZTMxNzdmZTg1NTRlNzg0NDZhYTQ2MDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDlXnTAZkScLYldFWTcqaXTwzz4w
L0Uu++tkSHo4lMKTy/r3SEsqXWOXr25ZGfY1qHdXXX/nMlPUtjGc47MA3Gc/WxXa
dt+oOGiwAzgLDvFWcRyqKNncuhtAQuSimWXXZvsMvYxwdQbxomh0LO9jsUcvAehY
yACBzhxlQ7+Q5MW+CrER/RYx9mvD6CSoyMe0USgPxdNt4sdClNT9IBLfwH8QXT6+
Kq8yiQK/184KKf9O6qGz/K/vvPtUCGytYexVNfSPYmt7A7aMSG2s4dGxHFW/NKb8
NUMhtkAluHKf5nhx7u0ynyDyPkydSsZHniBVuOKDt9sXXObIhim1pwMzBwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOXHHuesiPPp4xd/6FVOeERqpGBaMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvNWNjZTU2eUk4LW5qRjNfb1ZVNTRSR3FrWUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgmnQDAN
BgkqhkiG9w0BAQsFAAOCAQEATJ9acpDwUK4rDqnwLqut/GOcbrRzQZuPhymqHZun
uX16Q7RN0NbivMRitoKgbxRkQH1Qwht187Bn5i8eqdbzkY1lvLaxY5X1yt/Esy/r
dQ31SRNuUbXS88MxPgWE/8aDvoEdoMuO/nxkyRcfB1VTgTMPt5OKlbx4zGQvLqQS
oFi/62rjOMn9IlPK2hXoApGyOk8eK1/wFcltUDpssdVIIPCwgiYNKnC0JE7JB7xW
HR5tPLrGCIT/cFHXPbYW998uOAQ/WVsc7/MJec66OobCJ/F740f4J0kxmE6E1as/
z8sEXRyDcmWUcmPFHpnf54B0dPzhNr/kyWYwT5fVaTqsyg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:44:53 2025 by rpki-client