Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/7LkLSHyxsYVbRvQVd-qVgqVSbog.roa
File: 7LkLSHyxsYVbRvQVd-qVgqVSbog.roa (raw, json)
Hash identifier: AUMxmEungwK05uNUcrFP+O9xvOBkOF2y3XIoqKDeYRA=
Subject key identifier: EC:B9:0B:48:7C:B1:B1:85:5B:46:F4:15:77:EA:95:82:A5:52:6E:88
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAE926960E59D07B283C3CAFAFAA62
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/7LkLSHyxsYVbRvQVd-qVgqVSbog.roa
Signing time: Sun 01 Jan 2023 14:44:52 +0000
ROA not before: Sun 01 Jan 2023 14:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50512
IP address blocks: 2a02:2698:400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e9:26:96:0e:59:d0:7b:28:3c:3c:af:af:aa:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecb90b487cb1b1855b46f41577ea9582a5526e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3d:fe:a3:fe:c8:7b:57:cf:20:8c:06:2d:15:
62:54:ad:76:1f:26:63:b9:9e:6d:c2:60:ac:bf:1a:
08:33:78:16:b7:a3:c5:5f:bb:ba:0b:2f:fb:2d:a3:
2f:5d:77:9e:24:3b:16:ec:2b:7e:13:d9:41:f6:fa:
f3:0e:7a:15:f9:c7:6e:21:84:6f:b4:3e:c1:82:c6:
d2:1a:9b:59:3a:0b:9d:1c:f0:a3:37:6b:ca:9a:fb:
74:21:c1:91:0d:c5:1a:24:2e:74:4f:d4:ae:e8:b6:
10:f1:4d:07:18:16:b7:b8:e3:9b:39:de:9f:0c:ed:
9c:50:d4:da:e9:e7:9d:12:bb:9b:50:83:23:21:9e:
88:bc:bd:10:92:84:d6:1a:dd:e2:40:b0:15:0f:c5:
a5:99:1b:fc:8b:19:bd:d6:db:fd:09:b5:fc:d4:46:
d9:dd:54:ea:14:6c:82:1f:e5:e9:80:4b:f5:13:14:
77:a5:63:b0:6f:80:1c:21:4a:da:23:a9:c9:8c:66:
86:2b:bd:05:fa:aa:d3:0a:3f:92:80:a7:b6:de:49:
3f:66:95:b8:6b:71:43:1c:42:8b:6f:48:b6:26:7d:
11:c7:55:f4:a8:29:0c:8c:e7:f2:45:a9:b9:6d:cd:
05:ae:46:2b:f3:ab:15:ce:44:d1:94:fd:fe:6e:19:
e9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B9:0B:48:7C:B1:B1:85:5B:46:F4:15:77:EA:95:82:A5:52:6E:88
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/7LkLSHyxsYVbRvQVd-qVgqVSbog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:400::/38
Signature Algorithm: sha256WithRSAEncryption
58:a2:ea:1a:22:8a:b8:c2:80:2e:8c:cf:f3:08:f0:a0:34:38:
7f:44:0f:e1:c3:13:20:fc:7f:0f:7a:a3:b1:86:b9:61:41:9d:
dd:7d:44:0f:e0:d3:8c:f4:9d:98:23:21:e1:41:9a:26:a7:f6:
f1:6d:92:99:86:04:d3:d4:3b:b7:26:e9:7f:2c:ef:12:58:b8:
60:f3:6d:8a:23:cf:14:5d:cf:34:32:bb:79:ec:47:38:d1:12:
0c:2e:81:08:1d:af:b3:12:9e:39:17:9e:55:f1:03:9c:50:ca:
3e:c4:9f:ac:6f:28:38:5a:dc:a7:f3:cc:96:6f:5b:ef:12:2f:
00:a6:99:e0:3a:8b:90:9e:ee:89:3c:54:44:e4:4d:77:e1:1f:
dc:95:b3:e1:bb:0a:67:6f:0e:29:e5:03:0a:03:7e:bb:1a:e7:
f7:66:48:d6:44:23:58:71:11:73:c8:fb:b4:36:60:47:ce:ad:
d4:d9:82:66:af:ee:a3:85:94:65:40:56:5b:e1:cd:07:1d:ec:
3f:ae:b4:ac:59:c2:25:a6:26:49:f7:dd:94:e6:11:92:e7:f1:
89:f4:87:d1:95:0a:0c:46:3a:9a:90:20:2f:c0:24:27:4a:58:
5e:de:60:5e:5e:fa:50:4c:f3:28:a3:41:73:70:b0:77:66:07:
ec:04:24:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyukmlg5Z0HsoPDyvr6piMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I5MGI0ODdjYjFiMTg1NWI0NmY0MTU3N2VhOTU4MmE1NTI2ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT3+o/7Ie1fPIIwGLRViVK12HyZj
uZ5twmCsvxoIM3gWt6PFX7u6Cy/7LaMvXXeeJDsW7Ct+E9lB9vrzDnoV+cduIYRv
tD7BgsbSGptZOgudHPCjN2vKmvt0IcGRDcUaJC50T9Su6LYQ8U0HGBa3uOObOd6f
DO2cUNTa6eedErubUIMjIZ6IvL0QkoTWGt3iQLAVD8WlmRv8ixm91tv9CbX81EbZ
3VTqFGyCH+XpgEv1ExR3pWOwb4AcIUraI6nJjGaGK70F+qrTCj+SgKe23kk/ZpW4
a3FDHEKLb0i2Jn0Rx1X0qCkMjOfyRam5bc0FrkYr86sVzkTRlP3+bhnpwQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOy5C0h8sbGFW0b0FXfqlYKlUm6IMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvN0xrTFNIeXhzWVZiUnZRVmQtcVZncVZTYm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAQw
DQYJKoZIhvcNAQELBQADggEBAFii6hoiirjCgC6Mz/MI8KA0OH9ED+HDEyD8fw96
o7GGuWFBnd19RA/g04z0nZgjIeFBmian9vFtkpmGBNPUO7cm6X8s7xJYuGDzbYoj
zxRdzzQyu3nsRzjREgwugQgdr7MSnjkXnlXxA5xQyj7En6xvKDha3KfzzJZvW+8S
LwCmmeA6i5Ce7ok8VETkTXfhH9yVs+G7CmdvDinlAwoDfrsa5/dmSNZEI1hxEXPI
+7Q2YEfOrdTZgmav7qOFlGVAVlvhzQcd7D+utKxZwiWmJkn33ZTmEZLn8Yn0h9GV
CgxGOpqQIC/AJCdKWF7eYF5e+lBM8yijQXNwsHdmB+wEJDU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:51 2025 by rpki-client