Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/awsurPFZzg7ad85IQPHsrBZdarQ.roa
File: awsurPFZzg7ad85IQPHsrBZdarQ.roa (raw, json)
Hash identifier: ZwHHfgvn2qPIaT8mrxXkL0FLdRvMzyaj3UB5lF3Ejz4=
Subject key identifier: 6B:0B:2E:AC:F1:59:CE:0E:DA:77:CE:48:40:F1:EC:AC:16:5D:6A:B4
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADA50F4EE508C8F80EBBEF837B886
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/awsurPFZzg7ad85IQPHsrBZdarQ.roa
Signing time: Sun 01 Jan 2023 14:44:48 +0000
ROA not before: Sun 01 Jan 2023 14:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31483
IP address blocks: 2a02:2698:a002::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:da:50:f4:ee:50:8c:8f:80:eb:be:f8:37:b8:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b0b2eacf159ce0eda77ce4840f1ecac165d6ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:31:63:95:9e:b2:62:f9:ef:b5:df:a4:be:37:
c3:f5:37:13:62:fc:7d:f5:2c:c9:18:fb:22:94:22:
e9:be:8b:71:82:4a:ca:1d:4b:ae:2a:36:cd:4c:bb:
29:46:ab:c8:fc:a6:b6:b1:6c:f4:53:70:52:5e:a6:
69:52:c0:4b:07:fe:50:ed:c5:45:2b:75:a8:a8:b4:
6f:72:a3:c4:36:81:eb:d9:7b:71:70:de:9b:31:79:
e6:40:75:9f:dc:42:76:13:a5:f4:d2:04:0b:73:d2:
20:1d:3c:ee:c0:e6:e9:38:4c:2b:d5:86:98:02:4f:
1c:97:66:83:0e:f2:73:62:1a:2b:2e:41:85:a9:16:
81:a3:2d:c0:df:97:ae:1c:ea:c6:74:09:11:c8:3e:
c6:08:33:74:97:c0:fc:10:a1:1f:b5:f4:e1:05:68:
79:53:a7:9f:90:a0:4c:69:fb:01:3f:f4:53:e8:89:
cd:77:c9:fb:0c:ea:4c:11:43:49:db:35:45:28:ac:
43:0a:e0:a3:52:e2:73:9f:81:b1:27:80:13:32:fe:
df:88:44:cc:3d:19:7e:f4:09:2e:47:de:cc:bd:c6:
dd:6e:99:da:33:8e:5d:16:a9:dd:00:d3:7c:0a:43:
38:26:31:cf:fd:6e:e3:79:a3:34:6b:f6:6b:c6:02:
b8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:0B:2E:AC:F1:59:CE:0E:DA:77:CE:48:40:F1:EC:AC:16:5D:6A:B4
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/awsurPFZzg7ad85IQPHsrBZdarQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:a002::/48
Signature Algorithm: sha256WithRSAEncryption
bd:2a:cf:94:17:68:02:ce:88:d5:0b:72:a6:05:c2:0b:f6:9a:
77:39:6d:8f:77:a6:eb:56:ae:43:e8:f9:e1:62:0e:83:8d:96:
aa:8b:6b:be:cb:ef:a8:ed:33:28:5d:56:23:a9:73:71:db:b6:
ab:2e:9e:1a:9f:03:00:86:2e:aa:74:5e:90:9c:b7:b8:32:4e:
d5:a7:15:9c:c7:a2:20:7c:53:4c:db:a7:61:06:2c:1b:2b:ab:
12:0a:75:c9:ed:93:5a:4c:5d:57:f3:ee:4f:d2:84:c4:36:d6:
ed:0d:75:08:24:ff:82:c4:8d:76:f0:44:72:71:0e:bb:3a:f9:
09:f5:50:87:60:09:8e:ab:1d:73:65:15:4f:d9:f5:5e:11:bb:
7e:b9:96:44:d5:a6:d1:40:4c:19:c2:85:0c:18:18:66:51:3d:
09:94:6e:da:b7:a4:b9:93:69:d2:66:70:80:2d:25:05:b0:91:
f8:17:8f:83:bb:6c:55:2e:c3:1b:a0:76:4e:eb:be:68:65:fa:
1d:03:b3:ec:dc:8a:0b:1a:c0:e8:1f:39:9a:1e:77:f7:14:95:
f2:ba:69:3f:b1:7f:9e:5c:64:71:1a:07:63:87:51:34:fd:fd:
f5:b4:ae:0d:4f:00:32:6e:86:a8:60:44:01:ab:7e:d8:b1:92:
47:99:7d:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtytpQ9O5QjI+A6774N7iGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjBiMmVhY2YxNTljZTBlZGE3N2NlNDg0MGYxZWNhYzE2NWQ2YWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTFjlZ6yYvnvtd+kvjfD9TcTYvx9
9SzJGPsilCLpvotxgkrKHUuuKjbNTLspRqvI/Ka2sWz0U3BSXqZpUsBLB/5Q7cVF
K3WoqLRvcqPENoHr2XtxcN6bMXnmQHWf3EJ2E6X00gQLc9IgHTzuwObpOEwr1YaY
Ak8cl2aDDvJzYhorLkGFqRaBoy3A35euHOrGdAkRyD7GCDN0l8D8EKEftfThBWh5
U6efkKBMafsBP/RT6InNd8n7DOpMEUNJ2zVFKKxDCuCjUuJzn4GxJ4ATMv7fiETM
PRl+9AkuR97MvcbdbpnaM45dFqndANN8CkM4JjHP/W7jeaM0a/ZrxgK4owIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGsLLqzxWc4O2nfOSEDx7KwWXWq0MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvYXdzdXJQRlp6ZzdhZDg1SVFQSHNyQlpkYXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgImmKAC
MA0GCSqGSIb3DQEBCwUAA4IBAQC9Ks+UF2gCzojVC3KmBcIL9pp3OW2Pd6brVq5D
6PnhYg6DjZaqi2u+y++o7TMoXVYjqXNx27arLp4anwMAhi6qdF6QnLe4Mk7VpxWc
x6IgfFNM26dhBiwbK6sSCnXJ7ZNaTF1X8+5P0oTENtbtDXUIJP+CxI128ERycQ67
OvkJ9VCHYAmOqx1zZRVP2fVeEbt+uZZE1abRQEwZwoUMGBhmUT0JlG7at6S5k2nS
ZnCALSUFsJH4F4+Du2xVLsMboHZO675oZfodA7Ps3IoLGsDoHzmaHnf3FJXyumk/
sX+eXGRxGgdjh1E0/f31tK4NTwAyboaoYEQBq37YsZJHmX3z
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:33 2025 by rpki-client