Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/8i-4sjhgp7C5AJzmhrGPBhNALGY.roa
File: 8i-4sjhgp7C5AJzmhrGPBhNALGY.roa (raw, json)
Hash identifier: 1hy4RFnE5MmmYNGW9hmIUyjvpWJJdxPY/FlX8SE7m+Q=
Subject key identifier: F2:2F:B8:B2:38:60:A7:B0:B9:00:9C:E6:86:B1:8F:06:13:40:2C:66
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 0194BF49681A1879180E4D45FE5726E6B5F5
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/8i-4sjhgp7C5AJzmhrGPBhNALGY.roa
Signing time: Sat 01 Feb 2025 02:14:06 +0000
ROA not before: Sat 01 Feb 2025 02:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213512
IP address blocks: 2a14:47c0:fe01::/48 maxlen: 48
2a14:47c0:fe02::/48 maxlen: 48
2a14:47c0:fe03::/48 maxlen: 48
2a14:47c0:fffe::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bf:49:68:1a:18:79:18:0e:4d:45:fe:57:26:e6:b5:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: Feb 1 02:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f22fb8b23860a7b0b9009ce686b18f0613402c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:8f:38:a6:57:4c:14:c9:25:f5:3b:0e:78:
8c:9c:80:42:c5:63:78:2b:2c:36:9e:8f:2b:4c:fd:
de:6f:41:43:3c:9b:22:6b:96:a9:87:23:5b:b7:22:
ac:b4:d7:8f:c4:b7:fb:2e:23:ed:d2:7a:a2:c6:29:
ce:ee:98:bf:16:29:53:e8:ce:20:6a:cb:0a:e3:b7:
8f:1f:29:47:52:bc:94:64:a4:ea:6e:1c:73:c8:32:
00:cb:05:20:8d:d8:33:43:24:6c:af:bd:b4:a5:83:
93:04:bc:23:72:7c:f9:0b:2c:e5:d4:f1:ce:a0:92:
ab:4e:b0:44:ac:26:cb:90:48:73:f7:59:16:51:e8:
d4:93:1c:73:60:7c:23:aa:98:32:93:fe:70:95:44:
ab:74:a0:c5:83:23:95:32:43:90:47:e2:be:44:d8:
0f:58:52:f3:f5:34:d6:cc:36:6d:1e:a9:8a:bd:ea:
09:a4:cc:3f:31:c6:53:99:ec:90:81:33:90:30:1e:
48:8d:06:b4:4d:56:e8:16:cb:c7:4f:f1:6b:19:2f:
83:94:da:d7:db:4d:da:f4:74:f2:1b:e5:40:39:52:
e6:62:ef:d0:83:c5:5c:ea:3c:97:b8:d5:f6:d8:84:
75:cd:bc:b1:c2:30:49:04:04:af:60:6d:82:b0:e8:
b8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2F:B8:B2:38:60:A7:B0:B9:00:9C:E6:86:B1:8F:06:13:40:2C:66
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/8i-4sjhgp7C5AJzmhrGPBhNALGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0:fe01::-2a14:47c0:fe03:ffff:ffff:ffff:ffff:ffff
2a14:47c0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
19:3f:53:c5:83:78:3f:1c:3c:58:3c:81:9e:ca:27:39:76:be:
87:0e:f8:58:8c:09:8d:e0:1b:71:bc:03:01:f9:f8:ec:4b:ed:
ca:6a:b3:10:c6:15:90:50:8f:9b:2c:dc:cf:7f:05:c7:4e:85:
b3:f8:5a:17:04:2d:b0:ea:bf:bc:8e:6d:5e:3f:01:ee:76:df:
fa:04:22:a6:43:62:9a:04:4d:7e:6d:ae:ac:77:d0:9e:4b:fc:
9e:cc:57:07:55:d3:46:6d:8b:90:58:ac:32:c5:db:60:b1:cb:
3e:31:35:de:e3:cc:d3:7b:b1:97:1e:50:49:bf:70:77:38:4c:
e9:61:a0:60:c1:9f:cd:72:33:4a:35:62:56:10:a3:c2:81:8b:
cf:e1:4d:7c:3e:eb:7d:ca:c1:ff:2d:c1:4d:75:28:2a:36:5e:
67:60:57:7e:d6:22:b9:1d:c4:e1:8b:a0:18:2d:c3:25:f6:3f:
44:89:98:1c:85:53:ba:a6:cb:15:80:2a:b6:c0:ea:e0:6b:77:
39:51:32:0f:1d:9b:1b:69:5b:9d:72:bd:6e:99:22:b9:1d:f6:
84:65:85:cc:d0:31:33:fb:9e:90:e3:45:47:b0:37:1e:ff:f8:
43:ed:bf:b4:da:77:71:d2:10:ce:83:b6:f1:e0:ad:db:5a:69:
78:cd:7c:b3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZS/SWgaGHkYDk1F/lcm5rX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwMjAxMDIxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJmYjhiMjM4NjBhN2IwYjkwMDljZTY4NmIxOGYwNjEzNDAyYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusGPOKZXTBTJJfU7DniMnIBCxWN4
Kyw2no8rTP3eb0FDPJsia5aphyNbtyKstNePxLf7LiPt0nqixinO7pi/FilT6M4g
assK47ePHylHUryUZKTqbhxzyDIAywUgjdgzQyRsr720pYOTBLwjcnz5Cyzl1PHO
oJKrTrBErCbLkEhz91kWUejUkxxzYHwjqpgyk/5wlUSrdKDFgyOVMkOQR+K+RNgP
WFLz9TTWzDZtHqmKveoJpMw/McZTmeyQgTOQMB5IjQa0TVboFsvHT/FrGS+DlNrX
203a9HTyG+VAOVLmYu/Qg8Vc6jyXuNX22IR1zbyxwjBJBASvYG2CsOi4cQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPIvuLI4YKewuQCc5oaxjwYTQCxmMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvOGktNHNqaGdwN0M1QUp6bWhyR1BCaE5BTEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwAqFEfA
/gEDBwIqFEfA/gADBwAqFEfA//4wDQYJKoZIhvcNAQELBQADggEBABk/U8WDeD8c
PFg8gZ7KJzl2vocO+FiMCY3gG3G8AwH5+OxL7cpqsxDGFZBQj5ss3M9/BcdOhbP4
WhcELbDqv7yObV4/Ae523/oEIqZDYpoETX5trqx30J5L/J7MVwdV00Zti5BYrDLF
22Cxyz4xNd7jzNN7sZceUEm/cHc4TOlhoGDBn81yM0o1YlYQo8KBi8/hTXw+633K
wf8twU11KCo2XmdgV37WIrkdxOGLoBgtwyX2P0SJmByFU7qmyxWAKrbA6uBrdzlR
Mg8dmxtpW51yvW6ZIrkd9oRlhczQMTP7npDjRUewNx7/+EPtv7Tad3HSEM6DtvHg
rdtaaXjNfLM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:42 2025 by rpki-client