Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/krKBLbVjuzDyN5pTsVMkD6Ogd1M.roa
File: krKBLbVjuzDyN5pTsVMkD6Ogd1M.roa (raw, json)
Hash identifier: EbPxK1M+eFXJF1RiwJyqrXQJC6xowGf6/tnSEJsH3DQ=
Subject key identifier: 92:B2:81:2D:B5:63:BB:30:F2:37:9A:53:B1:53:24:0F:A3:A0:77:53
Certificate issuer: /CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Certificate serial: 019422202D206FB691C817ADACA3CE99DBAF
Authority key identifier: D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/krKBLbVjuzDyN5pTsVMkD6Ogd1M.roa
Signing time: Wed 01 Jan 2025 13:48:41 +0000
ROA not before: Wed 01 Jan 2025 13:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202197
IP address blocks: 2a0e:8f02:21f0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:2d:20:6f:b6:91:c8:17:ad:ac:a3:ce:99:db:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d56ef48ed6155dd7843eed3632469abaa3100bf3
Validity
Not Before: Jan 1 13:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92b2812db563bb30f2379a53b153240fa3a07753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9b:61:f6:53:b6:bf:98:dd:e4:a1:b4:a0:c8:
31:ee:36:f2:a0:53:01:0e:7b:46:d6:a2:31:da:a9:
8d:cc:ef:06:ac:63:91:53:ef:e7:85:0b:c9:d7:c1:
2f:b7:3a:4a:92:f3:17:c8:d7:6d:ec:7d:d4:87:c6:
1e:0a:2c:41:bf:f2:81:52:99:32:14:7e:4a:1b:51:
25:e6:41:de:db:ab:81:99:17:9b:de:af:1a:51:59:
b5:fe:e1:f6:4d:f9:73:39:4e:20:8d:8d:7d:d6:69:
35:28:2a:52:0d:38:ce:db:d4:c3:1e:ee:6e:eb:8f:
bd:3d:dd:36:06:ee:3c:9e:2b:cf:00:d8:b4:c6:8d:
99:aa:e8:52:c0:69:10:c6:53:09:94:ac:87:62:38:
7f:89:67:64:ba:c8:b2:70:95:a8:bf:f7:05:23:fe:
08:bb:9b:0c:60:bb:cf:06:e4:48:c6:f6:3c:a7:44:
64:59:ba:12:d1:66:5e:94:db:53:ec:2f:f1:fe:cf:
90:ea:0d:7f:af:22:32:07:c3:8b:71:35:1d:59:ee:
b4:f0:eb:b0:44:e9:1b:f2:3f:fe:94:d0:b3:61:b5:
0e:2b:d4:30:d6:92:d3:23:f6:71:2b:46:fa:30:c7:
9f:7c:2b:27:2c:bb:e7:7f:b2:70:b9:e8:95:d1:1a:
aa:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B2:81:2D:B5:63:BB:30:F2:37:9A:53:B1:53:24:0F:A3:A0:77:53
X509v3 Authority Key Identifier:
keyid:D5:6E:F4:8E:D6:15:5D:D7:84:3E:ED:36:32:46:9A:BA:A3:10:0B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1W70jtYVXdeEPu02MkaauqMQC_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/krKBLbVjuzDyN5pTsVMkD6Ogd1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/58ff54-3410-4e42-aab8-d2d7f2bb64df/1/1W70jtYVXdeEPu02MkaauqMQC_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:8f02:21f0::/44
