Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/G4d6Vi8fwpfBMbAKMprgK-hp9Io.roa
File: G4d6Vi8fwpfBMbAKMprgK-hp9Io.roa (raw, json)
Hash identifier: pSEwB6TkhO46uqD2vIRYPbUeH5EsncPmsM5P6q2Yt9c=
Subject key identifier: 1B:87:7A:56:2F:1F:C2:97:C1:31:B0:0A:32:9A:E0:2B:E8:69:F4:8A
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C5DBCA0A8730DCC60E0938154BF80
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/G4d6Vi8fwpfBMbAKMprgK-hp9Io.roa
Signing time: Wed 01 Jan 2025 01:47:59 +0000
ROA not before: Wed 01 Jan 2025 01:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41754
IP address blocks: 2a02:2698:5c00::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5d:bc:a0:a8:73:0d:cc:60:e0:93:81:54:bf:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b877a562f1fc297c131b00a329ae02be869f48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:66:a5:8c:09:30:d2:08:65:2c:9d:07:03:b3:
a1:90:30:ad:1b:7d:e2:6a:46:c5:cb:70:1c:92:a3:
81:e2:17:5d:17:14:60:20:1d:51:42:88:d8:74:b0:
5c:0a:cd:35:84:0e:04:19:61:fd:64:da:c0:7a:f1:
07:e3:22:de:89:51:ed:fb:d7:40:86:df:27:9c:ca:
9e:42:33:dc:01:cf:9b:91:6e:ab:82:70:3c:c3:cc:
8e:1e:ab:0e:8f:69:77:f8:14:c3:b9:8e:42:be:ae:
38:ec:78:57:0b:45:88:fd:62:d7:3a:9d:36:e5:75:
54:59:58:cd:3c:54:e0:d4:b5:e6:2a:23:14:cf:e9:
a7:2b:d6:1a:8d:b7:37:39:d9:6d:8f:67:0f:7e:04:
a5:6d:32:ce:90:66:68:df:a2:2e:ef:9d:6b:ba:f9:
ff:d6:1d:f0:4a:3f:9c:e6:76:14:f4:1a:f5:a0:30:
0d:9a:35:41:0b:b8:8f:5f:af:90:39:c1:c1:89:61:
17:27:46:a7:2f:4a:ec:63:83:b5:6c:ea:cc:78:d5:
a6:d7:16:e2:f8:1a:9c:fc:54:58:ab:9d:56:b6:2d:
ea:d1:39:5a:66:0f:a4:10:66:3e:fe:cd:81:1e:9f:
20:73:5b:ea:08:32:5f:f4:4b:fb:1c:eb:f7:18:3c:
c6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:87:7A:56:2F:1F:C2:97:C1:31:B0:0A:32:9A:E0:2B:E8:69:F4:8A
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/G4d6Vi8fwpfBMbAKMprgK-hp9Io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5c00::/38
Signature Algorithm: sha256WithRSAEncryption
8a:80:19:1c:5a:9b:da:26:c2:77:d1:a7:92:a3:01:0d:dc:a8:
53:8f:24:63:fc:a1:af:00:78:27:68:c3:b1:4c:75:e9:11:a2:
1b:22:ae:ce:8b:c6:6a:6a:aa:8f:46:0c:d7:63:40:68:b0:bc:
42:53:a2:c1:e4:da:45:a5:2a:93:d9:2f:60:e5:e4:2a:39:9c:
47:f3:91:ea:dc:25:e2:3b:ec:d3:8d:eb:e6:79:ef:86:fe:b9:
82:2d:f2:d0:df:b9:cf:aa:91:ef:5d:88:69:84:1e:fa:a6:84:
1c:e4:05:e8:cb:7c:3c:c5:4b:a6:bb:0e:8c:45:2b:ed:e3:00:
04:2e:14:08:00:46:17:13:2e:aa:31:0a:06:7a:f8:cf:6a:74:
19:c6:63:b0:ee:2e:a0:bb:cb:db:99:5c:3c:4a:49:59:87:05:
eb:86:4a:d7:b9:40:ca:08:7e:5e:53:06:18:3e:c4:1b:09:22:
56:04:7a:bb:51:68:b6:3e:1e:e7:50:2c:8e:57:04:bf:df:5c:
5b:c5:a1:01:a3:ec:2d:03:d3:46:d2:af:66:b7:16:06:ed:16:
7f:d2:60:8a:af:21:30:e2:a9:a5:cf:81:28:cc:2e:fb:7f:8e:
f9:07:1c:cd:75:ff:7c:22:9a:87:21:6d:24:f9:0c:f6:69:00:
3c:2f:e9:8d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjF28oKhzDcxg4JOBVL+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg3N2E1NjJmMWZjMjk3YzEzMWIwMGEzMjlhZTAyYmU4NjlmNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GaljAkw0ghlLJ0HA7OhkDCtG33i
akbFy3AckqOB4hddFxRgIB1RQojYdLBcCs01hA4EGWH9ZNrAevEH4yLeiVHt+9dA
ht8nnMqeQjPcAc+bkW6rgnA8w8yOHqsOj2l3+BTDuY5Cvq447HhXC0WI/WLXOp02
5XVUWVjNPFTg1LXmKiMUz+mnK9Yajbc3Odltj2cPfgSlbTLOkGZo36Iu751ruvn/
1h3wSj+c5nYU9Br1oDANmjVBC7iPX6+QOcHBiWEXJ0anL0rsY4O1bOrMeNWm1xbi
+Bqc/FRYq51Wti3q0TlaZg+kEGY+/s2BHp8gc1vqCDJf9Ev7HOv3GDzGhwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFBuHelYvH8KXwTGwCjKa4CvoafSKMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvRzRkNlZpOGZ3cGZCTWJBS01wcmdLLWhwOUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmFww
DQYJKoZIhvcNAQELBQADggEBAIqAGRxam9omwnfRp5KjAQ3cqFOPJGP8oa8AeCdo
w7FMdekRohsirs6Lxmpqqo9GDNdjQGiwvEJTosHk2kWlKpPZL2Dl5Co5nEfzkerc
JeI77NON6+Z574b+uYIt8tDfuc+qke9diGmEHvqmhBzkBejLfDzFS6a7DoxFK+3j
AAQuFAgARhcTLqoxCgZ6+M9qdBnGY7DuLqC7y9uZXDxKSVmHBeuGSte5QMoIfl5T
Bhg+xBsJIlYEertRaLY+HudQLI5XBL/fXFvFoQGj7C0D00bSr2a3FgbtFn/SYIqv
ITDiqaXPgSjMLvt/jvkHHM11/3wimochbST5DPZpADwv6Y0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:44 2025 by rpki-client