Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/xykC7Z4VWnDdgor0e8vzeTNlw9k.roa
File: xykC7Z4VWnDdgor0e8vzeTNlw9k.roa (raw, json)
Hash identifier: WJZvWviCTEEpm1y3+4yA1PLha8gweU/eakSYYaz5hww=
Subject key identifier: C7:29:02:ED:9E:15:5A:70:DD:82:8A:F4:7B:CB:F3:79:33:65:C3:D9
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCADF2ED17E522BBB1740F7C99EE599
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/xykC7Z4VWnDdgor0e8vzeTNlw9k.roa
Signing time: Sun 01 Jan 2023 14:44:49 +0000
ROA not before: Sun 01 Jan 2023 14:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41668
IP address blocks: 2a02:2698:2800::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:df:2e:d1:7e:52:2b:bb:17:40:f7:c9:9e:e5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c72902ed9e155a70dd828af47bcbf3793365c3d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d0:6e:7f:b3:72:c2:c5:d2:21:89:e4:b7:67:
98:ac:24:5a:a6:65:34:d1:69:7b:a0:58:68:d3:e7:
c2:8e:75:90:a9:9e:d5:d9:f1:49:67:8e:fb:ee:bd:
15:13:e3:41:24:fb:ed:7b:19:e5:25:dd:a9:a4:b7:
aa:e7:31:e7:66:e8:f8:7c:49:cd:e1:8e:ce:df:20:
a2:f2:f4:82:ab:17:53:72:71:a3:e5:ca:83:3f:cd:
72:6e:7b:54:26:58:24:25:35:7f:47:4c:eb:df:f4:
17:b5:b4:4f:d3:57:5f:e2:a3:c6:20:d2:12:de:d3:
f0:9c:10:42:26:00:b2:2c:cc:71:4b:cf:84:00:98:
47:4b:d5:cd:fc:ed:3c:e7:92:15:ec:b7:07:3e:53:
9a:68:a2:0a:0c:e9:e3:d8:c1:e6:ec:ad:fc:81:fd:
aa:15:4d:bb:68:e3:52:ae:e5:5d:7b:14:d9:00:12:
c8:81:7d:b3:bc:93:fb:12:d8:df:b4:03:64:8d:bb:
0f:7f:d9:9b:b3:6d:ab:f1:09:7b:c5:51:a2:cc:ae:
bb:a3:a7:0e:4e:d3:3d:8d:5b:5d:e2:10:86:7e:c8:
3d:e8:fd:79:6a:20:c4:39:d3:37:30:6e:3d:24:2e:
f6:8d:04:cf:28:89:50:b4:9d:83:ce:7c:af:7e:ed:
38:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:29:02:ED:9E:15:5A:70:DD:82:8A:F4:7B:CB:F3:79:33:65:C3:D9
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/xykC7Z4VWnDdgor0e8vzeTNlw9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:2800::/38
Signature Algorithm: sha256WithRSAEncryption
36:d6:12:49:57:54:fa:a0:f6:95:75:8b:7e:d4:39:ad:56:2c:
79:0b:06:c4:70:14:db:7b:16:57:16:33:c6:11:b4:51:a5:29:
90:78:12:96:4c:78:77:0f:3c:bc:f0:ad:17:be:fa:4e:b3:9e:
8d:6d:1a:6f:29:e9:de:7b:64:40:fa:61:d5:32:44:95:54:ea:
03:ca:cb:ed:a2:b5:fc:66:16:00:16:2a:c0:5a:d4:fb:eb:07:
4e:32:35:7c:ce:58:e2:22:36:a3:a3:5a:cc:8c:1c:4e:91:d7:
48:13:59:b6:11:85:59:af:4d:f4:f0:c3:c1:8a:60:c7:3f:97:
54:70:a3:e9:9b:e6:06:8e:11:a4:f3:14:df:5c:41:60:6b:22:
c1:96:d7:72:55:c8:57:2d:0e:89:7e:05:aa:db:c9:ec:f1:1b:
ae:47:37:e8:fd:26:56:6e:56:d8:60:ef:c9:63:2e:f1:25:34:
9a:03:94:8d:62:98:8c:7b:6b:f3:38:c4:8f:08:c3:35:03:23:
46:a7:08:d4:67:0f:c8:00:07:cc:8e:9c:ef:15:cc:00:bf:2c:
bc:be:04:14:16:f6:ae:6f:72:fe:3a:2a:f8:6c:4a:1d:b0:55:
e7:7f:83:48:5f:63:f8:5f:21:d6:e0:9f:90:17:48:80:1f:14:
59:a3:38:35
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtyt8u0X5SK7sXQPfJnuWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI5MDJlZDllMTU1YTcwZGQ4MjhhZjQ3YmNiZjM3OTMzNjVjM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdBuf7NywsXSIYnkt2eYrCRapmU0
0Wl7oFho0+fCjnWQqZ7V2fFJZ4777r0VE+NBJPvtexnlJd2ppLeq5zHnZuj4fEnN
4Y7O3yCi8vSCqxdTcnGj5cqDP81ybntUJlgkJTV/R0zr3/QXtbRP01df4qPGINIS
3tPwnBBCJgCyLMxxS8+EAJhHS9XN/O0855IV7LcHPlOaaKIKDOnj2MHm7K38gf2q
FU27aONSruVdexTZABLIgX2zvJP7EtjftANkjbsPf9mbs22r8Ql7xVGizK67o6cO
TtM9jVtd4hCGfsg96P15aiDEOdM3MG49JC72jQTPKIlQtJ2Dznyvfu04bwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMcpAu2eFVpw3YKK9HvL83kzZcPZMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEveHlrQzdaNFZXbkRkZ29yMGU4dnplVE5sdzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmCgw
DQYJKoZIhvcNAQELBQADggEBADbWEklXVPqg9pV1i37UOa1WLHkLBsRwFNt7FlcW
M8YRtFGlKZB4EpZMeHcPPLzwrRe++k6zno1tGm8p6d57ZED6YdUyRJVU6gPKy+2i
tfxmFgAWKsBa1PvrB04yNXzOWOIiNqOjWsyMHE6R10gTWbYRhVmvTfTww8GKYMc/
l1Rwo+mb5gaOEaTzFN9cQWBrIsGW13JVyFctDol+BarbyezxG65HN+j9JlZuVthg
78ljLvElNJoDlI1imIx7a/M4xI8IwzUDI0anCNRnD8gAB8yOnO8VzAC/LLy+BBQW
9q5vcv46KvhsSh2wVed/g0hfY/hfIdbgn5AXSIAfFFmjODU=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:43:47 2025 by rpki-client