Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/jv5AjQiEgUQOR9Bdu3vuXbWrMFM.roa
File: jv5AjQiEgUQOR9Bdu3vuXbWrMFM.roa (raw, json)
Hash identifier: 2DV2bTMok5nhASbXYW9C3vvtRvCp2zGEhY3zcbpmB4c=
Subject key identifier: 8E:FE:40:8D:08:84:81:44:0E:47:D0:5D:BB:7B:EE:5D:B5:AB:30:53
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 019427B659C91022F7F153867B51C5A716BC
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/jv5AjQiEgUQOR9Bdu3vuXbWrMFM.roa
Signing time: Thu 02 Jan 2025 15:50:49 +0000
ROA not before: Thu 02 Jan 2025 15:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398107
IP address blocks: 2a01:488:bb0d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:59:c9:10:22:f7:f1:53:86:7b:51:c5:a7:16:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 15:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8efe408d088481440e47d05dbb7bee5db5ab3053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:40:e3:40:f1:a2:c0:9a:13:91:10:23:c6:b7:
d0:24:78:a7:e0:19:19:58:31:5a:fb:b1:6d:41:4a:
8e:16:ae:f8:39:5d:27:7f:d0:71:5d:c7:d6:de:ad:
03:92:c6:90:98:d7:8d:79:af:88:35:b7:33:0e:78:
25:b9:e4:c5:36:6a:6c:09:85:db:d1:e7:7a:b4:29:
f9:b0:b4:3f:20:ec:5c:28:a5:37:15:62:06:4c:09:
3c:0c:87:c4:4f:a2:e5:63:ca:a9:43:a7:26:c3:3e:
22:80:df:36:42:35:1a:25:84:bb:f0:67:31:30:04:
12:49:a5:1c:4a:81:00:74:28:63:ad:74:9f:e9:fe:
b0:3c:84:29:63:dd:e4:fc:8b:cd:fa:01:47:36:22:
7e:7c:38:17:ac:d4:77:26:d5:9d:cf:20:74:92:2e:
55:5b:d7:cf:9a:65:71:35:23:79:fa:1b:57:25:6e:
d7:19:2a:03:c3:1b:eb:cf:8a:ae:b8:15:8b:11:21:
db:9b:11:8f:65:6b:19:f6:29:99:02:2b:ca:45:27:
02:8c:6f:ca:a9:a1:3f:0a:2e:eb:c5:91:66:71:c4:
92:27:f6:9a:b0:58:6d:75:6e:71:85:69:ee:0c:8b:
ef:2f:8b:f5:56:ec:98:0f:5e:8b:7d:d2:04:ed:01:
5f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FE:40:8D:08:84:81:44:0E:47:D0:5D:BB:7B:EE:5D:B5:AB:30:53
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/jv5AjQiEgUQOR9Bdu3vuXbWrMFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb0d::/48
Signature Algorithm: sha256WithRSAEncryption
87:57:f2:6a:6e:5f:1d:9c:c1:f5:78:71:22:03:ed:ae:dc:58:
36:6c:5f:aa:f1:35:3a:d2:75:46:dd:6d:89:f2:bd:c3:5f:1f:
c4:51:e7:3f:52:7b:9e:d3:90:64:e8:f5:24:a6:84:d9:e0:a6:
b8:d5:27:1e:5b:bd:9b:67:e9:af:12:18:62:8a:75:e7:86:89:
e9:ba:fb:0d:fb:17:ad:37:01:55:af:99:ce:f0:bf:fb:06:77:
2b:3f:0e:fe:5d:7b:84:64:37:b5:39:8c:96:49:2c:da:6a:ee:
dd:eb:f1:b9:fd:29:cd:ce:c3:78:c5:75:72:38:dc:91:82:25:
6f:dd:36:ac:e7:2d:44:93:46:c8:83:bc:ec:e6:62:c4:f5:b4:
3f:07:2f:82:c6:62:f8:90:38:eb:3a:68:64:ea:53:53:d0:4f:
9b:3d:79:54:6e:ed:ec:cb:1b:c5:89:c8:7e:41:3a:21:16:c1:
de:b0:0b:58:6d:c6:fb:8f:46:5d:02:0d:f9:54:6b:0e:59:7c:
87:4d:d9:f0:e8:6d:8b:a7:27:7d:a4:85:d8:bc:b8:be:c7:a8:
7c:3c:9b:cf:d4:e6:77:89:04:9a:5a:cc:83:5f:7a:41:5e:00:
25:56:c6:8e:e1:b9:b0:5c:34:f9:a6:80:1c:1a:b2:21:8a:81:
fd:3e:21:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntlnJECL38VOGe1HFpxa8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjUwMTAyMTU1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWZlNDA4ZDA4ODQ4MTQ0MGU0N2QwNWRiYjdiZWU1ZGI1YWIzMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnkDjQPGiwJoTkRAjxrfQJHin4BkZ
WDFa+7FtQUqOFq74OV0nf9BxXcfW3q0DksaQmNeNea+INbczDnglueTFNmpsCYXb
0ed6tCn5sLQ/IOxcKKU3FWIGTAk8DIfET6LlY8qpQ6cmwz4igN82QjUaJYS78Gcx
MAQSSaUcSoEAdChjrXSf6f6wPIQpY93k/IvN+gFHNiJ+fDgXrNR3JtWdzyB0ki5V
W9fPmmVxNSN5+htXJW7XGSoDwxvrz4quuBWLESHbmxGPZWsZ9imZAivKRScCjG/K
qaE/Ci7rxZFmccSSJ/aasFhtdW5xhWnuDIvvL4v1VuyYD16LfdIE7QFfLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI7+QI0IhIFEDkfQXbt77l21qzBTMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvanY1QWpRaUVnVVFPUjlCZHUzdnVYYldyTUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsN
MA0GCSqGSIb3DQEBCwUAA4IBAQCHV/Jqbl8dnMH1eHEiA+2u3Fg2bF+q8TU60nVG
3W2J8r3DXx/EUec/Unue05Bk6PUkpoTZ4Ka41SceW72bZ+mvEhhiinXnhonpuvsN
+xetNwFVr5nO8L/7BncrPw7+XXuEZDe1OYyWSSzaau7d6/G5/SnNzsN4xXVyONyR
giVv3Tas5y1Ek0bIg7zs5mLE9bQ/By+CxmL4kDjrOmhk6lNT0E+bPXlUbu3syxvF
ich+QTohFsHesAtYbcb7j0ZdAg35VGsOWXyHTdnw6G2Lpyd9pIXYvLi+x6h8PJvP
1OZ3iQSaWsyDX3pBXgAlVsaO4bmwXDT5poAcGrIhioH9PiF+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:56 2025 by rpki-client