Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/k3SD7Mo8S-wkCGjWHqkku78vk4o.roa
File: k3SD7Mo8S-wkCGjWHqkku78vk4o.roa (raw, json)
Hash identifier: nJKeC1C9D5VB3P7HR1VXT79mmOfAP2khl4fAaXBF83M=
Subject key identifier: 93:74:83:EC:CA:3C:4B:EC:24:08:68:D6:1E:A9:24:BB:BF:2F:93:8A
Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Certificate serial: 019427B6520674F94E7509D8EB23B66822B6
Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/k3SD7Mo8S-wkCGjWHqkku78vk4o.roa
Signing time: Thu 02 Jan 2025 15:50:47 +0000
ROA not before: Thu 02 Jan 2025 15:50:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397517
IP address blocks: 2a01:488:bb14::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:52:06:74:f9:4e:75:09:d8:eb:23:b6:68:22:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b
Validity
Not Before: Jan 2 15:50:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=937483ecca3c4bec240868d61ea924bbbf2f938a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:47:a4:f3:94:4d:c7:b3:59:63:e4:ca:68:f3:
7a:f9:ed:4f:6a:50:e6:b1:75:ff:5f:c1:c4:e2:cd:
13:68:1f:af:94:92:eb:c4:6c:56:85:60:4b:5e:86:
46:58:cb:64:c4:96:9f:9e:87:cf:3b:e9:b8:85:07:
19:ea:e7:98:9d:21:9c:f3:70:0d:2b:d3:6d:8e:7c:
6a:94:f5:eb:16:45:4f:92:d5:a8:47:8e:11:54:0b:
ff:d5:4f:27:77:a4:a0:90:3c:70:55:57:81:0e:b1:
7b:01:d3:1a:cb:40:87:f1:3b:9c:53:4d:72:09:6a:
a0:ed:ae:01:43:eb:f4:3c:67:f8:8d:3d:f1:67:29:
d1:36:c5:5f:e9:67:42:0d:ad:b7:1d:45:d1:b1:54:
19:92:f9:41:1e:47:f6:bb:49:1c:36:e5:1d:9d:6d:
4f:d7:77:60:2e:71:77:22:66:f2:04:35:6f:5a:75:
8d:03:6e:ad:4a:bb:be:bc:aa:c1:6b:6d:30:fa:ec:
55:5d:f4:a5:59:e3:c8:91:80:cf:5f:d3:04:58:83:
77:cc:6d:a3:58:47:af:e6:d7:d4:a8:a8:0c:7d:38:
6a:52:9a:fa:09:f5:20:77:03:1e:ae:a7:b4:d0:f9:
c8:b1:1c:71:7e:7b:c0:d2:1d:ba:45:df:f5:72:70:
c6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:74:83:EC:CA:3C:4B:EC:24:08:68:D6:1E:A9:24:BB:BF:2F:93:8A
X509v3 Authority Key Identifier:
keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/k3SD7Mo8S-wkCGjWHqkku78vk4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:488:bb14::/48
Signature Algorithm: sha256WithRSAEncryption
a7:de:b0:aa:62:32:bb:d0:21:db:40:89:de:c5:b3:d7:ca:f2:
e6:4b:7c:2f:00:88:0c:ff:8c:19:e4:ce:44:37:33:6d:b2:57:
7c:63:cc:8d:a6:f6:02:47:a2:9a:2e:0e:f3:f7:fc:b3:84:50:
9b:07:a1:c3:51:60:c4:3a:05:70:b2:1d:bb:b3:17:bd:a3:61:
6d:34:cb:c8:03:c4:a0:7b:c6:94:85:ba:35:8e:42:e7:87:13:
27:60:1a:d7:75:d6:3d:d4:52:0c:d1:c0:4d:cb:f6:83:3b:02:
55:80:33:f2:39:2b:90:10:d0:82:66:2e:1f:ee:f4:10:9c:e5:
d2:93:b1:46:32:6b:0a:e5:cf:03:50:91:76:a8:38:f6:09:d5:
5e:6a:1b:75:5c:45:8d:f1:58:e1:32:14:46:e5:95:6b:2f:6f:
26:90:70:1c:75:e1:6c:f2:3b:05:f7:cc:f1:45:13:06:34:63:
2c:19:77:d8:c7:ac:e7:46:ff:05:cf:9d:f1:a9:3b:95:ec:50:
9c:41:f6:d0:e7:81:bf:f4:d7:a5:a2:74:b9:0a:e5:5a:1a:bb:
41:44:a7:ef:0a:d5:14:f7:3d:4f:44:15:94:16:eb:c7:91:fb:
a0:60:b3:fa:86:4e:a3:28:7d:c3:5b:91:67:5e:b6:ff:4b:d1:
e5:4c:30:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntlIGdPlOdQnY6yO2aCK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0
ZTk4MWIwHhcNMjUwMTAyMTU1MDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzc0ODNlY2NhM2M0YmVjMjQwODY4ZDYxZWE5MjRiYmJmMmY5MzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkek85RNx7NZY+TKaPN6+e1PalDm
sXX/X8HE4s0TaB+vlJLrxGxWhWBLXoZGWMtkxJafnofPO+m4hQcZ6ueYnSGc83AN
K9NtjnxqlPXrFkVPktWoR44RVAv/1U8nd6SgkDxwVVeBDrF7AdMay0CH8TucU01y
CWqg7a4BQ+v0PGf4jT3xZynRNsVf6WdCDa23HUXRsVQZkvlBHkf2u0kcNuUdnW1P
13dgLnF3ImbyBDVvWnWNA26tSru+vKrBa20w+uxVXfSlWePIkYDPX9MEWIN3zG2j
WEev5tfUqKgMfThqUpr6CfUgdwMerqe00PnIsRxxfnvA0h26Rd/1cnDG4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJN0g+zKPEvsJAho1h6pJLu/L5OKMB8GA1UdIwQY
MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt
MTYxZjM0MjM4N2QxLzEvazNTRDdNbzhTLXdrQ0dqV0hxa2t1Nzh2azRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx
LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsU
MA0GCSqGSIb3DQEBCwUAA4IBAQCn3rCqYjK70CHbQInexbPXyvLmS3wvAIgM/4wZ
5M5ENzNtsld8Y8yNpvYCR6KaLg7z9/yzhFCbB6HDUWDEOgVwsh27sxe9o2FtNMvI
A8Sge8aUhbo1jkLnhxMnYBrXddY91FIM0cBNy/aDOwJVgDPyOSuQENCCZi4f7vQQ
nOXSk7FGMmsK5c8DUJF2qDj2CdVeaht1XEWN8VjhMhRG5ZVrL28mkHAcdeFs8jsF
98zxRRMGNGMsGXfYx6znRv8Fz53xqTuV7FCcQfbQ54G/9NelonS5CuVaGrtBRKfv
CtUU9z1PRBWUFuvHkfugYLP6hk6jKH3DW5FnXrb/S9HlTDCT
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:25 2025 by rpki-client