Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KTpNzA2qjMJ1iMXMUq1EMOHYBlU.roa
File: KTpNzA2qjMJ1iMXMUq1EMOHYBlU.roa (raw, json)
Hash identifier: I8WUJOybzBtB4d8EP9mt7jdakpB+aKnCIklvz/rUhng=
Subject key identifier: 29:3A:4D:CC:0D:AA:8C:C2:75:88:C5:CC:52:AD:44:30:E1:D8:06:55
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747F3784E0D7A57BF5D73BBD21676DC
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KTpNzA2qjMJ1iMXMUq1EMOHYBlU.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213115
IP address blocks: 2a0b:b87:ffb0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f3:78:4e:0d:7a:57:bf:5d:73:bb:d2:16:76:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=293a4dcc0daa8cc27588c5cc52ad4430e1d80655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:38:ee:66:3c:b7:05:b6:00:66:ec:12:98:01:
84:91:35:f0:1a:1a:2d:e1:5d:ab:61:e9:d7:bc:98:
ae:7a:22:b3:2c:b5:8d:f8:e0:9b:4e:86:1b:69:7b:
c1:a4:20:d1:27:5f:d9:cc:e9:f0:e0:00:16:6b:0e:
fb:13:7a:95:1a:ac:9f:c3:d2:a7:97:27:53:1f:ca:
c9:36:01:3a:69:cc:f5:c3:23:4d:07:03:ec:49:86:
fc:1a:94:e6:b7:3f:47:20:b0:f4:f2:69:cb:78:1d:
29:65:09:71:bf:45:d6:89:cd:5d:c5:ac:5c:03:e5:
48:fd:f1:32:01:c8:f3:d0:61:9a:65:2e:13:7e:b2:
20:9f:65:f8:8a:ae:f9:8c:7e:6a:b3:e3:aa:d5:0b:
52:f0:68:fc:2e:b0:48:5c:c0:5a:4f:0f:d9:d9:a4:
34:f4:d1:12:a7:b2:47:cd:31:65:67:e6:91:52:9c:
b3:93:0b:91:6e:bc:ea:9f:07:1c:50:0c:c8:ce:74:
bc:52:0b:ba:f5:91:17:50:3b:96:a0:c1:fb:66:90:
b3:b9:af:5e:2a:45:6d:69:31:4d:3a:ef:26:fb:35:
37:ad:2b:fb:ba:28:7f:ab:85:94:99:5d:d8:06:d7:
60:eb:3c:64:d4:3d:af:b3:ea:dd:5c:2f:54:89:8d:
6d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:3A:4D:CC:0D:AA:8C:C2:75:88:C5:CC:52:AD:44:30:E1:D8:06:55
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/KTpNzA2qjMJ1iMXMUq1EMOHYBlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffb0::/48
Signature Algorithm: sha256WithRSAEncryption
5f:fd:78:9c:59:b2:0c:07:6f:23:f0:d9:86:0a:99:32:9b:c6:
27:bc:4a:cd:d2:88:88:e0:39:17:12:64:d2:dd:aa:b1:4f:22:
e6:dd:da:60:1c:9e:04:b0:a0:01:06:27:86:b4:ab:80:23:0a:
8c:53:a0:9e:cd:eb:9a:4a:6c:63:34:86:8a:d4:7f:31:49:7e:
00:40:73:da:a5:e9:fb:a0:75:de:77:2e:37:f7:f4:b8:4e:80:
1c:68:f6:ee:f5:66:7e:dc:75:12:01:ca:ef:ac:7f:54:a5:43:
95:1f:ff:14:2a:44:04:d5:c3:7c:6c:1a:87:32:7f:80:c1:5b:
66:39:8b:46:4b:65:d3:51:fc:b4:88:e4:cd:9e:db:8b:b2:84:
b3:9c:f3:af:25:7b:7f:64:22:16:12:ed:02:67:fa:97:d0:ce:
1a:49:6e:d6:01:5f:eb:6b:59:24:ba:b8:c7:dc:51:2d:80:02:
ec:07:86:c4:09:2a:6e:2b:54:15:68:eb:c6:58:69:fe:f7:25:
86:5d:d4:50:7b:9a:c8:dc:b5:a3:de:4a:32:fe:80:78:c0:d4:
27:8b:8f:04:ca:ed:dd:d6:8a:3a:b1:79:e0:8f:ea:d3:71:5e:
3f:39:9b:71:aa:58:4f:51:41:60:76:46:de:d0:1e:f1:a3:b5:
4d:d2:d6:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR/N4Tg16V79dc7vSFnbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTNhNGRjYzBkYWE4Y2MyNzU4OGM1Y2M1MmFkNDQzMGUxZDgwNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zjuZjy3BbYAZuwSmAGEkTXwGhot
4V2rYenXvJiueiKzLLWN+OCbToYbaXvBpCDRJ1/ZzOnw4AAWaw77E3qVGqyfw9Kn
lydTH8rJNgE6acz1wyNNBwPsSYb8GpTmtz9HILD08mnLeB0pZQlxv0XWic1dxaxc
A+VI/fEyAcjz0GGaZS4TfrIgn2X4iq75jH5qs+Oq1QtS8Gj8LrBIXMBaTw/Z2aQ0
9NESp7JHzTFlZ+aRUpyzkwuRbrzqnwccUAzIznS8Ugu69ZEXUDuWoMH7ZpCzua9e
KkVtaTFNOu8m+zU3rSv7uih/q4WUmV3YBtdg6zxk1D2vs+rdXC9UiY1ttwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCk6TcwNqozCdYjFzFKtRDDh2AZVMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvS1RwTnpBMnFqTUoxaU1YTVVxMUVNT0hZQmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+w
MA0GCSqGSIb3DQEBCwUAA4IBAQBf/XicWbIMB28j8NmGCpkym8YnvErN0oiI4DkX
EmTS3aqxTyLm3dpgHJ4EsKABBieGtKuAIwqMU6CezeuaSmxjNIaK1H8xSX4AQHPa
pen7oHXedy439/S4ToAcaPbu9WZ+3HUSAcrvrH9UpUOVH/8UKkQE1cN8bBqHMn+A
wVtmOYtGS2XTUfy0iOTNntuLsoSznPOvJXt/ZCIWEu0CZ/qX0M4aSW7WAV/ra1kk
urjH3FEtgALsB4bECSpuK1QVaOvGWGn+9yWGXdRQe5rI3LWj3koy/oB4wNQni48E
yu3d1oo6sXngj+rTcV4/OZtxqlhPUUFgdkbe0B7xo7VN0tYS
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:57:39 2025 by rpki-client