Signature Algorithm: sha256WithRSAEncryption
65:c1:ed:b8:12:18:05:da:e8:b3:7f:63:c5:6f:68:73:1f:0a:
0f:05:3f:1b:01:74:55:1b:b2:fe:b3:18:28:d6:eb:fd:9d:1a:
53:af:ad:bc:be:dc:7c:3d:1b:d2:17:b9:ac:66:21:dd:8a:c9:
e5:dd:ed:92:71:8f:14:52:6c:25:a4:34:2c:09:bb:67:b9:f6:
9a:3e:b0:1c:01:ef:ae:2c:9c:68:32:a5:5d:d1:eb:dc:73:cf:
7d:1b:48:b1:91:58:a7:77:b3:67:96:f5:52:fa:f3:83:05:0c:
92:db:ee:b0:dd:ca:9d:b0:c3:3e:37:42:7f:23:79:a0:cb:4b:
74:46:eb:9a:20:46:9a:28:fe:1a:b2:a0:90:2f:6a:8e:6d:d6:
2c:7e:df:81:51:2b:ab:d5:4d:c8:d2:f1:08:6e:21:b4:4e:4f:
fc:f2:4d:12:65:d7:14:67:11:0e:48:2c:8a:22:17:1a:b4:1f:
7b:19:90:c2:ee:67:11:19:78:7b:c8:86:a9:08:31:be:f8:37:
6b:4a:15:ec:94:b0:d2:19:ea:4e:2a:cf:b8:c1:43:0f:35:8e:
c4:52:2d:7b:9a:6f:8f:52:fb:cb:54:0b:a2:47:e6:f5:da:b7:
2d:1f:22:b8:87:31:42:f3:f7:ca:3e:6b:a6:a9:9c:ae:e4:1d:
19:83:13:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiIC0gb7aRyBetrKPOmduvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NmVmNDhlZDYxNTVkZDc4NDNlZWQzNjMyNDY5YWJhYTMx
MDBiZjMwHhcNMjUwMTAxMTM0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmIyODEyZGI1NjNiYjMwZjIzNzlhNTNiMTUzMjQwZmEzYTA3NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJth9lO2v5jd5KG0oMgx7jbyoFMB
DntG1qIx2qmNzO8GrGORU+/nhQvJ18EvtzpKkvMXyNdt7H3Uh8YeCixBv/KBUpky
FH5KG1El5kHe26uBmReb3q8aUVm1/uH2TflzOU4gjY191mk1KCpSDTjO29TDHu5u
64+9Pd02Bu48nivPANi0xo2ZquhSwGkQxlMJlKyHYjh/iWdkusiycJWov/cFI/4I
u5sMYLvPBuRIxvY8p0RkWboS0WZelNtT7C/x/s+Q6g1/ryIyB8OLcTUdWe608Ouw
ROkb8j/+lNCzYbUOK9Qw1pLTI/ZxK0b6MMeffCsnLLvnf7JwueiV0RqqowIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJKygS21Y7sw8jeaU7FTJA+joHdTMB8GA1UdIwQY
MBaAFNVu9I7WFV3XhD7tNjJGmrqjEAvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgt
ZDJkN2YyYmI2NGRmLzEva3JLQkxiVmp1ekR5TjVwVHNWTWtENk9nZDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81OGZmNTQtMzQxMC00ZTQyLWFhYjgtZDJkN2YyYmI2NGRm
LzEvMVc3MGp0WVZYZGVFUHUwMk1rYWF1cU1RQ19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6PAiHw
MA0GCSqGSIb3DQEBCwUAA4IBAQBlwe24EhgF2uizf2PFb2hzHwoPBT8bAXRVG7L+
sxgo1uv9nRpTr628vtx8PRvSF7msZiHdisnl3e2ScY8UUmwlpDQsCbtnufaaPrAc
Ae+uLJxoMqVd0evcc899G0ixkVind7NnlvVS+vODBQyS2+6w3cqdsMM+N0J/I3mg
y0t0RuuaIEaaKP4asqCQL2qObdYsft+BUSur1U3I0vEIbiG0Tk/88k0SZdcUZxEO
SCyKIhcatB97GZDC7mcRGXh7yIapCDG++DdrShXslLDSGepOKs+4wUMPNY7EUi17
mm+PUvvLVAuiR+b12rctHyK4hzFC8/fKPmumqZyu5B0ZgxPw
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:20:43 2025 by rpki-client