Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/DN8DQEopeZn2s_vginrteZyRblg.roa
File: DN8DQEopeZn2s_vginrteZyRblg.roa (raw, json)
Hash identifier: zusAIGD0N+4YFi9tXrSAhBA0eAPQf96DOjVae8bFzrU=
Subject key identifier: 0C:DF:03:40:4A:29:79:99:F6:B3:FB:E0:8A:7A:ED:79:9C:91:6E:58
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C6808C10E978A147A0BFE936003EA
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/DN8DQEopeZn2s_vginrteZyRblg.roa
Signing time: Wed 01 Jan 2025 01:48:02 +0000
ROA not before: Wed 01 Jan 2025 01:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51570
IP address blocks: 2a02:2698:6c00::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:68:08:c1:0e:97:8a:14:7a:0b:fe:93:60:03:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cdf03404a297999f6b3fbe08a7aed799c916e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b3:94:b8:9c:58:78:a5:b0:d9:93:78:eb:c7:
69:98:d5:f8:0e:0e:1e:8c:9c:cb:d9:c3:46:7b:03:
b2:3b:e9:6d:48:ee:c2:25:9e:19:d0:03:d9:ff:3e:
3a:80:c2:d6:fd:64:64:9e:ac:10:55:6a:14:c6:83:
99:97:a9:41:3b:a8:84:18:04:4c:57:7d:a3:28:cf:
5f:4a:31:dd:1f:0e:c8:b6:8d:cb:59:5a:38:24:6d:
cc:98:75:a8:2e:0f:34:a5:88:9c:20:7a:1a:5e:2d:
c3:e6:f8:6c:fb:1a:20:8a:87:d3:8b:0c:a3:a4:28:
c3:af:c1:15:c7:1a:1c:94:1d:b4:2a:73:42:6c:39:
c6:5c:ad:09:4e:86:84:fe:ef:0a:57:b4:14:1a:5b:
3b:44:b2:33:3b:c0:54:66:e9:39:86:a6:ce:f5:06:
8d:e6:22:f1:9f:7d:67:f8:55:db:65:a7:fa:48:d5:
e3:91:48:89:07:b9:1f:40:6c:78:2b:43:9d:be:5e:
64:b7:9c:64:58:90:1c:52:51:9d:8c:49:7e:fe:bd:
c8:a4:ed:d3:28:ad:b8:ed:4b:f3:43:26:53:88:35:
51:c5:3a:24:7b:da:2c:02:97:47:1a:e9:c0:08:36:
c0:4e:71:fd:08:f1:73:b7:e5:72:53:d7:49:a5:5b:
0b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DF:03:40:4A:29:79:99:F6:B3:FB:E0:8A:7A:ED:79:9C:91:6E:58
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/DN8DQEopeZn2s_vginrteZyRblg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6c00::/38
Signature Algorithm: sha256WithRSAEncryption
d1:15:17:66:cf:9e:37:a9:5d:18:b8:8a:10:f7:10:22:51:ea:
77:c5:f6:aa:b3:d7:8d:da:0b:ed:03:c7:d1:01:49:3e:e2:11:
91:3d:28:b1:50:33:94:dd:a4:bf:91:65:e1:02:69:2e:bf:cd:
0a:5d:24:33:16:94:0f:b4:ba:59:7a:fe:d6:51:84:84:e6:63:
30:ed:c3:b6:0b:52:d0:71:15:d9:16:2e:f7:99:c8:d3:95:e2:
45:c4:64:48:02:5f:5a:62:48:90:a6:df:1d:3c:9c:30:48:88:
0d:d3:28:da:04:5b:73:69:ef:87:00:c7:cb:86:cf:b9:da:b3:
3c:ce:75:a0:8b:28:6b:56:5b:f7:28:36:53:b1:e6:3f:22:46:
e3:e9:80:13:8f:9b:c6:f5:90:6b:52:81:55:13:e5:b6:ad:1b:
e0:c0:b4:f5:6b:6d:cb:e4:d9:11:13:66:f4:18:46:12:3b:5c:
ec:bd:b2:a5:92:1d:ba:99:6a:5c:79:c6:4b:40:c1:c7:3c:28:
7f:58:39:86:2b:4b:b7:03:68:60:aa:86:34:a8:7f:e9:e0:f1:
d6:97:0d:06:5c:91:b3:14:fe:41:ca:84:ef:94:d2:53:57:88:
0e:f5:0f:27:d2:19:03:14:5e:a3:1f:dc:ac:fa:1e:6e:87:f6:
e7:47:39:71
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjGgIwQ6XihR6C/6TYAPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RmMDM0MDRhMjk3OTk5ZjZiM2ZiZTA4YTdhZWQ3OTljOTE2ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrOUuJxYeKWw2ZN468dpmNX4Dg4e
jJzL2cNGewOyO+ltSO7CJZ4Z0APZ/z46gMLW/WRknqwQVWoUxoOZl6lBO6iEGARM
V32jKM9fSjHdHw7Ito3LWVo4JG3MmHWoLg80pYicIHoaXi3D5vhs+xogiofTiwyj
pCjDr8EVxxoclB20KnNCbDnGXK0JToaE/u8KV7QUGls7RLIzO8BUZuk5hqbO9QaN
5iLxn31n+FXbZaf6SNXjkUiJB7kfQGx4K0Odvl5kt5xkWJAcUlGdjEl+/r3IpO3T
KK247UvzQyZTiDVRxToke9osApdHGunACDbATnH9CPFzt+VyU9dJpVsLfwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAzfA0BKKXmZ9rP74Ip67XmckW5YMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvRE44RFFFb3BlWm4yc192Z2lucnRlWnlSYmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGww
DQYJKoZIhvcNAQELBQADggEBANEVF2bPnjepXRi4ihD3ECJR6nfF9qqz143aC+0D
x9EBST7iEZE9KLFQM5TdpL+RZeECaS6/zQpdJDMWlA+0ull6/tZRhITmYzDtw7YL
UtBxFdkWLveZyNOV4kXEZEgCX1piSJCm3x08nDBIiA3TKNoEW3Np74cAx8uGz7na
szzOdaCLKGtWW/coNlOx5j8iRuPpgBOPm8b1kGtSgVUT5batG+DAtPVrbcvk2RET
ZvQYRhI7XOy9sqWSHbqZalx5xktAwcc8KH9YOYYrS7cDaGCqhjSof+ng8daXDQZc
kbMU/kHKhO+U0lNXiA71DyfSGQMUXqMf3Kz6Hm6H9udHOXE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:18 2025 by rpki-client