Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-M-VbyCsItZcG9hA_XDnasi-D8A.roa
File: 1-M-VbyCsItZcG9hA_XDnasi-D8A.roa (raw, json)
Hash identifier: b/qbiDYWw8CaeeHb6nquKsuF2wjB+A0cqxq8LMSb+5Q=
Subject key identifier: F8:CF:95:6F:20:AC:22:D6:5C:1B:D8:40:FD:70:E7:6A:C8:BE:0F:C0
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C73B53115B2ED08E68AAFD455D86C
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-M-VbyCsItZcG9hA_XDnasi-D8A.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211221
IP address blocks: 2a02:2698:7600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:73:b5:31:15:b2:ed:08:e6:8a:af:d4:55:d8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8cf956f20ac22d65c1bd840fd70e76ac8be0fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7f:86:0f:42:14:36:10:77:c1:11:b3:b4:a4:
e5:ff:02:a9:62:ff:9d:fc:5b:5c:8b:25:3e:51:5b:
c6:ad:0a:8f:8e:ac:8a:ce:9d:a9:59:d2:52:64:8a:
48:89:c0:98:16:ef:ff:18:29:5a:96:a2:29:35:f5:
46:80:ba:84:39:5d:e3:ad:3a:c1:02:e4:93:6d:e4:
ac:ac:25:3f:a4:bc:bc:9a:30:19:ee:46:73:31:c5:
05:34:fc:af:1c:1b:58:1c:df:e4:f8:a8:90:22:f3:
c7:c2:2b:04:0b:d8:53:80:ec:40:ad:a7:91:e3:b4:
9e:42:0f:12:31:96:92:89:9d:f6:ff:a8:08:39:b8:
fc:ff:67:8c:a6:9b:b0:28:ad:aa:4a:77:86:e4:ac:
88:e9:7d:f1:86:fb:47:46:5b:46:36:d1:c2:56:d1:
a9:e4:90:21:7e:bf:2a:99:f6:8c:b7:e6:9a:5f:04:
c5:a7:e2:6a:31:56:a8:dc:39:8c:00:bf:29:f6:ec:
fe:97:ad:92:65:3e:d9:66:78:9e:88:d1:bd:1f:e6:
f6:1c:81:43:99:e3:d2:a2:ed:c0:98:05:83:85:36:
70:a1:af:f1:f6:18:a4:26:65:d5:d9:55:59:22:3c:
48:6b:71:28:3c:6e:78:e2:de:95:fe:85:07:02:77:
cc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CF:95:6F:20:AC:22:D6:5C:1B:D8:40:FD:70:E7:6A:C8:BE:0F:C0
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/1-M-VbyCsItZcG9hA_XDnasi-D8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:7600::/48
Signature Algorithm: sha256WithRSAEncryption
84:2a:02:4f:36:28:c4:e0:12:84:13:51:8a:83:29:ff:e5:3f:
15:13:c8:88:26:3f:43:13:81:23:ae:e3:25:79:70:91:31:4a:
32:06:c4:0f:e3:a4:6e:95:d4:de:a6:39:83:21:15:e2:6b:80:
27:a5:b1:c1:2a:3a:8b:67:fc:94:e0:c0:bd:83:1c:5b:73:68:
cb:8d:51:fe:24:d1:28:68:65:cc:2e:68:aa:29:48:e2:cf:89:
ee:b3:ae:51:11:56:f8:78:ac:b5:42:fb:38:3f:30:5c:d1:1f:
74:1a:09:24:24:7b:1e:ef:02:93:9d:16:11:00:04:7e:81:7a:
38:ac:83:46:30:af:19:c5:6c:81:c2:d2:34:c2:f8:e6:71:da:
03:c5:7c:71:d0:14:6d:cb:22:dd:a4:92:78:14:9a:e9:da:76:
77:a6:ab:8a:5e:49:61:d9:e7:94:05:e8:41:ae:76:de:14:b3:
5d:b3:c7:03:09:a1:ee:44:0f:27:23:45:92:cf:75:8c:31:be:
4d:f7:2f:e1:09:91:9f:19:99:2c:c2:2c:9e:d4:34:ff:db:39:
6e:a4:f1:68:4a:1c:91:6b:14:23:7c:da:b6:45:2a:96:1a:fc:
74:96:10:5f:6a:89:d6:d4:d9:a8:3c:19:0c:b0:b7:b5:f9:8a:
f2:fe:53:ee
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZQfjHO1MRWy7Qjmiq/UVdhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGNmOTU2ZjIwYWMyMmQ2NWMxYmQ4NDBmZDcwZTc2YWM4YmUwZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H+GD0IUNhB3wRGztKTl/wKpYv+d
/FtciyU+UVvGrQqPjqyKzp2pWdJSZIpIicCYFu//GClalqIpNfVGgLqEOV3jrTrB
AuSTbeSsrCU/pLy8mjAZ7kZzMcUFNPyvHBtYHN/k+KiQIvPHwisEC9hTgOxAraeR
47SeQg8SMZaSiZ32/6gIObj8/2eMppuwKK2qSneG5KyI6X3xhvtHRltGNtHCVtGp
5JAhfr8qmfaMt+aaXwTFp+JqMVao3DmMAL8p9uz+l62SZT7ZZnieiNG9H+b2HIFD
mePSou3AmAWDhTZwoa/x9hikJmXV2VVZIjxIa3EoPG544t6V/oUHAnfMYQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPjPlW8grCLWXBvYQP1w52rIvg/AMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvMS1NLVZieUNzSXRaY0c5aEFfWERuYXNpLUQ4QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTQvMTBlOTY1LTc0MDktNDRkOC05NTAyLWNmMGFhM2VjYWQy
OC8xL0NBSzVYT1lqblZKc05hNTZqaXpyU0s2NEsxOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoCJph2
ADANBgkqhkiG9w0BAQsFAAOCAQEAhCoCTzYoxOAShBNRioMp/+U/FRPIiCY/QxOB
I67jJXlwkTFKMgbED+OkbpXU3qY5gyEV4muAJ6WxwSo6i2f8lODAvYMcW3Noy41R
/iTRKGhlzC5oqilI4s+J7rOuURFW+HistUL7OD8wXNEfdBoJJCR7Hu8Ck50WEQAE
foF6OKyDRjCvGcVsgcLSNML45nHaA8V8cdAUbcsi3aSSeBSa6dp2d6aril5JYdnn
lAXoQa523hSzXbPHAwmh7kQPJyNFks91jDG+Tfcv4QmRnxmZLMIsntQ0/9s5bqTx
aEockWsUI3zatkUqlhr8dJYQX2qJ1tTZqDwZDLC3tfmK8v5T7g==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:32 2025 by rpki-client