Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UAnKBw3bjV8Vg-EU1l-H-MD3yHE.roa
File: UAnKBw3bjV8Vg-EU1l-H-MD3yHE.roa (raw, json)
Hash identifier: rGaDFj65ZQdgrp/gguCDzTuPqnoLrYJpNKYs/xvwEfY=
Subject key identifier: 50:09:CA:07:0D:DB:8D:5F:15:83:E1:14:D6:5F:87:F8:C0:F7:C8:71
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAE32B6F0F43BDC51C5089B8AE0DB6
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UAnKBw3bjV8Vg-EU1l-H-MD3yHE.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42116
IP address blocks: 2a02:2698:4400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e3:2b:6f:0f:43:bd:c5:1c:50:89:b8:ae:0d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5009ca070ddb8d5f1583e114d65f87f8c0f7c871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:05:eb:e9:da:be:32:49:2c:5b:c5:cf:83:2c:
0f:4e:e2:cd:bc:d2:d4:7d:a3:b7:46:72:57:96:03:
ff:be:e2:b8:1b:d3:f1:0d:3d:c7:72:cd:f3:96:96:
b0:4a:f5:8e:71:9d:c2:63:ab:b1:25:b7:40:0c:48:
17:c9:fe:3e:d0:ce:06:68:b2:eb:6d:63:78:9d:58:
6f:af:bc:78:62:5d:79:9d:ce:d7:87:1f:98:07:65:
c7:2b:91:6f:13:4a:6b:58:1c:3e:81:35:82:e9:10:
fb:18:0c:ff:10:c0:23:5f:5f:58:fc:38:70:ba:1f:
a2:63:19:11:40:7b:ab:79:39:ed:0e:30:e2:50:8f:
9f:64:68:90:8e:00:9c:41:da:27:b6:b3:ae:02:c3:
1e:1b:65:7f:d9:7d:b4:bc:f3:a3:6c:64:66:c6:16:
aa:35:db:0f:69:82:72:0d:a5:e2:97:ba:0a:0e:0f:
33:4e:38:f3:8c:ab:0e:60:26:f4:f1:80:aa:ed:bd:
c2:c4:ba:0b:b3:cd:33:54:8e:9a:70:58:f8:8c:9a:
0e:a4:cb:e8:27:6c:6e:bd:b8:27:e7:d1:7b:cf:f5:
35:12:09:93:c9:9a:4a:b5:04:13:77:54:a1:34:d9:
d1:3b:60:be:a4:ec:90:67:25:f3:96:6c:3d:72:b1:
c6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:09:CA:07:0D:DB:8D:5F:15:83:E1:14:D6:5F:87:F8:C0:F7:C8:71
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UAnKBw3bjV8Vg-EU1l-H-MD3yHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:4400::/38
Signature Algorithm: sha256WithRSAEncryption
59:92:91:94:33:05:ca:a7:fd:06:34:fb:97:f0:9a:a2:14:6e:
26:cf:7b:a2:ba:05:c5:62:81:a9:88:0d:44:3b:86:1a:e4:0a:
09:44:f9:70:18:58:66:15:15:80:7c:0d:eb:9a:b9:81:fd:e6:
26:0a:56:12:9f:14:c7:36:a4:ff:bd:53:4b:3f:2c:15:23:51:
f6:34:8e:8e:8a:08:eb:d9:9a:81:33:9d:84:06:63:b7:d1:2b:
a6:8e:a7:4a:1b:fe:71:5a:9e:1a:92:55:e2:9d:2b:c5:da:0d:
d7:db:ac:3f:64:1c:fc:ab:cf:6c:2d:80:92:de:ed:3d:4e:53:
22:01:f4:59:82:3d:b4:0f:8c:87:86:56:42:99:14:bf:c2:63:
5e:25:e4:c1:d1:75:18:29:0a:ba:2e:7f:b9:dc:6f:92:07:ca:
da:11:0c:9a:7d:ec:99:23:cd:13:bd:dd:8b:a6:81:d5:c4:b0:
cf:f5:a3:0f:41:23:dd:a6:f8:d9:12:37:45:53:6a:ca:fe:15:
1b:87:3d:ea:db:cb:df:a5:33:c1:b8:1c:67:55:e5:1c:ff:0d:
d3:14:2f:a3:11:62:1a:89:99:b3:78:2d:6d:38:fc:db:00:d4:
71:af:3c:dc:4a:47:5e:3a:f1:73:1c:ef:9c:9b:67:bc:6a:ec:
12:b5:69:51
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyuMrbw9DvcUcUIm4rg22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDA5Y2EwNzBkZGI4ZDVmMTU4M2UxMTRkNjVmODdmOGMwZjdjODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gXr6dq+MkksW8XPgywPTuLNvNLU
faO3RnJXlgP/vuK4G9PxDT3Hcs3zlpawSvWOcZ3CY6uxJbdADEgXyf4+0M4GaLLr
bWN4nVhvr7x4Yl15nc7Xhx+YB2XHK5FvE0prWBw+gTWC6RD7GAz/EMAjX19Y/Dhw
uh+iYxkRQHureTntDjDiUI+fZGiQjgCcQdontrOuAsMeG2V/2X20vPOjbGRmxhaq
NdsPaYJyDaXil7oKDg8zTjjzjKsOYCb08YCq7b3CxLoLs80zVI6acFj4jJoOpMvo
J2xuvbgn59F7z/U1EgmTyZpKtQQTd1ShNNnRO2C+pOyQZyXzlmw9crHG7QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFAJygcN241fFYPhFNZfh/jA98hxMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvVUFuS0J3M2JqVjhWZy1FVTFsLUgtTUQzeUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmEQw
DQYJKoZIhvcNAQELBQADggEBAFmSkZQzBcqn/QY0+5fwmqIUbibPe6K6BcVigamI
DUQ7hhrkCglE+XAYWGYVFYB8DeuauYH95iYKVhKfFMc2pP+9U0s/LBUjUfY0jo6K
COvZmoEznYQGY7fRK6aOp0ob/nFanhqSVeKdK8XaDdfbrD9kHPyrz2wtgJLe7T1O
UyIB9FmCPbQPjIeGVkKZFL/CY14l5MHRdRgpCrouf7ncb5IHytoRDJp97JkjzRO9
3YumgdXEsM/1ow9BI92m+NkSN0VTasr+FRuHPerby9+lM8G4HGdV5Rz/DdMUL6MR
YhqJmbN4LW04/NsA1HGvPNxKR1468XMc75ybZ7xq7BK1aVE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:07 2025 by rpki-client