Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/IEFAaKCzCFdVifZYMGE18XhqgEM.roa
File: IEFAaKCzCFdVifZYMGE18XhqgEM.roa (raw, json)
Hash identifier: 8tbDMhbVpKWk78mnqvc2A0GCwz44k89Tree0VXuMTVw=
Subject key identifier: 20:41:40:68:A0:B3:08:57:55:89:F6:58:30:61:35:F1:78:6A:80:43
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0181D6FFABEE037CAC7F8A8A2FA0DB66D9C0
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/IEFAaKCzCFdVifZYMGE18XhqgEM.roa
Signing time: Thu 07 Jul 2022 04:51:28 +0000
ROA not before: Thu 07 Jul 2022 04:51:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211221
IP address blocks: 2a02:2698:7600::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d6:ff:ab:ee:03:7c:ac:7f:8a:8a:2f:a0:db:66:d9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jul 7 04:51:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20414068a0b308575589f658306135f1786a8043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0e:7e:47:b0:28:43:b8:02:83:7d:95:de:8c:
63:f9:4d:0b:83:e6:a7:2e:a4:89:b1:3f:e3:d5:b5:
36:2f:04:c1:05:78:84:79:9f:08:4d:20:79:89:e6:
89:e2:a6:f4:59:5c:7e:a7:44:43:e3:19:84:16:9c:
dc:cf:5d:b0:11:17:3a:47:0b:3c:ba:4a:b8:af:06:
a5:83:e8:12:66:9d:6c:e5:52:53:70:61:42:0f:bf:
d8:cf:f5:45:73:d5:4b:3a:a8:87:26:38:b5:d2:74:
14:77:5b:53:b8:e2:7b:8f:97:88:e7:e3:13:ed:9a:
99:7c:c3:0c:9e:31:6e:e4:93:67:15:19:88:18:9d:
ad:aa:0d:00:11:43:60:5b:86:0f:fe:38:17:22:83:
49:4a:7b:66:19:9f:44:17:08:d0:81:6f:ab:49:48:
d1:8b:a5:40:46:d2:49:15:6c:08:35:44:ff:ea:8d:
0d:85:61:f9:46:91:40:18:5c:a3:f4:4b:15:9e:8e:
d6:a0:0f:5d:2a:db:0c:07:66:cc:af:57:f1:30:78:
76:81:23:c1:ba:d5:51:9d:9b:10:52:6c:1c:96:9f:
a5:5e:34:31:dd:e4:22:8d:81:be:ef:a4:ad:8b:77:
78:0e:72:c8:69:fb:8a:c1:bd:82:26:0a:b3:7b:a0:
86:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:41:40:68:A0:B3:08:57:55:89:F6:58:30:61:35:F1:78:6A:80:43
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/IEFAaKCzCFdVifZYMGE18XhqgEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:7600::/48
Signature Algorithm: sha256WithRSAEncryption
59:2f:70:b1:22:7e:5e:30:ba:eb:0f:ef:f9:8a:d5:23:5d:0e:
1a:3b:0f:b8:6e:29:03:e6:11:16:1e:7c:5f:41:df:e3:9f:3b:
46:e5:28:ac:21:33:25:e6:90:01:10:7f:1f:88:60:b3:80:7a:
bf:00:2c:97:26:ee:9c:6a:3a:9a:eb:2b:16:d4:e4:c1:d4:bf:
8f:45:b0:11:97:99:87:6b:64:94:06:f5:42:3f:1c:81:55:93:
31:bc:59:7a:74:93:a0:bd:79:21:c7:2c:78:99:57:59:9b:06:
ec:50:0d:e2:f2:57:fc:56:87:5f:da:22:80:36:d9:b9:27:2d:
e4:a5:28:84:e6:15:20:bc:4d:f0:a9:89:a0:3b:22:7c:0a:65:
50:23:61:44:77:8e:c1:54:ae:15:10:47:66:4b:52:9c:0a:fd:
02:df:03:ec:3c:bd:d3:0f:2b:12:fb:09:73:b0:db:70:63:3d:
a8:b3:a5:91:46:f7:f9:56:1f:0c:5f:32:f3:6c:d0:28:b9:6d:
9d:fa:6b:47:1e:c7:06:d4:bf:b0:68:70:58:1b:f6:b8:0b:0f:
5c:dc:b1:68:0e:bf:56:d6:c8:fe:c0:df:fb:e3:10:59:40:f6:
28:b4:d1:e7:a3:45:d0:50:35:6c:13:14:d3:17:40:3d:07:30:
d1:3c:2b:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYHW/6vuA3ysf4qKL6DbZtnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjIwNzA3MDQ1MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQxNDA2OGEwYjMwODU3NTU4OWY2NTgzMDYxMzVmMTc4NmE4MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw5+R7AoQ7gCg32V3oxj+U0Lg+an
LqSJsT/j1bU2LwTBBXiEeZ8ITSB5ieaJ4qb0WVx+p0RD4xmEFpzcz12wERc6Rws8
ukq4rwalg+gSZp1s5VJTcGFCD7/Yz/VFc9VLOqiHJji10nQUd1tTuOJ7j5eI5+MT
7ZqZfMMMnjFu5JNnFRmIGJ2tqg0AEUNgW4YP/jgXIoNJSntmGZ9EFwjQgW+rSUjR
i6VARtJJFWwINUT/6o0NhWH5RpFAGFyj9EsVno7WoA9dKtsMB2bMr1fxMHh2gSPB
utVRnZsQUmwclp+lXjQx3eQijYG+76Sti3d4DnLIafuKwb2CJgqze6CGTwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCBBQGigswhXVYn2WDBhNfF4aoBDMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvSUVGQWFLQ3pDRmRWaWZaWU1HRTE4WGhxZ0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgImmHYA
MA0GCSqGSIb3DQEBCwUAA4IBAQBZL3CxIn5eMLrrD+/5itUjXQ4aOw+4bikD5hEW
HnxfQd/jnztG5SisITMl5pABEH8fiGCzgHq/ACyXJu6cajqa6ysW1OTB1L+PRbAR
l5mHa2SUBvVCPxyBVZMxvFl6dJOgvXkhxyx4mVdZmwbsUA3i8lf8Vodf2iKANtm5
Jy3kpSiE5hUgvE3wqYmgOyJ8CmVQI2FEd47BVK4VEEdmS1KcCv0C3wPsPL3TDysS
+wlzsNtwYz2os6WRRvf5Vh8MXzLzbNAouW2d+mtHHscG1L+waHBYG/a4Cw9c3LFo
Dr9W1sj+wN/74xBZQPYotNHno0XQUDVsExTTF0A9BzDRPCtv
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:44 2025 by rpki-client