Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/h-nvql0P9TgGXAqVKUEElkQbkv0.roa
File: h-nvql0P9TgGXAqVKUEElkQbkv0.roa (raw, json)
Hash identifier: 77+rYeDeiS1sM4xDkQzpPFN7K40E66J2vx8/gM24grk=
Subject key identifier: 87:E9:EF:AA:5D:0F:F5:38:06:5C:0A:95:29:41:04:96:44:1B:92:FD
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 018A217C77CCF81674B4D09F6997B3CBAC89
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/h-nvql0P9TgGXAqVKUEElkQbkv0.roa
Signing time: Wed 23 Aug 2023 08:21:59 +0000
ROA not before: Wed 23 Aug 2023 08:21:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207137
IP address blocks: 2a13:240:2::/48 maxlen: 48
2a13:240:5::/48 maxlen: 48
2a13:240::/48 maxlen: 48
2a13:240:8::/48 maxlen: 48
2a13:240:3::/48 maxlen: 48
2a13:240:6::/48 maxlen: 48
2a13:240:1::/48 maxlen: 48
2a13:240:9::/48 maxlen: 48
2a13:240:4::/48 maxlen: 48
2a13:240:7::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:21:7c:77:cc:f8:16:74:b4:d0:9f:69:97:b3:cb:ac:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Aug 23 08:21:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87e9efaa5d0ff538065c0a9529410496441b92fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:47:e2:53:54:2a:19:66:e4:1b:1f:5e:d2:f1:
ca:bf:eb:40:e0:0c:20:2b:80:eb:8b:3e:62:42:6d:
21:b6:1a:cd:29:c7:7b:c5:a4:f9:60:10:4a:83:52:
67:a2:96:94:07:49:af:94:55:c3:6d:16:5c:fc:56:
de:e1:3b:ef:1d:d9:0b:c8:a6:86:ae:43:2b:42:e7:
7d:8e:d6:ba:a2:3f:fe:ad:bf:20:39:0d:10:ad:96:
e3:3b:5f:8d:03:ba:d9:61:53:ec:94:0d:75:7e:8b:
10:f6:50:21:5b:c3:8a:48:14:75:5a:f5:2f:27:1c:
28:a0:ff:bf:90:5e:29:4f:f8:d3:3e:90:49:1d:39:
8a:f7:0c:5a:d0:d6:cc:b8:07:b5:47:21:80:9f:ab:
45:1f:7a:1d:7c:10:43:06:07:48:78:d3:de:dc:da:
a3:b8:c9:37:b9:cb:ff:1b:ec:e6:57:34:3f:1d:b2:
5e:91:52:83:1c:10:ff:4b:67:e0:de:4b:0f:b1:e4:
9f:c9:01:1b:88:65:6e:93:64:d9:b6:f3:10:98:8b:
bb:66:64:15:fd:19:a1:69:93:42:52:95:52:47:a6:
3f:6f:e0:69:7f:4a:fa:4f:64:ee:22:27:d2:40:02:
c2:00:cd:42:62:71:72:e9:3d:ca:13:fb:e7:f4:93:
40:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E9:EF:AA:5D:0F:F5:38:06:5C:0A:95:29:41:04:96:44:1B:92:FD
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/h-nvql0P9TgGXAqVKUEElkQbkv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:240::-2a13:240:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ab:5b:08:be:ca:f3:8d:a4:50:8e:cf:e4:98:2e:22:82:50:b0:
8b:c6:6a:dd:ab:44:ff:0b:7b:c3:40:7b:2e:9c:86:53:66:9d:
92:dc:a0:65:21:5e:5d:dc:82:7d:e8:4d:1c:a0:ee:e3:31:2b:
db:1e:9a:01:bf:41:4f:ab:a8:a6:34:bb:63:b7:22:69:ea:ce:
c2:7c:6f:0a:0b:74:78:d8:19:cf:32:da:bc:01:c7:c3:ce:82:
63:a0:59:98:df:c0:16:84:67:b0:0e:e1:fc:fa:9c:5b:c6:0f:
c0:d2:b9:0d:6e:f5:23:ce:9f:e3:12:2f:5d:51:26:8b:97:27:
4e:49:9b:fc:86:64:22:ee:6f:22:0b:31:be:b7:59:e9:17:11:
77:ae:63:73:71:4c:0c:a6:ca:f3:1a:70:6d:6f:4a:b2:6c:bd:
b0:fe:7c:22:fe:c8:69:59:66:f7:ea:89:cb:19:70:45:7f:14:
34:df:b0:bf:dc:7c:c2:3a:08:0c:f8:d0:da:8c:4a:87:a2:0d:
87:ab:b5:1d:1b:fd:29:36:e0:d0:45:1e:6d:eb:8b:a3:5d:c0:
07:66:e8:bd:50:5b:06:59:e3:17:34:cb:d9:c4:a1:34:ad:72:
32:c9:c4:b0:d6:db:cf:7d:9b:18:e6:0d:3f:9f:3b:8b:de:02:
64:6c:e2:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYohfHfM+BZ0tNCfaZezy6yJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjMwODIzMDgyMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U5ZWZhYTVkMGZmNTM4MDY1YzBhOTUyOTQxMDQ5NjQ0MWI5MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0fiU1QqGWbkGx9e0vHKv+tA4Awg
K4Driz5iQm0hthrNKcd7xaT5YBBKg1JnopaUB0mvlFXDbRZc/Fbe4TvvHdkLyKaG
rkMrQud9jta6oj/+rb8gOQ0QrZbjO1+NA7rZYVPslA11fosQ9lAhW8OKSBR1WvUv
JxwooP+/kF4pT/jTPpBJHTmK9wxa0NbMuAe1RyGAn6tFH3odfBBDBgdIeNPe3Nqj
uMk3ucv/G+zmVzQ/HbJekVKDHBD/S2fg3ksPseSfyQEbiGVuk2TZtvMQmIu7ZmQV
/RmhaZNCUpVSR6Y/b+Bpf0r6T2TuIifSQALCAM1CYnFy6T3KE/vn9JNAswIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfp76pdD/U4BlwKlSlBBJZEG5L9MB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvaC1udnFsMFA5VGdHWEFxVktVRUVsa1Fia3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBQYqEwJA
AwcBKhMCQAAIMA0GCSqGSIb3DQEBCwUAA4IBAQCrWwi+yvONpFCOz+SYLiKCULCL
xmrdq0T/C3vDQHsunIZTZp2S3KBlIV5d3IJ96E0coO7jMSvbHpoBv0FPq6imNLtj
tyJp6s7CfG8KC3R42BnPMtq8AcfDzoJjoFmY38AWhGewDuH8+pxbxg/A0rkNbvUj
zp/jEi9dUSaLlydOSZv8hmQi7m8iCzG+t1npFxF3rmNzcUwMpsrzGnBtb0qybL2w
/nwi/shpWWb36onLGXBFfxQ037C/3HzCOggM+NDajEqHog2Hq7UdG/0pNuDQRR5t
64ujXcAHZui9UFsGWeMXNMvZxKE0rXIyycSw1tvPfZsY5g0/nzuL3gJkbOLN
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:36:28 2025 by rpki-client