Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/leAvVKB-KF9YkNjyBGLznG9z208.roa
File: leAvVKB-KF9YkNjyBGLznG9z208.roa (raw, json)
Hash identifier: sNz5PxJVA3WdR6kA9tPYVEIxVQ3UHzFMpibhNTNaOv4=
Subject key identifier: 95:E0:2F:54:A0:7E:28:5F:58:90:D8:F2:04:62:F3:9C:6F:73:DB:4F
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521EAFCBAD274C371E406431024B342
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/leAvVKB-KF9YkNjyBGLznG9z208.roa
Signing time: Thu 02 Jan 2025 03:49:27 +0000
ROA not before: Thu 02 Jan 2025 03:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216132
IP address blocks: 2a0a:280:3700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ea:fc:ba:d2:74:c3:71:e4:06:43:10:24:b3:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95e02f54a07e285f5890d8f20462f39c6f73db4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:49:84:71:6b:59:e6:2c:74:22:fe:83:23:10:
1c:f2:d1:6b:b1:65:e1:9f:4c:24:f2:57:dc:d2:2e:
5d:79:3f:67:67:3f:a2:fa:74:29:30:d7:3f:17:f2:
b4:4f:6c:dd:43:95:50:97:8e:70:9d:54:a5:d3:e1:
83:13:77:02:8f:8a:74:9e:93:fe:33:f0:b3:18:47:
c2:b3:f2:4b:cf:fa:18:fa:69:a8:57:f6:8e:cd:e9:
28:cf:71:c1:2b:c7:80:94:37:15:e9:9e:36:65:33:
da:1e:84:5d:d8:55:5c:62:45:01:35:0b:86:a6:34:
25:39:31:8d:4c:83:4a:bb:45:00:6c:f3:93:da:ca:
05:13:4e:00:fc:8f:c3:6f:0e:96:3c:64:0f:ca:10:
4c:2f:22:db:d1:a1:8c:59:6e:64:63:04:53:b6:2a:
63:5b:7b:1d:da:06:c6:12:7a:b3:0f:e8:36:33:e1:
2d:cc:a5:dd:77:fc:fc:2a:3d:e1:df:b6:a8:1c:13:
e8:2d:d8:b3:a3:a8:8b:b7:f1:72:eb:5d:03:df:f2:
5c:c6:ab:42:b4:26:af:e5:b2:27:74:d1:6d:89:a9:
d2:fd:8f:dc:e9:e8:67:81:04:a7:ed:28:43:d8:eb:
17:58:41:e0:31:06:14:b4:2c:96:bc:62:56:69:e4:
f1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:E0:2F:54:A0:7E:28:5F:58:90:D8:F2:04:62:F3:9C:6F:73:DB:4F
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/leAvVKB-KF9YkNjyBGLznG9z208.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:3700::/40
Signature Algorithm: sha256WithRSAEncryption
a7:5b:1d:d8:d6:d7:3b:8d:18:10:a7:22:75:58:bd:81:29:fa:
e9:c7:87:b5:f8:c2:dc:93:d1:14:01:74:b7:74:9d:4f:4c:e6:
66:8a:79:75:25:7b:27:b4:0d:1d:3c:b7:f6:b3:fe:22:6d:e1:
48:9c:0e:8f:06:5f:73:b1:bc:92:db:2d:fe:a1:00:41:90:0c:
15:4e:2e:89:20:c5:f8:c7:13:09:af:d5:26:bc:de:1c:5c:62:
0c:2c:76:a7:d9:ce:c2:a4:f9:ab:ae:2b:e4:25:15:03:00:da:
c0:13:83:74:c0:0b:fa:a0:7a:1a:80:26:6e:26:af:b2:ed:cb:
34:8f:a3:4c:da:7f:11:7b:aa:5b:c1:60:26:90:85:2c:85:68:
d4:8e:c3:10:32:24:26:b0:7b:93:d6:5d:c8:17:e7:c3:ad:bf:
4a:4b:bb:98:38:36:54:a6:3f:66:f2:1b:b6:79:ec:bb:2d:e7:
1b:92:c9:be:43:2a:87:ef:e7:52:d5:37:0d:f4:5b:ca:15:e5:
1e:3c:0c:f8:d5:3c:ad:ff:ed:8f:d8:89:1b:2d:ab:f8:62:49:
ab:7a:c8:9a:2c:bf:90:64:c4:28:6c:a0:0a:58:18:bf:23:18:
69:38:17:ac:81:fb:5d:04:2e:de:cc:f6:38:2a:d2:c1:a1:6a:
05:21:f6:92
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIer8utJ0w3HkBkMQJLNCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWUwMmY1NGEwN2UyODVmNTg5MGQ4ZjIwNDYyZjM5YzZmNzNkYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EmEcWtZ5ix0Iv6DIxAc8tFrsWXh
n0wk8lfc0i5deT9nZz+i+nQpMNc/F/K0T2zdQ5VQl45wnVSl0+GDE3cCj4p0npP+
M/CzGEfCs/JLz/oY+mmoV/aOzekoz3HBK8eAlDcV6Z42ZTPaHoRd2FVcYkUBNQuG
pjQlOTGNTINKu0UAbPOT2soFE04A/I/Dbw6WPGQPyhBMLyLb0aGMWW5kYwRTtipj
W3sd2gbGEnqzD+g2M+EtzKXdd/z8Kj3h37aoHBPoLdizo6iLt/Fy610D3/JcxqtC
tCav5bIndNFtianS/Y/c6ehngQSn7ShD2OsXWEHgMQYUtCyWvGJWaeTxMwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJXgL1SgfihfWJDY8gRi85xvc9tPMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvbGVBdlZLQi1LRjlZa05qeUJHTHpuRzl6MjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgDcw
DQYJKoZIhvcNAQELBQADggEBAKdbHdjW1zuNGBCnInVYvYEp+unHh7X4wtyT0RQB
dLd0nU9M5maKeXUleye0DR08t/az/iJt4UicDo8GX3OxvJLbLf6hAEGQDBVOLokg
xfjHEwmv1Sa83hxcYgwsdqfZzsKk+auuK+QlFQMA2sATg3TAC/qgehqAJm4mr7Lt
yzSPo0zafxF7qlvBYCaQhSyFaNSOwxAyJCawe5PWXcgX58Otv0pLu5g4NlSmP2by
G7Z57Lst5xuSyb5DKofv51LVNw30W8oV5R48DPjVPK3/7Y/YiRstq/hiSat6yJos
v5BkxChsoApYGL8jGGk4F6yB+10ELt7M9jgq0sGhagUh9pI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:33:19 2025 by rpki-client