Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/s5BiaHOJULt-vCCL64UcWn9GrEg.roa
File: s5BiaHOJULt-vCCL64UcWn9GrEg.roa (raw, json)
Hash identifier: f+8xvA3X/9F+Kkel5Zwra+XqN2MMqST8AFHOLqPY51s=
Subject key identifier: B3:90:62:68:73:89:50:BB:7E:BC:20:8B:EB:85:1C:5A:7F:46:AC:48
Certificate issuer: /CN=ce0b298e1e2b300469070d1c10ccaea6f1f80ae2
Certificate serial: 01861305727C7247F1F3181EB948AAF145C6
Authority key identifier: CE:0B:29:8E:1E:2B:30:04:69:07:0D:1C:10:CC:AE:A6:F1:F8:0A:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zgspjh4rMARpBw0cEMyupvH4CuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/s5BiaHOJULt-vCCL64UcWn9GrEg.roa
Signing time: Thu 02 Feb 2023 16:46:09 +0000
ROA not before: Thu 02 Feb 2023 16:46:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56884
IP address blocks: 2a13:da00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:13:05:72:7c:72:47:f1:f3:18:1e:b9:48:aa:f1:45:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce0b298e1e2b300469070d1c10ccaea6f1f80ae2
Validity
Not Before: Feb 2 16:46:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3906268738950bb7ebc208beb851c5a7f46ac48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:49:a0:35:dd:c8:a3:4e:3f:2f:b5:5c:6a:0a:
50:31:82:a7:fd:e8:2d:2a:51:77:d3:8e:44:15:a8:
6f:3b:45:81:6c:f7:f3:ad:4b:1f:43:e5:d8:e3:f8:
e5:22:af:94:75:02:35:b5:29:7e:8a:39:c5:12:a6:
4f:f3:09:26:49:2f:e8:ce:43:78:0f:32:b1:b8:45:
27:09:65:f1:86:74:30:f8:3b:3c:80:1b:97:d8:92:
f7:f8:7a:d6:c6:1b:1e:54:ae:08:5e:6b:29:b0:19:
4d:cb:f7:44:ee:41:a3:60:a3:5b:ee:c7:ed:1e:5f:
a2:b7:be:64:a3:ba:a2:e4:8b:eb:69:18:ab:bd:ef:
43:5d:62:fb:f8:70:f1:12:4d:f4:65:89:64:e6:cc:
d7:10:59:dd:bf:76:22:a2:97:11:72:59:10:39:e4:
b6:85:2a:99:02:2c:16:eb:37:ba:ec:f6:f8:32:0b:
9b:5a:ec:24:9b:7b:8b:e3:2b:f8:cf:a1:53:d4:3b:
c7:bc:06:89:d5:46:2e:d2:72:67:38:f1:f3:4a:db:
1b:53:70:5b:ec:a6:e7:fd:16:d2:8c:11:52:2b:4f:
e1:ae:c8:7f:4b:d6:11:4e:84:17:88:2f:11:d2:ee:
43:1c:2c:c6:37:77:af:2f:27:6c:14:2a:50:3d:20:
57:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:90:62:68:73:89:50:BB:7E:BC:20:8B:EB:85:1C:5A:7F:46:AC:48
X509v3 Authority Key Identifier:
keyid:CE:0B:29:8E:1E:2B:30:04:69:07:0D:1C:10:CC:AE:A6:F1:F8:0A:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgspjh4rMARpBw0cEMyupvH4CuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/s5BiaHOJULt-vCCL64UcWn9GrEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/a31768-d44a-474a-8514-0c5d7031ffad/1/zgspjh4rMARpBw0cEMyupvH4CuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:da00::/29
