Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/PsSM5b3oLk5wUeBSmklEPX40UQ8.roa
File: PsSM5b3oLk5wUeBSmklEPX40UQ8.roa (raw, json)
Hash identifier: ktnZORaDvt42fZYrrjp7EBxS9xvZh108Mt9SBXfu83A=
Subject key identifier: 3E:C4:8C:E5:BD:E8:2E:4E:70:51:E0:52:9A:49:44:3D:7E:34:51:0F
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C707E5840B8418D3D8C7F1039763A
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/PsSM5b3oLk5wUeBSmklEPX40UQ8.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57044
IP address blocks: 2a02:2698:800::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:70:7e:58:40:b8:41:8d:3d:8c:7f:10:39:76:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ec48ce5bde82e4e7051e0529a49443d7e34510f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:86:21:a0:ab:f8:d2:5d:32:e5:b1:fa:a2:5d:
8f:1f:b9:85:83:21:98:45:24:bc:19:f1:b6:4c:c5:
c2:42:07:a4:65:00:24:56:42:09:d7:d7:10:a0:42:
d7:39:4a:ae:ed:9e:af:df:46:5d:18:9a:cc:36:ad:
68:34:ca:90:58:d3:ad:2a:d9:44:6d:48:f3:62:3b:
78:b4:0e:2d:fc:8e:59:27:4d:a8:f8:b0:77:78:79:
3b:71:1b:99:9f:78:83:d9:2d:16:2b:02:ef:3a:e6:
c6:e9:2d:2c:fd:f4:11:50:d5:d1:1a:d5:65:db:1c:
23:47:de:ef:52:39:93:5c:4c:06:69:76:5d:98:ca:
83:c9:b0:32:6a:b5:ce:22:01:50:7e:eb:41:f2:a7:
d6:7a:8e:28:fa:dd:4b:56:c4:e6:f0:29:08:e0:0a:
16:b5:9b:52:18:b4:8f:a6:9e:4a:6a:3d:02:99:83:
98:8d:66:cf:77:e3:93:fb:26:bb:06:ff:9c:d9:28:
46:9e:fc:fa:20:8b:00:24:f7:ae:63:41:a0:92:97:
e8:a9:e2:27:98:8c:66:e3:51:d7:b8:bd:6a:5e:4f:
58:30:80:59:f4:75:aa:21:97:97:7c:c9:fb:51:81:
ea:9b:f9:4c:6b:22:48:dc:5f:e9:04:35:1f:3d:8e:
c4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C4:8C:E5:BD:E8:2E:4E:70:51:E0:52:9A:49:44:3D:7E:34:51:0F
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/PsSM5b3oLk5wUeBSmklEPX40UQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:800::/38
Signature Algorithm: sha256WithRSAEncryption
92:f7:74:9e:a2:ea:b3:d1:58:9a:ae:67:bb:78:07:6d:f5:f4:
d7:ef:49:ee:cf:ae:01:76:ba:42:ad:55:ef:f5:3e:fa:2a:a4:
58:3f:fa:4b:74:3b:c1:72:0b:18:d6:68:c7:29:de:7e:f6:59:
cc:e0:3a:a1:0a:97:29:82:02:26:61:40:96:0d:8d:32:c8:bc:
a6:57:3a:49:cb:b5:a9:b9:f9:1e:fb:b1:93:31:58:23:45:c8:
75:ea:da:9a:ec:4c:ab:71:64:7a:bc:d5:01:fb:bc:de:f9:e6:
e5:c1:ac:19:b7:55:f6:7e:45:6d:dc:ec:4c:a0:4f:00:5e:e4:
ed:6b:ee:78:01:a9:50:38:49:72:2a:e8:e0:08:8b:05:13:3f:
89:61:5f:8d:9d:df:c9:50:b6:c0:a1:9f:32:c4:54:b8:ed:b3:
1b:54:a7:f3:0d:dd:d4:33:7b:e0:40:da:8b:9f:65:74:ba:af:
dc:b1:e2:7a:56:14:e7:e1:45:0e:bf:46:e2:25:31:d6:3b:5b:
bc:92:27:2a:51:a0:43:26:43:34:f5:bd:13:db:48:bf:28:86:
52:f8:35:ed:ee:d0:4e:e4:c5:3a:d0:56:49:a1:c9:52:03:85:
69:12:ee:6e:87:b5:03:23:40:d7:13:e9:b4:dd:98:a4:31:c0:
70:a2:96:d5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjHB+WEC4QY09jH8QOXY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWM0OGNlNWJkZTgyZTRlNzA1MWUwNTI5YTQ5NDQzZDdlMzQ1MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYYhoKv40l0y5bH6ol2PH7mFgyGY
RSS8GfG2TMXCQgekZQAkVkIJ19cQoELXOUqu7Z6v30ZdGJrMNq1oNMqQWNOtKtlE
bUjzYjt4tA4t/I5ZJ02o+LB3eHk7cRuZn3iD2S0WKwLvOubG6S0s/fQRUNXRGtVl
2xwjR97vUjmTXEwGaXZdmMqDybAyarXOIgFQfutB8qfWeo4o+t1LVsTm8CkI4AoW
tZtSGLSPpp5Kaj0CmYOYjWbPd+OT+ya7Bv+c2ShGnvz6IIsAJPeuY0GgkpfoqeIn
mIxm41HXuL1qXk9YMIBZ9HWqIZeXfMn7UYHqm/lMayJI3F/pBDUfPY7EUwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFD7EjOW96C5OcFHgUppJRD1+NFEPMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvUHNTTTViM29MazV3VWVCU21rbEVQWDQwVVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAgw
DQYJKoZIhvcNAQELBQADggEBAJL3dJ6i6rPRWJquZ7t4B2319NfvSe7PrgF2ukKt
Ve/1PvoqpFg/+kt0O8FyCxjWaMcp3n72WczgOqEKlymCAiZhQJYNjTLIvKZXOknL
tam5+R77sZMxWCNFyHXq2prsTKtxZHq81QH7vN755uXBrBm3VfZ+RW3c7EygTwBe
5O1r7ngBqVA4SXIq6OAIiwUTP4lhX42d38lQtsChnzLEVLjtsxtUp/MN3dQze+BA
2oufZXS6r9yx4npWFOfhRQ6/RuIlMdY7W7ySJypRoEMmQzT1vRPbSL8ohlL4Ne3u
0E7kxTrQVkmhyVIDhWkS7m6HtQMjQNcT6bTdmKQxwHCiltU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:51 2025 by rpki-client