Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/KhUy9UUnOlFas6aD25pl3uvHOgo.roa
File: KhUy9UUnOlFas6aD25pl3uvHOgo.roa (raw, json)
Hash identifier: pRLRdQeFQBTTu2BRQ6e6LQQWDfH1gqbpxEW93Q6xIJk=
Subject key identifier: 2A:15:32:F5:45:27:3A:51:5A:B3:A6:83:DB:9A:65:DE:EB:C7:3A:0A
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C71861A27171337DD942140F66BB0
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/KhUy9UUnOlFas6aD25pl3uvHOgo.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59713
IP address blocks: 2a02:2698:3800::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:71:86:1a:27:17:13:37:dd:94:21:40:f6:6b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a1532f545273a515ab3a683db9a65deebc73a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e2:f9:0b:79:f7:97:14:a2:6c:7b:82:d9:49:
84:72:f9:6d:33:3f:ec:75:89:d4:18:52:2b:d0:df:
06:5f:89:bf:1c:b9:50:b9:8f:4c:45:34:be:0b:24:
17:93:59:57:8a:21:15:92:b5:ca:6d:91:bc:50:9e:
c7:82:aa:e6:07:d5:55:de:d6:5f:75:fd:29:47:24:
1e:ef:1c:3d:12:1b:4f:54:fc:32:d3:9a:81:08:9e:
b7:a0:61:1e:2b:2e:c6:92:cf:5c:e0:37:c6:77:d0:
31:c4:e7:c2:28:dc:20:ea:35:bc:86:12:30:13:6e:
d0:b7:db:06:78:30:5d:63:fc:7a:23:f5:f0:90:44:
17:93:16:8b:07:9c:ae:89:b2:8d:e8:ca:72:4d:42:
8e:f4:8f:a7:73:0f:ae:a7:b7:39:0c:34:03:c3:df:
55:5c:fa:4f:bc:97:2e:10:ac:6c:97:45:cd:7e:a7:
bf:92:5d:ce:11:a2:5d:21:90:12:fe:34:ac:e5:73:
6b:c4:d2:3a:49:98:cc:fa:53:7b:81:b2:a8:20:09:
56:c8:22:b6:27:d9:4d:ac:c2:ff:8b:d9:50:78:69:
f2:33:ff:4f:09:d6:9d:e6:02:f3:ba:d8:d7:00:dd:
52:b7:4e:2f:f0:4f:10:84:6c:2f:4b:0f:95:a5:0e:
cd:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:15:32:F5:45:27:3A:51:5A:B3:A6:83:DB:9A:65:DE:EB:C7:3A:0A
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/KhUy9UUnOlFas6aD25pl3uvHOgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:3800::/38
Signature Algorithm: sha256WithRSAEncryption
d8:ec:b7:0f:8e:09:b1:2f:5d:65:7b:f4:a9:2d:90:f1:5a:00:
11:59:2e:4f:a3:5c:88:06:29:d4:c7:c3:8f:5b:a2:35:4f:32:
8a:03:ef:69:19:14:28:b7:4c:9d:aa:e3:25:35:64:e2:c3:68:
93:06:32:b8:d5:fb:07:a7:59:e8:e6:92:85:73:2b:8c:93:88:
0d:70:4f:e8:d3:1e:ad:2d:9f:1d:b0:11:67:88:99:71:88:73:
be:e4:34:2b:0f:7e:d0:5a:77:05:27:79:92:f2:6f:b1:42:d1:
29:77:e8:8a:2e:8c:b7:47:0b:da:f5:fc:b6:01:9a:c0:56:8e:
f5:4c:a8:e5:66:f9:f4:0b:03:1c:42:a7:31:ff:9d:9c:61:b9:
63:85:ae:4b:83:9c:be:00:e6:c9:14:0b:de:0a:0e:56:75:9a:
95:b3:52:8d:49:b6:bd:c6:47:ad:b1:5e:75:6e:00:12:1d:d0:
6e:90:60:fb:27:5b:e1:2b:f1:a3:96:97:b1:f7:84:40:7f:2a:
7a:cc:18:de:d2:fe:9e:0e:19:f2:23:62:1e:76:59:c2:92:67:
c4:ff:2f:c5:2e:f1:e4:71:b7:44:a9:b1:68:9e:9a:e1:86:1c:
05:11:e4:f8:46:f6:7e:23:89:30:70:f7:40:0c:a7:3a:6e:ad:
99:03:de:7d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjHGGGicXEzfdlCFA9muwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE1MzJmNTQ1MjczYTUxNWFiM2E2ODNkYjlhNjVkZWViYzczYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+L5C3n3lxSibHuC2UmEcvltMz/s
dYnUGFIr0N8GX4m/HLlQuY9MRTS+CyQXk1lXiiEVkrXKbZG8UJ7HgqrmB9VV3tZf
df0pRyQe7xw9EhtPVPwy05qBCJ63oGEeKy7Gks9c4DfGd9AxxOfCKNwg6jW8hhIw
E27Qt9sGeDBdY/x6I/XwkEQXkxaLB5yuibKN6MpyTUKO9I+ncw+up7c5DDQDw99V
XPpPvJcuEKxsl0XNfqe/kl3OEaJdIZAS/jSs5XNrxNI6SZjM+lN7gbKoIAlWyCK2
J9lNrML/i9lQeGnyM/9PCdad5gLzutjXAN1St04v8E8QhGwvSw+VpQ7NIQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCoVMvVFJzpRWrOmg9uaZd7rxzoKMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvS2hVeTlVVW5PbEZhczZhRDI1cGwzdXZIT2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmDgw
DQYJKoZIhvcNAQELBQADggEBANjstw+OCbEvXWV79KktkPFaABFZLk+jXIgGKdTH
w49bojVPMooD72kZFCi3TJ2q4yU1ZOLDaJMGMrjV+wenWejmkoVzK4yTiA1wT+jT
Hq0tnx2wEWeImXGIc77kNCsPftBadwUneZLyb7FC0Sl36IoujLdHC9r1/LYBmsBW
jvVMqOVm+fQLAxxCpzH/nZxhuWOFrkuDnL4A5skUC94KDlZ1mpWzUo1Jtr3GR62x
XnVuABId0G6QYPsnW+Er8aOWl7H3hEB/KnrMGN7S/p4OGfIjYh52WcKSZ8T/L8Uu
8eRxt0SpsWiemuGGHAUR5PhG9n4jiTBw90AMpzpurZkD3n0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:40 2025 by rpki-client