Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jY7niDqbHThw-tNhaxyppo0lcEY.roa
File: jY7niDqbHThw-tNhaxyppo0lcEY.roa (raw, json)
Hash identifier: V1mUjItVWw410qTmkUZlb5i/69zvNslDL21/SgXV274=
Subject key identifier: 8D:8E:E7:88:3A:9B:1D:38:70:FA:D3:61:6B:1C:A9:A6:8D:25:70:46
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C6D286887CD0E5BCD979F3ABA85F9
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jY7niDqbHThw-tNhaxyppo0lcEY.roa
Signing time: Wed 01 Jan 2025 01:48:04 +0000
ROA not before: Wed 01 Jan 2025 01:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56420
IP address blocks: 2a02:2698:6400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:6d:28:68:87:cd:0e:5b:cd:97:9f:3a:ba:85:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d8ee7883a9b1d3870fad3616b1ca9a68d257046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ec:fd:17:7d:cf:9f:ba:f8:f3:f8:b4:cc:59:
0b:49:dc:1a:d1:65:22:f4:4f:15:f7:10:90:97:f3:
67:46:7b:cd:aa:4a:c8:d1:25:aa:8d:99:a3:b3:ac:
9d:99:80:a2:48:f1:59:33:b2:c1:90:a3:08:5e:6b:
d0:83:e5:b7:51:7d:f4:95:22:29:b3:a9:95:e6:80:
8e:ec:72:12:48:92:d5:28:26:2e:1f:e7:e1:80:fd:
68:85:e2:29:09:02:43:6a:bf:42:db:45:74:df:de:
82:1b:af:d2:98:fa:ae:4a:35:dc:fb:fd:13:e6:61:
30:ae:1d:95:0d:51:14:7a:62:cc:a5:61:6b:38:04:
7e:62:54:8a:21:89:99:37:88:f6:6a:16:07:e8:fa:
c5:8e:f7:ea:05:65:7a:41:41:5a:06:2f:a8:74:a2:
44:db:e0:ea:3c:bd:8f:4f:e7:d2:30:f4:f4:68:77:
31:74:1e:5c:77:34:85:57:2f:f0:59:a8:09:06:89:
99:cf:81:2e:0f:1f:e8:27:a1:3c:f9:53:79:01:3e:
dd:34:9d:05:fe:34:d1:6a:9a:12:45:76:b0:67:e4:
be:de:c1:30:01:47:a3:a0:64:40:d9:02:f0:ed:14:
40:49:a1:e9:a2:e9:e5:57:dc:03:5b:20:b9:c5:3e:
e9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8E:E7:88:3A:9B:1D:38:70:FA:D3:61:6B:1C:A9:A6:8D:25:70:46
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jY7niDqbHThw-tNhaxyppo0lcEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:6400::/38
Signature Algorithm: sha256WithRSAEncryption
79:7f:86:48:3d:9a:f1:32:2d:6a:91:f7:34:92:23:10:8f:b3:
20:2c:8e:f7:08:e1:ba:40:01:75:c1:bb:b6:ae:5e:b4:ff:77:
90:11:0e:c2:0c:01:5a:c8:5a:fd:78:ec:99:12:cb:aa:2c:ea:
6a:bf:0a:ea:16:c9:29:61:77:df:f1:b4:89:74:aa:c8:df:2a:
62:dd:ae:1a:c4:ce:06:be:21:c7:35:76:2d:6e:14:c4:a8:2c:
ef:bf:41:48:ff:4b:fb:b6:9a:d6:58:3c:64:7b:d0:7c:a4:eb:
c4:fd:6a:2f:d2:de:10:46:21:c4:bb:99:fc:62:d3:66:81:24:
f8:a8:57:df:ad:0e:27:06:05:a9:7d:8a:ff:e2:d2:c8:16:e7:
91:b8:33:49:d4:38:a5:7b:f5:36:ca:0d:ba:9e:df:49:5e:c7:
7a:22:62:48:62:aa:10:ad:8a:19:2d:04:d9:c9:6e:74:a7:54:
40:45:9b:36:cd:03:49:dc:f6:71:a1:3d:63:d4:96:58:97:5e:
d9:1b:56:54:b3:ee:40:d7:09:eb:a4:a7:19:59:49:b1:3e:d7:
22:a2:db:20:b8:fa:54:50:dd:5f:9c:21:5f:58:c1:cb:bf:a1:
da:e8:e7:4c:60:0d:7a:99:a4:a1:c4:56:24:22:c7:63:3d:bb:
e5:09:78:ac
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjG0oaIfNDlvNl586uoX5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDhlZTc4ODNhOWIxZDM4NzBmYWQzNjE2YjFjYTlhNjhkMjU3MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOz9F33Pn7r48/i0zFkLSdwa0WUi
9E8V9xCQl/NnRnvNqkrI0SWqjZmjs6ydmYCiSPFZM7LBkKMIXmvQg+W3UX30lSIp
s6mV5oCO7HISSJLVKCYuH+fhgP1oheIpCQJDar9C20V0396CG6/SmPquSjXc+/0T
5mEwrh2VDVEUemLMpWFrOAR+YlSKIYmZN4j2ahYH6PrFjvfqBWV6QUFaBi+odKJE
2+DqPL2PT+fSMPT0aHcxdB5cdzSFVy/wWagJBomZz4EuDx/oJ6E8+VN5AT7dNJ0F
/jTRapoSRXawZ+S+3sEwAUejoGRA2QLw7RRASaHpounlV9wDWyC5xT7pxQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI2O54g6mx04cPrTYWscqaaNJXBGMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvalk3bmlEcWJIVGh3LXROaGF4eXBwbzBsY0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGQw
DQYJKoZIhvcNAQELBQADggEBAHl/hkg9mvEyLWqR9zSSIxCPsyAsjvcI4bpAAXXB
u7auXrT/d5ARDsIMAVrIWv147JkSy6os6mq/CuoWySlhd9/xtIl0qsjfKmLdrhrE
zga+Icc1di1uFMSoLO+/QUj/S/u2mtZYPGR70Hyk68T9ai/S3hBGIcS7mfxi02aB
JPioV9+tDicGBal9iv/i0sgW55G4M0nUOKV79TbKDbqe30lex3oiYkhiqhCtihkt
BNnJbnSnVEBFmzbNA0nc9nGhPWPUlliXXtkbVlSz7kDXCeukpxlZSbE+1yKi2yC4
+lRQ3V+cIV9Ywcu/odro50xgDXqZpKHEViQix2M9u+UJeKw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:19 2025 by rpki-client