Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/4h4yGh895UuRYyGrwwH2wq22Qds.roa
File: 4h4yGh895UuRYyGrwwH2wq22Qds.roa (raw, json)
Hash identifier: AfgP3gXqiILQCu8+1JsdUI3xySIpxgiSKr5S2d3rM+U=
Subject key identifier: E2:1E:32:1A:1F:3D:E5:4B:91:63:21:AB:C3:01:F6:C2:AD:B6:41:DB
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAEC8B9D7415DFDE973F27031FC6DC
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/4h4yGh895UuRYyGrwwH2wq22Qds.roa
Signing time: Sun 01 Jan 2023 14:44:53 +0000
ROA not before: Sun 01 Jan 2023 14:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51604
IP address blocks: 2a02:2698:1800::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:ec:8b:9d:74:15:df:de:97:3f:27:03:1f:c6:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e21e321a1f3de54b916321abc301f6c2adb641db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:53:77:6d:c1:c1:be:88:08:76:34:76:72:d7:
1e:b7:5f:79:d4:12:41:18:90:e6:ad:e9:56:17:10:
b9:b5:e7:90:ea:ed:70:2d:73:44:ed:02:cf:ff:f8:
9b:04:1c:c0:b7:29:8e:f1:c2:75:16:fb:01:2d:c2:
06:d5:d7:ae:56:a6:5b:54:34:f4:d6:c7:62:79:82:
3a:5a:ee:ba:8f:63:6a:d0:f8:6c:b6:46:3e:fd:63:
93:9b:35:a6:08:09:8c:be:ee:ee:04:f8:03:9e:fe:
dc:12:f5:12:8d:e6:d0:83:f4:0b:19:d6:5e:43:d8:
28:bd:72:bc:39:ef:47:8d:7c:07:0e:4f:d8:05:ed:
90:93:4e:71:f3:39:75:02:07:53:8d:f0:ff:29:84:
0b:73:f5:94:4f:70:04:24:fa:7b:f3:55:50:a2:05:
44:a0:50:08:38:52:95:a3:3e:05:2a:52:a6:a1:f3:
44:41:d9:7c:9c:b4:d0:5e:25:58:ff:bc:9a:a3:0d:
a9:99:01:79:d6:04:fc:5e:43:9f:f7:b3:25:6d:2e:
f6:98:16:1b:2e:45:a4:b7:a0:62:4b:75:80:dd:d2:
4c:08:5c:88:5a:28:96:f1:c0:32:e1:70:07:24:5d:
42:af:d7:41:7b:4e:73:d1:63:39:cc:4f:c8:1d:48:
b9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:1E:32:1A:1F:3D:E5:4B:91:63:21:AB:C3:01:F6:C2:AD:B6:41:DB
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/4h4yGh895UuRYyGrwwH2wq22Qds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:1800::/38
Signature Algorithm: sha256WithRSAEncryption
00:90:3c:8d:a6:21:04:ad:5d:97:c6:9d:46:d9:1c:74:6b:0e:
5a:4a:33:fa:75:f7:92:e3:a2:c3:26:4b:e7:f5:3f:35:42:71:
4b:d5:7d:23:6e:f7:2a:d8:b6:05:b5:04:02:22:55:4c:7a:91:
16:bc:b5:a7:35:7d:d1:05:f4:16:05:3d:cf:ab:64:f6:6b:6f:
19:0b:32:2b:f1:2b:e6:72:11:e9:2d:ee:b3:90:e4:ab:31:13:
77:a2:f0:86:3b:aa:7c:0f:2e:5f:a9:ae:d4:77:2b:df:79:5f:
70:6d:f9:c3:dc:ec:9c:3a:13:51:20:2d:fc:ea:8c:9d:0f:14:
13:94:32:0d:e2:1b:d8:9e:6e:d4:37:3f:2d:bb:c0:2d:37:37:
3b:4b:f9:c8:de:06:e8:d8:40:f6:be:16:97:05:35:93:a7:94:
a0:1d:27:59:6e:16:93:d0:33:b0:3a:95:0d:48:0f:6d:6c:95:
55:0c:38:7d:73:3f:4a:52:68:7a:f3:69:d2:e6:59:08:2b:90:
7b:c1:00:4e:12:b5:a2:6b:81:a6:f7:7d:f6:d1:02:ff:28:26:
a4:0c:fb:ef:49:30:51:fb:16:77:4a:f8:d5:51:e6:9b:19:1f:
09:2c:14:1c:43:0b:27:1a:ee:52:77:a8:58:89:9b:7f:d0:00:
cc:3d:3b:e4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyuyLnXQV396XPycDH8bcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjFlMzIxYTFmM2RlNTRiOTE2MzIxYWJjMzAxZjZjMmFkYjY0MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVN3bcHBvogIdjR2ctcet1951BJB
GJDmrelWFxC5teeQ6u1wLXNE7QLP//ibBBzAtymO8cJ1FvsBLcIG1deuVqZbVDT0
1sdieYI6Wu66j2Nq0PhstkY+/WOTmzWmCAmMvu7uBPgDnv7cEvUSjebQg/QLGdZe
Q9govXK8Oe9HjXwHDk/YBe2Qk05x8zl1AgdTjfD/KYQLc/WUT3AEJPp781VQogVE
oFAIOFKVoz4FKlKmofNEQdl8nLTQXiVY/7yaow2pmQF51gT8XkOf97MlbS72mBYb
LkWkt6BiS3WA3dJMCFyIWiiW8cAy4XAHJF1Cr9dBe05z0WM5zE/IHUi5+QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOIeMhofPeVLkWMhq8MB9sKttkHbMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvNGg0eUdoODk1VXVSWXlHcnd3SDJ3cTIyUWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmBgw
DQYJKoZIhvcNAQELBQADggEBAACQPI2mIQStXZfGnUbZHHRrDlpKM/p195LjosMm
S+f1PzVCcUvVfSNu9yrYtgW1BAIiVUx6kRa8tac1fdEF9BYFPc+rZPZrbxkLMivx
K+ZyEekt7rOQ5KsxE3ei8IY7qnwPLl+prtR3K995X3Bt+cPc7Jw6E1EgLfzqjJ0P
FBOUMg3iG9iebtQ3Py27wC03NztL+cjeBujYQPa+FpcFNZOnlKAdJ1luFpPQM7A6
lQ1ID21slVUMOH1zP0pSaHrzadLmWQgrkHvBAE4StaJrgab3ffbRAv8oJqQM++9J
MFH7FndK+NVR5psZHwksFBxDCyca7lJ3qFiJm3/QAMw9O+Q=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:55 2025 by rpki-client