Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UiWFIjzAfoDOZakP3RmnIYX80XY.roa
File: UiWFIjzAfoDOZakP3RmnIYX80XY.roa (raw, json)
Hash identifier: f+5Vj/NdH6fGky5AvGpfx47y5ztenuAiYDghu7fNMfc=
Subject key identifier: 52:25:85:22:3C:C0:7E:80:CE:65:A9:0F:DD:19:A7:21:85:FC:D1:76
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAF08F87AEBDA0683EB9E8D6AAE8D8
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UiWFIjzAfoDOZakP3RmnIYX80XY.roa
Signing time: Sun 01 Jan 2023 14:44:54 +0000
ROA not before: Sun 01 Jan 2023 14:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57026
IP address blocks: 2a02:2698:8c00::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:f0:8f:87:ae:bd:a0:68:3e:b9:e8:d6:aa:e8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=522585223cc07e80ce65a90fdd19a72185fcd176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a6:e3:57:0b:56:64:a4:d2:31:6e:61:52:4f:
c6:2f:3f:9e:af:a2:96:ce:3b:84:30:5d:c2:5c:b9:
03:9b:31:b3:14:40:61:e2:5d:ea:43:d4:12:ad:7c:
f1:0c:05:8d:10:a5:bb:36:75:f1:ee:49:81:54:88:
50:e1:c1:31:f1:cf:00:0a:e9:0a:15:8c:e8:a2:1a:
2d:06:c3:5c:fb:e6:2f:0d:4c:ee:d9:33:92:8c:9a:
6f:1a:15:87:7e:67:b6:63:bb:5c:da:58:88:66:31:
a5:62:3f:67:38:9c:4e:ad:59:21:fc:62:62:e3:16:
20:4d:89:db:40:e6:f4:82:6f:b8:a1:68:4e:79:60:
b8:4d:c8:c2:b2:33:cd:4a:6d:56:c8:64:a2:93:66:
6e:e6:19:c5:3c:2f:97:64:f0:58:68:8a:7a:05:3e:
ad:1d:53:c9:9d:e0:9b:aa:f7:b6:e9:56:f1:88:c1:
4a:cc:5b:d6:f9:04:93:cd:6b:7f:eb:ad:9e:d0:6c:
ec:53:f4:4f:45:97:de:8f:e3:ea:47:b3:30:ec:99:
84:09:40:7b:bd:ee:a6:d5:43:27:9a:fd:36:06:25:
74:73:e9:ec:cc:b7:ca:7b:1e:01:05:ee:cd:59:28:
46:29:9a:ef:54:ec:a0:7b:f7:61:1e:13:9f:49:23:
4f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:25:85:22:3C:C0:7E:80:CE:65:A9:0F:DD:19:A7:21:85:FC:D1:76
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/UiWFIjzAfoDOZakP3RmnIYX80XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:8c00::/38
Signature Algorithm: sha256WithRSAEncryption
d3:5d:0a:c1:7b:9c:db:02:e7:19:f6:73:73:9d:7e:c6:d9:9f:
27:b8:46:a2:42:21:61:27:8e:c9:fc:e9:82:11:48:49:60:14:
c1:fb:75:23:2b:49:da:4c:a0:bf:32:39:79:4a:fb:09:80:ba:
b7:1d:7d:c6:a0:f6:c7:37:fa:b4:36:bb:b2:dc:b8:4e:f8:24:
b2:04:2d:a4:bd:ad:59:fe:16:a5:f4:1c:99:48:af:9c:aa:5c:
4a:b0:c0:57:fc:12:a1:fe:2a:c7:a3:88:37:92:9c:b5:73:e3:
5a:cc:c3:13:8f:ed:9b:5a:d3:09:32:09:bf:98:71:15:74:36:
d6:c0:e8:5d:e3:4a:ac:e4:af:79:d0:2b:24:69:03:3a:74:31:
5a:1f:ca:84:c1:20:b3:4e:79:03:72:e9:59:0a:1a:73:2e:9a:
7a:b3:1d:95:78:52:a5:4c:c4:a7:2b:ad:d6:23:13:18:58:6a:
a6:98:f6:af:60:c0:ff:6d:d8:f4:70:ac:32:74:73:1b:7c:dd:
c7:f6:36:0b:50:f0:bf:51:c7:5a:76:0d:15:8b:b7:e5:d9:b6:
62:aa:80:78:e6:5e:a5:ee:6b:3c:16:de:37:9a:84:e1:a0:72:
03:6b:12:e3:c5:53:94:66:a1:9f:4f:56:ad:f1:3a:fe:f0:45:
50:8d:fe:3b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyvCPh669oGg+uejWqujYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjI1ODUyMjNjYzA3ZTgwY2U2NWE5MGZkZDE5YTcyMTg1ZmNkMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KbjVwtWZKTSMW5hUk/GLz+er6KW
zjuEMF3CXLkDmzGzFEBh4l3qQ9QSrXzxDAWNEKW7NnXx7kmBVIhQ4cEx8c8ACukK
FYzoohotBsNc++YvDUzu2TOSjJpvGhWHfme2Y7tc2liIZjGlYj9nOJxOrVkh/GJi
4xYgTYnbQOb0gm+4oWhOeWC4TcjCsjPNSm1WyGSik2Zu5hnFPC+XZPBYaIp6BT6t
HVPJneCbqve26VbxiMFKzFvW+QSTzWt/662e0GzsU/RPRZfej+PqR7Mw7JmECUB7
ve6m1UMnmv02BiV0c+nszLfKex4BBe7NWShGKZrvVOyge/dhHhOfSSNPCwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFIlhSI8wH6AzmWpD90ZpyGF/NF2MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvVWlXRklqekFmb0RPWmFrUDNSbW5JWVg4MFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmIww
DQYJKoZIhvcNAQELBQADggEBANNdCsF7nNsC5xn2c3OdfsbZnye4RqJCIWEnjsn8
6YIRSElgFMH7dSMrSdpMoL8yOXlK+wmAurcdfcag9sc3+rQ2u7LcuE74JLIELaS9
rVn+FqX0HJlIr5yqXEqwwFf8EqH+KsejiDeSnLVz41rMwxOP7Zta0wkyCb+YcRV0
NtbA6F3jSqzkr3nQKyRpAzp0MVofyoTBILNOeQNy6VkKGnMumnqzHZV4UqVMxKcr
rdYjExhYaqaY9q9gwP9t2PRwrDJ0cxt83cf2NgtQ8L9Rx1p2DRWLt+XZtmKqgHjm
XqXuazwW3jeahOGgcgNrEuPFU5RmoZ9PVq3xOv7wRVCN/js=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:12 2025 by rpki-client