Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/S2HX96URuwM0sfAzuhl-TQQ4psw.roa
File: S2HX96URuwM0sfAzuhl-TQQ4psw.roa (raw, json)
Hash identifier: e4S8x94kpZLEXYBV0SEw97qlZBI65h7p0W0Y7hOrmkg=
Subject key identifier: 4B:61:D7:F7:A5:11:BB:03:34:B1:F0:33:BA:19:7E:4D:04:38:A6:CC
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 018AD021E67BA29E3C6FBEF10F623074C8B4
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/S2HX96URuwM0sfAzuhl-TQQ4psw.roa
Signing time: Tue 26 Sep 2023 06:16:37 +0000
ROA not before: Tue 26 Sep 2023 06:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147049
IP address blocks: 2a13:240:4000::/40 maxlen: 40
2a13:240::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:21:e6:7b:a2:9e:3c:6f:be:f1:0f:62:30:74:c8:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Sep 26 06:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b61d7f7a511bb0334b1f033ba197e4d0438a6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cc:47:89:8b:b3:47:b0:88:0f:36:36:a2:5e:
aa:31:52:c3:4a:62:86:d6:66:dd:1e:6e:ab:cd:1a:
8d:02:14:e9:4b:50:48:37:42:54:51:8f:50:c8:c5:
0d:c0:94:65:88:90:b9:65:76:67:68:2d:a6:ec:be:
3f:19:5c:ff:64:84:ae:2f:8f:f0:f1:0d:7a:49:f4:
33:2f:fc:69:0a:ba:f2:89:a4:43:c7:44:f7:59:a6:
ea:12:98:39:bd:d3:be:ea:e9:c4:99:d3:7b:54:e2:
40:e7:ff:0f:ad:dc:20:42:b2:36:d1:5a:db:80:75:
b4:77:9b:29:f9:e8:db:94:26:e2:4d:4c:ff:aa:ad:
bb:54:94:c5:ac:9a:d8:bc:d4:98:5c:f6:a4:5a:f7:
e8:25:ff:18:7a:c9:49:cd:68:e3:99:3d:76:1d:28:
c8:55:9c:bc:dc:ce:da:78:3b:c8:48:b3:1d:ac:87:
e1:e1:a6:31:a1:91:ea:e0:b3:a3:15:7b:e1:99:6a:
ee:b9:1b:10:67:8b:42:33:4f:5a:87:df:c4:0c:78:
7d:34:94:cc:61:62:32:da:6f:3b:3b:26:69:5b:ea:
06:2a:dc:ce:20:43:47:59:ff:3b:70:66:3d:1c:85:
45:6e:ed:16:6e:a5:2b:3d:08:6f:31:86:a0:e8:a5:
d2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:61:D7:F7:A5:11:BB:03:34:B1:F0:33:BA:19:7E:4D:04:38:A6:CC
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/S2HX96URuwM0sfAzuhl-TQQ4psw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:240::/48
2a13:240:4000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:bf:e9:54:da:03:1a:9f:35:fb:e6:b1:2a:31:f8:57:1f:eb:
80:d7:d9:01:98:3e:55:f8:ac:02:24:6b:72:45:7f:15:ee:5c:
18:d7:ac:b7:a3:ad:a1:12:9d:be:fb:51:50:7e:0d:96:75:d2:
b1:42:dd:18:0f:d1:40:4a:b6:df:fa:f9:0e:48:c1:1a:32:30:
f7:93:20:9b:01:b8:07:28:62:d5:0a:a3:d6:bd:6b:44:39:c1:
25:c6:5f:8d:0d:a9:33:7b:ff:49:e0:c5:db:e1:c7:a1:2a:53:
76:f6:d4:08:7f:41:13:66:e5:6f:42:bf:2e:83:ec:45:cf:3e:
f8:be:80:c1:37:b2:63:2e:8c:16:17:c5:5f:0f:dc:0f:3e:12:
88:89:1b:12:1c:71:a7:5a:ed:e6:05:3b:1a:20:8b:c0:bc:b4:
7c:aa:de:18:f3:0f:e0:cf:c1:09:3e:4f:a6:6c:42:8b:bd:df:
01:a8:ff:ba:c6:b0:49:26:83:25:bc:fa:5e:ee:a2:45:8c:23:
62:5a:47:3e:ba:b5:c7:75:00:41:ba:b6:dc:31:75:2c:cc:33:
ea:51:56:90:4d:ae:14:7e:38:3b:8d:83:1b:be:ba:9a:3b:c3:
ee:f6:fa:7e:a2:98:ca:19:d7:0c:e6:67:0c:4e:06:f8:aa:9b:
89:59:55:2c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYrQIeZ7op48b77xD2IwdMi0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjMwOTI2MDYxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjYxZDdmN2E1MTFiYjAzMzRiMWYwMzNiYTE5N2U0ZDA0MzhhNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4sxHiYuzR7CIDzY2ol6qMVLDSmKG
1mbdHm6rzRqNAhTpS1BIN0JUUY9QyMUNwJRliJC5ZXZnaC2m7L4/GVz/ZISuL4/w
8Q16SfQzL/xpCrryiaRDx0T3WabqEpg5vdO+6unEmdN7VOJA5/8PrdwgQrI20Vrb
gHW0d5sp+ejblCbiTUz/qq27VJTFrJrYvNSYXPakWvfoJf8YeslJzWjjmT12HSjI
VZy83M7aeDvISLMdrIfh4aYxoZHq4LOjFXvhmWruuRsQZ4tCM09ah9/EDHh9NJTM
YWIy2m87OyZpW+oGKtzOIENHWf87cGY9HIVFbu0WbqUrPQhvMYag6KXSRQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFEth1/elEbsDNLHwM7oZfk0EOKbMMB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvUzJIWDk2VVJ1d00wc2ZBenVobC1UUVE0cHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhMCQAAA
AwYAKhMCQEAwDQYJKoZIhvcNAQELBQADggEBAA6/6VTaAxqfNfvmsSox+Fcf64DX
2QGYPlX4rAIka3JFfxXuXBjXrLejraESnb77UVB+DZZ10rFC3RgP0UBKtt/6+Q5I
wRoyMPeTIJsBuAcoYtUKo9a9a0Q5wSXGX40NqTN7/0ngxdvhx6EqU3b21Ah/QRNm
5W9Cvy6D7EXPPvi+gME3smMujBYXxV8P3A8+EoiJGxIccada7eYFOxogi8C8tHyq
3hjzD+DPwQk+T6ZsQou93wGo/7rGsEkmgyW8+l7uokWMI2JaRz66tcd1AEG6ttwx
dSzMM+pRVpBNrhR+ODuNgxu+upo7w+72+n6imMoZ1wzmZwxOBviqm4lZVSw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:40:59 2025 by rpki-client