Signature Algorithm: sha256WithRSAEncryption
68:40:91:d3:ac:44:da:d9:6a:7b:75:21:98:24:9e:aa:5f:41:
9a:1d:b6:0c:93:cc:6f:d3:64:91:92:89:79:32:f8:00:2b:6e:
07:44:c4:3c:82:38:c1:b6:20:cb:70:58:0c:7a:de:6b:63:41:
9a:99:8a:0a:78:9a:f9:6a:14:e3:b6:56:1c:a5:c2:7c:f8:3f:
89:2d:f2:b2:5b:ba:52:c1:e6:03:be:cb:c5:2b:bf:48:0f:07:
00:48:c6:9b:71:a3:ef:39:8c:00:ae:ab:0e:b1:91:4d:5d:c0:
b0:8c:16:2c:49:d6:ab:05:95:4d:ed:26:26:91:00:16:cf:9e:
1e:f8:74:02:3b:23:72:fe:cc:4b:94:22:9b:53:50:4d:12:ee:
62:1e:2f:35:46:6c:a9:ee:ab:bc:1e:36:39:75:22:70:30:f8:
23:28:3b:f7:c0:e4:3f:7e:f1:ea:53:6c:d8:08:7a:0c:13:83:
86:2d:c8:6e:4d:f0:f1:8a:0c:eb:33:b7:75:4c:d0:30:f8:35:
52:aa:0a:3f:fe:eb:b6:ec:58:63:09:5f:4b:28:f2:d5:18:f4:
60:13:59:09:01:4a:f3:ad:24:33:42:19:ed:92:94:dc:ba:1d:
c8:23:9a:a4:f6:50:6b:9b:0e:f8:b0:3a:ba:7a:0f:30:20:49:
39:5e:a8:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYTBXJ8ckfx8xgeuUiq8UXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMGIyOThlMWUyYjMwMDQ2OTA3MGQxYzEwY2NhZWE2ZjFm
ODBhZTIwHhcNMjMwMjAyMTY0NjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkwNjI2ODczODk1MGJiN2ViYzIwOGJlYjg1MWM1YTdmNDZhYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkmgNd3Io04/L7VcagpQMYKn/egt
KlF3045EFahvO0WBbPfzrUsfQ+XY4/jlIq+UdQI1tSl+ijnFEqZP8wkmSS/ozkN4
DzKxuEUnCWXxhnQw+Ds8gBuX2JL3+HrWxhseVK4IXmspsBlNy/dE7kGjYKNb7sft
Hl+it75ko7qi5IvraRirve9DXWL7+HDxEk30ZYlk5szXEFndv3YiopcRclkQOeS2
hSqZAiwW6ze67Pb4MgubWuwkm3uL4yv4z6FT1DvHvAaJ1UYu0nJnOPHzStsbU3Bb
7Kbn/RbSjBFSK0/hrsh/S9YRToQXiC8R0u5DHCzGN3evLydsFCpQPSBXLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLOQYmhziVC7frwgi+uFHFp/RqxIMB8GA1UdIwQY
MBaAFM4LKY4eKzAEaQcNHBDMrqbx+AriMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdzcGpoNHJNQVJwQncwY0VNeXVwdkg0Q3VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hMzE3NjgtZDQ0YS00NzRhLTg1MTQt
MGM1ZDcwMzFmZmFkLzEvczVCaWFIT0pVTHQtdkNDTDY0VWNXbjlHckVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9hMzE3NjgtZDQ0YS00NzRhLTg1MTQtMGM1ZDcwMzFmZmFk
LzEvemdzcGpoNHJNQVJwQncwY0VNeXVwdkg0Q3VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPaADAN
BgkqhkiG9w0BAQsFAAOCAQEAaECR06xE2tlqe3UhmCSeql9Bmh22DJPMb9NkkZKJ
eTL4ACtuB0TEPII4wbYgy3BYDHrea2NBmpmKCnia+WoU47ZWHKXCfPg/iS3yslu6
UsHmA77LxSu/SA8HAEjGm3Gj7zmMAK6rDrGRTV3AsIwWLEnWqwWVTe0mJpEAFs+e
Hvh0Ajsjcv7MS5Qim1NQTRLuYh4vNUZsqe6rvB42OXUicDD4Iyg798DkP37x6lNs
2Ah6DBODhi3Ibk3w8YoM6zO3dUzQMPg1UqoKP/7rtuxYYwlfSyjy1Rj0YBNZCQFK
860kM0IZ7ZKU3LodyCOapPZQa5sO+LA6unoPMCBJOV6omA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:52 2025 by rpki-client