Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/SrF5yr5Pqaq1Ja-_kcWWL91gbc4.roa
File: SrF5yr5Pqaq1Ja-_kcWWL91gbc4.roa (raw, json)
Hash identifier: 2vqcvGcuZtO87Apo8Qmd6BopBmIN2/9Y++vnVJ5lTDM=
Subject key identifier: 4A:B1:79:CA:BE:4F:A9:AA:B5:25:AF:BF:91:C5:96:2F:DD:60:6D:CE
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C571701021D38CD31CB8E976CD5EF
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/SrF5yr5Pqaq1Ja-_kcWWL91gbc4.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12768
IP address blocks: 2a02:2698::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:57:17:01:02:1d:38:cd:31:cb:8e:97:6c:d5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ab179cabe4fa9aab525afbf91c5962fdd606dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:48:21:eb:40:98:10:74:1e:85:b2:a6:08:be:
10:d1:8d:06:21:6e:53:d2:18:b9:84:6e:e4:f6:a1:
58:f7:1c:3c:9d:e8:4d:0e:63:c3:40:ba:0f:d0:19:
df:fc:61:f6:8b:d2:3f:a9:fd:fb:66:a3:ba:de:91:
82:d6:8a:20:86:1c:1a:b7:e9:70:55:5f:77:bf:2b:
3e:fd:16:2d:0d:6f:a0:6a:79:ba:ae:33:2b:51:e5:
a8:42:c1:cf:fa:6a:9b:b1:83:d9:3f:fe:be:ec:fd:
84:e8:44:15:3e:f7:ce:f6:ec:3e:75:6b:d6:9e:ee:
d8:21:23:62:62:f8:cb:c9:ec:78:ec:ef:ae:96:63:
c2:fb:90:e8:c4:84:49:86:e5:54:9e:89:97:48:1f:
36:35:7e:e0:a1:7e:cf:3b:fe:90:0a:bd:ec:88:da:
12:bd:63:9b:f7:6d:c7:b1:06:d4:b8:63:28:e9:0d:
0d:38:9a:cd:10:cc:76:76:3a:14:79:9a:dc:45:5f:
38:c7:12:2b:b0:b7:23:a9:67:38:30:f7:17:cd:d0:
96:c7:8e:a3:7e:1a:33:01:88:ba:50:e7:51:97:9d:
af:92:9a:56:d7:58:6e:52:23:8c:89:de:ee:f2:05:
f2:e0:8b:18:e1:76:aa:9e:27:80:34:ae:3a:48:0f:
6f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B1:79:CA:BE:4F:A9:AA:B5:25:AF:BF:91:C5:96:2F:DD:60:6D:CE
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/SrF5yr5Pqaq1Ja-_kcWWL91gbc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698::/38
Signature Algorithm: sha256WithRSAEncryption
bb:40:78:e0:ea:bc:9a:f7:cd:da:5d:6c:94:c2:51:b5:3d:78:
ec:8e:a5:ec:d0:ff:5c:d6:7a:d7:dc:62:45:79:17:b2:57:f5:
a0:f1:e0:96:c7:4a:4f:b9:0c:64:e4:e4:35:b9:46:00:17:09:
34:f8:c5:82:99:b5:4d:ea:da:49:4c:bf:78:29:13:88:e7:53:
2b:73:f1:a6:51:84:9c:c3:f3:ed:f3:f5:c3:36:d6:30:94:8d:
a6:e9:c4:ba:c2:77:7f:4f:a1:c9:51:4e:40:b8:88:88:24:bc:
0d:a3:d7:5b:2c:da:f1:e5:92:71:a2:ed:14:de:94:5f:b7:2d:
06:5f:2b:9e:4b:45:05:34:3f:f0:5b:7c:3b:b1:7c:b7:7f:d9:
b8:27:be:bc:57:95:a9:c1:f9:8f:e6:d9:b7:19:37:b0:f7:bb:
ef:0a:8b:98:6a:c9:06:32:97:5e:03:2a:fe:7b:f5:b0:dc:ee:
c5:66:73:e9:74:ef:67:70:ad:0d:9f:57:b7:5c:fa:05:dc:0a:
f5:e3:d0:ec:00:24:f6:1d:72:bf:b2:51:09:4c:eb:3d:c1:f1:
1d:82:c0:57:7a:d9:a3:e8:b1:14:8e:06:1b:ec:10:02:d9:78:
39:25:56:15:a4:5f:c2:47:e1:5f:11:3a:1d:f4:d3:27:e7:cb:
8c:96:9e:73
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjFcXAQIdOM0xy46XbNXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWIxNzljYWJlNGZhOWFhYjUyNWFmYmY5MWM1OTYyZmRkNjA2ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ugh60CYEHQehbKmCL4Q0Y0GIW5T
0hi5hG7k9qFY9xw8nehNDmPDQLoP0Bnf/GH2i9I/qf37ZqO63pGC1ooghhwat+lw
VV93vys+/RYtDW+ganm6rjMrUeWoQsHP+mqbsYPZP/6+7P2E6EQVPvfO9uw+dWvW
nu7YISNiYvjLyex47O+ulmPC+5DoxIRJhuVUnomXSB82NX7goX7PO/6QCr3siNoS
vWOb923HsQbUuGMo6Q0NOJrNEMx2djoUeZrcRV84xxIrsLcjqWc4MPcXzdCWx46j
fhozAYi6UOdRl52vkppW11huUiOMid7u8gXy4IsY4XaqnieANK46SA9vIQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEqxecq+T6mqtSWvv5HFli/dYG3OMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvU3JGNXlyNVBxYXExSmEtX2tjV1dMOTFnYmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmAAw
DQYJKoZIhvcNAQELBQADggEBALtAeODqvJr3zdpdbJTCUbU9eOyOpezQ/1zWetfc
YkV5F7JX9aDx4JbHSk+5DGTk5DW5RgAXCTT4xYKZtU3q2klMv3gpE4jnUytz8aZR
hJzD8+3z9cM21jCUjabpxLrCd39PoclRTkC4iIgkvA2j11ss2vHlknGi7RTelF+3
LQZfK55LRQU0P/BbfDuxfLd/2bgnvrxXlanB+Y/m2bcZN7D3u+8Ki5hqyQYyl14D
Kv579bDc7sVmc+l072dwrQ2fV7dc+gXcCvXj0OwAJPYdcr+yUQlM6z3B8R2CwFd6
2aPosRSOBhvsEALZeDklVhWkX8JH4V8ROh300yfny4yWnnM=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:43 2025 by rpki-client