Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jgkcv8qegYbyDN6wRlAPO3xXZjY.roa
File: jgkcv8qegYbyDN6wRlAPO3xXZjY.roa (raw, json)
Hash identifier: laMOjZMQ/xyQT9foagSKuAEpj0+zhqt4DMEW3/iCb08=
Subject key identifier: 8E:09:1C:BF:CA:9E:81:86:F2:0C:DE:B0:46:50:0F:3B:7C:57:66:36
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAE0E2873E15F4536DE2EF845B8927
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jgkcv8qegYbyDN6wRlAPO3xXZjY.roa
Signing time: Sun 01 Jan 2023 14:44:50 +0000
ROA not before: Sun 01 Jan 2023 14:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41754
IP address blocks: 2a02:2698:5c00::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e0:e2:87:3e:15:f4:53:6d:e2:ef:84:5b:89:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e091cbfca9e8186f20cdeb046500f3b7c576636
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:ab:ea:d1:3f:3c:ab:eb:52:b2:b5:38:83:
a9:ef:ea:c5:dd:cd:e8:3f:e6:0b:8a:ff:56:08:9c:
6b:f9:e1:9e:a8:de:13:3d:23:72:80:82:76:da:7c:
bf:ec:52:0b:32:5b:cc:8a:72:4d:bd:28:c4:d6:81:
a2:8e:27:44:a9:0f:e5:ba:6b:86:1a:ee:7c:fb:dd:
d8:4c:7b:24:b0:50:5e:88:e6:8c:ff:a2:59:00:6d:
9d:c3:24:aa:f5:7e:a9:da:4d:b7:20:b6:60:20:bd:
32:76:02:79:41:76:aa:30:42:61:d3:03:44:44:56:
e4:c4:2d:93:c4:b8:bf:ad:32:b7:7b:54:fe:4d:71:
e9:70:95:25:cc:ef:eb:21:29:22:56:04:7d:ba:8e:
96:a7:bf:74:13:23:9c:aa:ff:ac:03:80:e6:e2:ce:
17:74:8f:d9:2c:58:d3:a4:47:7f:bb:15:4a:a5:be:
d3:43:23:b5:73:4c:31:dd:99:4f:f4:12:73:e6:db:
b6:54:93:b6:8a:37:95:44:07:d0:ab:f0:19:23:04:
f1:24:d7:44:1f:ae:88:77:4d:02:23:ff:a1:ad:81:
cc:76:cd:93:6f:8c:18:1e:3a:8c:f8:f9:32:44:0d:
ce:76:d6:af:ea:8c:b2:50:76:e4:23:b2:58:a6:4a:
80:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:09:1C:BF:CA:9E:81:86:F2:0C:DE:B0:46:50:0F:3B:7C:57:66:36
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/jgkcv8qegYbyDN6wRlAPO3xXZjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5c00::/38
Signature Algorithm: sha256WithRSAEncryption
0d:b8:67:25:2e:18:5a:3c:43:dc:93:94:fc:c0:46:60:fc:dd:
dc:ad:d0:a2:26:5e:01:a2:59:b8:8d:1c:f1:c0:5c:4c:1d:53:
64:22:a6:63:19:7a:71:6d:08:8f:8e:ed:44:11:27:3f:a4:76:
92:02:db:78:8b:1a:23:0b:8d:60:29:36:0f:59:b5:be:67:87:
b4:75:c4:8a:1d:85:91:ec:1c:95:cb:f5:3f:ef:84:03:42:bc:
a4:fc:2e:84:01:16:df:19:a4:91:96:be:ab:96:90:f2:e4:aa:
b3:64:c4:c3:cb:90:5e:11:62:55:82:36:b9:47:8d:2e:7a:61:
97:78:02:3f:83:dd:88:b4:dc:21:e6:87:cd:08:a7:78:b0:59:
8b:44:c0:c5:bb:40:f6:e6:f3:69:18:79:8c:09:fb:88:4a:4c:
2f:66:99:da:f2:4e:25:a4:49:e6:bb:2b:f4:6e:97:9e:af:ba:
d4:c3:e5:18:e6:70:52:6a:0c:7c:f0:3a:f7:92:44:63:04:fe:
72:de:a6:82:cd:c7:ec:44:3c:b4:2f:22:08:fe:3e:2b:48:08:
f0:c6:e2:bd:6d:e3:d1:2a:64:05:db:1f:04:62:fb:b7:ed:d1:
60:e9:55:5d:f0:7d:5e:44:d3:f9:5b:36:39:f8:f1:89:62:d1:
26:09:6e:1e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyuDihz4V9FNt4u+EW4knMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTA5MWNiZmNhOWU4MTg2ZjIwY2RlYjA0NjUwMGYzYjdjNTc2NjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+Sr6tE/PKvrUrK1OIOp7+rF3c3o
P+YLiv9WCJxr+eGeqN4TPSNygIJ22ny/7FILMlvMinJNvSjE1oGijidEqQ/lumuG
Gu58+93YTHsksFBeiOaM/6JZAG2dwySq9X6p2k23ILZgIL0ydgJ5QXaqMEJh0wNE
RFbkxC2TxLi/rTK3e1T+TXHpcJUlzO/rISkiVgR9uo6Wp790EyOcqv+sA4Dm4s4X
dI/ZLFjTpEd/uxVKpb7TQyO1c0wx3ZlP9BJz5tu2VJO2ijeVRAfQq/AZIwTxJNdE
H66Id00CI/+hrYHMds2Tb4wYHjqM+PkyRA3Odtav6oyyUHbkI7JYpkqAAwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI4JHL/KnoGG8gzesEZQDzt8V2Y2MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvamdrY3Y4cWVnWWJ5RE42d1JsQVBPM3hYWmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmFww
DQYJKoZIhvcNAQELBQADggEBAA24ZyUuGFo8Q9yTlPzARmD83dyt0KImXgGiWbiN
HPHAXEwdU2QipmMZenFtCI+O7UQRJz+kdpIC23iLGiMLjWApNg9Ztb5nh7R1xIod
hZHsHJXL9T/vhANCvKT8LoQBFt8ZpJGWvquWkPLkqrNkxMPLkF4RYlWCNrlHjS56
YZd4Aj+D3Yi03CHmh80Ip3iwWYtEwMW7QPbm82kYeYwJ+4hKTC9mmdryTiWkSea7
K/Rul56vutTD5RjmcFJqDHzwOveSRGME/nLepoLNx+xEPLQvIgj+PitICPDG4r1t
49EqZAXbHwRi+7ft0WDpVV3wfV5E0/lbNjn48Yli0SYJbh4=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:18 2025 by rpki-client