Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/9M9vOIFtqRTwr8pFo9MOZ6UPDbM.roa
File: 9M9vOIFtqRTwr8pFo9MOZ6UPDbM.roa (raw, json)
Hash identifier: PsREz5SAtoQLOfyN3ekuZeiartHQE1jjVLsSoC7YRhI=
Subject key identifier: F4:CF:6F:38:81:6D:A9:14:F0:AF:CA:45:A3:D3:0E:67:A5:0F:0D:B3
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 0194266C291363180C0296D8614181195996
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/9M9vOIFtqRTwr8pFo9MOZ6UPDbM.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215310
IP address blocks: 2a13:a704::/31 maxlen: 31
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:29:13:63:18:0c:02:96:d8:61:41:81:19:59:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4cf6f38816da914f0afca45a3d30e67a50f0db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c8:90:83:fc:72:a5:d6:3a:c4:bf:aa:f0:1d:
28:d8:16:b4:9c:92:93:3e:b7:d5:70:e8:b1:db:3e:
7f:4c:9b:34:32:fd:f3:53:7c:f9:c0:cb:75:4f:9d:
9b:1c:5b:23:64:1d:d9:d3:2f:5d:2f:b8:fc:c8:81:
b1:42:54:bb:a8:a0:96:6e:d2:87:01:59:56:fa:fc:
a3:9f:57:0b:6c:12:81:60:96:db:54:e9:ce:8a:e6:
2b:f6:4f:0a:82:62:04:fd:83:17:41:01:d3:f7:16:
ac:e4:33:4e:be:de:d5:d0:96:46:7b:44:80:dd:8f:
48:c9:33:ba:b3:0a:60:ef:80:fa:49:80:1d:42:90:
2f:46:59:0e:25:aa:c6:be:e6:a8:7d:84:b9:d2:4f:
9e:e8:8e:60:a5:6e:74:24:5f:be:6b:7f:6c:45:65:
ed:19:cc:ad:70:e6:5c:09:8a:ec:da:a8:71:2c:d2:
59:b0:09:f7:18:2e:86:a7:e0:c6:5f:6e:8a:62:9c:
4c:60:b3:a9:74:01:1c:17:d9:6c:d0:b2:37:e7:b8:
65:d5:e5:fb:e0:b5:9e:32:43:53:13:4a:e3:02:f2:
19:0e:95:56:6d:68:e9:ff:78:47:03:88:27:fa:b2:
d9:a7:39:a4:6a:a9:31:50:5d:41:c7:99:37:e7:9c:
aa:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CF:6F:38:81:6D:A9:14:F0:AF:CA:45:A3:D3:0E:67:A5:0F:0D:B3
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/9M9vOIFtqRTwr8pFo9MOZ6UPDbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a704::/31
Signature Algorithm: sha256WithRSAEncryption
3f:b5:e0:aa:09:49:45:c2:ba:6a:c7:51:e4:ea:9c:79:9d:57:
2e:9f:25:90:dc:b8:a1:40:b1:e6:78:0d:1d:e9:45:fe:5c:8f:
a0:c3:35:d2:fb:a3:4d:ed:42:ee:2f:34:28:76:da:44:04:76:
b8:28:9f:1b:2e:7d:4d:6a:c2:4a:58:52:6f:ca:f4:ff:aa:9c:
bf:3f:ef:56:c6:9b:1a:99:e2:9c:aa:f1:40:d2:17:13:c7:38:
c0:96:3e:2f:70:5c:50:2f:2d:a2:10:72:17:c6:14:23:3a:24:
cf:51:45:87:39:2b:35:43:6a:4f:35:bd:bd:03:26:67:ca:fc:
a0:20:8a:16:0e:79:d8:5a:0f:34:65:fa:e9:77:fa:bc:af:e2:
a5:c9:52:3c:9b:a7:e5:cb:03:06:90:0d:7d:2d:18:1d:e4:cb:
c5:f3:cc:e0:ad:31:34:1b:36:09:81:20:4e:a5:dd:a7:79:84:
6a:8d:70:ed:19:ff:93:f1:af:58:c2:10:db:76:07:e3:16:fa:
2c:7d:d3:94:e4:d9:7e:5c:1e:c4:9f:8d:ee:b4:34:4f:14:1b:
a3:35:dd:8d:56:bb:a1:bf:2d:91:a3:5d:42:bd:66:99:bf:e5:
92:ef:ed:1a:57:0b:17:bb:06:c2:78:3d:f5:a7:c8:0b:0b:89:
2f:e4:d7:61
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbCkTYxgMApbYYUGBGVmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGNmNmYzODgxNmRhOTE0ZjBhZmNhNDVhM2QzMGU2N2E1MGYwZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsiQg/xypdY6xL+q8B0o2Ba0nJKT
PrfVcOix2z5/TJs0Mv3zU3z5wMt1T52bHFsjZB3Z0y9dL7j8yIGxQlS7qKCWbtKH
AVlW+vyjn1cLbBKBYJbbVOnOiuYr9k8KgmIE/YMXQQHT9xas5DNOvt7V0JZGe0SA
3Y9IyTO6swpg74D6SYAdQpAvRlkOJarGvuaofYS50k+e6I5gpW50JF++a39sRWXt
GcytcOZcCYrs2qhxLNJZsAn3GC6Gp+DGX26KYpxMYLOpdAEcF9ls0LI357hl1eX7
4LWeMkNTE0rjAvIZDpVWbWjp/3hHA4gn+rLZpzmkaqkxUF1Bx5k355yqswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPTPbziBbakU8K/KRaPTDmelDw2zMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvOU05dk9JRnRxUlR3cjhwRm85TU9aNlVQRGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBKhOnBDAN
BgkqhkiG9w0BAQsFAAOCAQEAP7XgqglJRcK6asdR5OqceZ1XLp8lkNy4oUCx5ngN
HelF/lyPoMM10vujTe1C7i80KHbaRAR2uCifGy59TWrCSlhSb8r0/6qcvz/vVsab
GpninKrxQNIXE8c4wJY+L3BcUC8tohByF8YUIzokz1FFhzkrNUNqTzW9vQMmZ8r8
oCCKFg552FoPNGX66Xf6vK/ipclSPJun5csDBpANfS0YHeTLxfPM4K0xNBs2CYEg
TqXdp3mEao1w7Rn/k/GvWMIQ23YH4xb6LH3TlOTZflwexJ+N7rQ0TxQbozXdjVa7
ob8tkaNdQr1mmb/lku/tGlcLF7sGwng99afICwuJL+TXYQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:04:09 2025 by rpki-client