Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/ip9eSePm8Y75YEH12AjUg5YYt1Q.roa
File: ip9eSePm8Y75YEH12AjUg5YYt1Q.roa (raw, json)
Hash identifier: Zh/noVMEWF/EQrP9CnaEuMBJgWDLkVvWB4iaEU0MbS8=
Subject key identifier: 8A:9F:5E:49:E3:E6:F1:8E:F9:60:41:F5:D8:08:D4:83:96:18:B7:54
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 019425FD4EAA5924C7E6495651368AEC9710
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/ip9eSePm8Y75YEH12AjUg5YYt1Q.roa
Signing time: Thu 02 Jan 2025 07:49:05 +0000
ROA not before: Thu 02 Jan 2025 07:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a14:2500::/29 maxlen: 29
2a14:2700::/29 maxlen: 29
2a14:2b00::/29 maxlen: 29
2a14:2d00::/29 maxlen: 29
2a14:2f00::/29 maxlen: 29
2a14:3300::/29 maxlen: 29
2a14:3500::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4e:aa:59:24:c7:e6:49:56:51:36:8a:ec:97:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Jan 2 07:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a9f5e49e3e6f18ef96041f5d808d4839618b754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e3:a6:8a:5e:31:cf:47:8a:d0:9b:e0:51:e8:
23:12:29:23:6a:dd:3b:b4:02:5f:65:ec:a0:d6:81:
28:d1:75:47:0f:80:32:c9:32:52:d8:99:79:b1:e6:
84:f3:0c:00:9e:e4:3c:c9:e0:83:f3:55:5e:e0:d4:
49:f7:06:a0:a2:30:e5:a2:57:b3:7a:9c:bb:d1:9a:
68:3d:b4:cf:e4:78:4b:4f:96:60:9c:e0:26:2f:4b:
30:fa:78:75:05:f5:6f:88:f3:d1:8f:32:de:e4:3c:
f4:a6:15:ef:ff:4c:20:c4:f5:21:d9:19:94:57:14:
89:91:78:41:8f:9d:d0:02:f0:46:85:98:7f:a4:fa:
4e:7c:a8:b6:4c:c2:09:21:be:ae:32:c8:8f:4b:a9:
5d:50:07:21:d4:96:ce:1f:b3:aa:c6:3f:2d:9e:da:
aa:42:57:76:32:d8:e7:06:28:05:c5:19:3e:29:14:
c4:14:be:9a:a9:a5:81:ca:c6:39:75:70:eb:b9:c0:
be:23:c1:73:75:75:a8:cb:e4:a8:e2:9c:89:0c:d8:
1d:82:02:35:78:5d:e4:6e:2b:4e:4c:5f:b1:1d:d9:
bd:97:9a:6b:56:5f:4b:b4:e9:74:e9:b3:ee:69:d0:
18:15:70:0a:db:6c:de:aa:51:52:1d:fa:1e:06:cf:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9F:5E:49:E3:E6:F1:8E:F9:60:41:F5:D8:08:D4:83:96:18:B7:54
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/ip9eSePm8Y75YEH12AjUg5YYt1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:2500::/29
2a14:2700::/29
2a14:2b00::/29
2a14:2d00::/29
2a14:2f00::/29
2a14:3300::/29
2a14:3500::/29
Signature Algorithm: sha256WithRSAEncryption
5f:81:36:1b:f6:ad:1a:8b:ba:4d:ba:82:40:8d:b9:44:33:ef:
9d:52:68:43:1e:b9:1d:5f:c4:70:de:11:cb:10:ea:fa:7b:b6:
d0:5c:a7:ea:39:35:1b:3f:8a:4d:b9:28:ce:b7:8d:94:8c:42:
80:11:52:c7:b6:a2:8d:25:2e:5a:32:11:d7:3d:3f:51:45:84:
4e:52:eb:73:e6:23:d8:02:0d:6c:c7:1c:f6:67:0f:81:fc:63:
b2:90:3b:73:0f:16:6c:82:13:43:91:b2:57:83:a1:1b:f9:a2:
0b:a9:33:07:02:62:5e:6c:72:a8:8d:58:8d:3d:90:30:2d:3b:
34:ba:10:ad:22:a8:30:eb:1f:32:03:b4:c0:6a:94:99:7f:b9:
56:e0:f9:13:d2:b6:f4:1a:98:16:fd:ca:a5:9e:2b:36:6e:cc:
3d:e8:63:45:46:a1:34:e5:25:6a:db:ba:fa:04:c6:40:ad:90:
e4:9c:e1:01:59:82:dc:2a:f4:4d:63:c0:ec:4d:7f:27:4b:2f:
97:37:f2:28:fe:07:b4:55:93:fd:08:69:3b:62:cf:17:90:fe:
62:17:5e:f6:16:a9:36:39:46:02:95:f2:58:3a:25:6c:06:6a:
06:e6:17:25:99:83:e0:50:40:79:67:a6:c5:94:45:b6:6f:5f:
ad:77:7c:f0
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQl/U6qWSTH5klWUTaK7JcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjUwMTAyMDc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTlmNWU0OWUzZTZmMThlZjk2MDQxZjVkODA4ZDQ4Mzk2MThiNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuOmil4xz0eK0JvgUegjEikjat07
tAJfZeyg1oEo0XVHD4AyyTJS2Jl5seaE8wwAnuQ8yeCD81Ve4NRJ9wagojDlolez
epy70ZpoPbTP5HhLT5ZgnOAmL0sw+nh1BfVviPPRjzLe5Dz0phXv/0wgxPUh2RmU
VxSJkXhBj53QAvBGhZh/pPpOfKi2TMIJIb6uMsiPS6ldUAch1JbOH7Oqxj8tntqq
Qld2MtjnBigFxRk+KRTEFL6aqaWBysY5dXDrucC+I8FzdXWoy+So4pyJDNgdggI1
eF3kbitOTF+xHdm9l5prVl9LtOl06bPuadAYFXAK22zeqlFSHfoeBs9DyQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIqfXknj5vGO+WBB9dgI1IOWGLdUMB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvaXA5ZVNlUG04WTc1WUVIMTJBalVnNVlZdDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKhQlAAMF
AyoUJwADBQMqFCsAAwUDKhQtAAMFAyoULwADBQMqFDMAAwUDKhQ1ADANBgkqhkiG
9w0BAQsFAAOCAQEAX4E2G/atGou6TbqCQI25RDPvnVJoQx65HV/EcN4RyxDq+nu2
0Fyn6jk1Gz+KTbkozreNlIxCgBFSx7aijSUuWjIR1z0/UUWETlLrc+Yj2AINbMcc
9mcPgfxjspA7cw8WbIITQ5GyV4OhG/miC6kzBwJiXmxyqI1YjT2QMC07NLoQrSKo
MOsfMgO0wGqUmX+5VuD5E9K29BqYFv3KpZ4rNm7MPehjRUahNOUlatu6+gTGQK2Q
5JzhAVmC3Cr0TWPA7E1/J0svlzfyKP4HtFWT/QhpO2LPF5D+Yhde9hapNjlGApXy
WDolbAZqBuYXJZmD4FBAeWemxZRFtm9frXd88A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:01:53 2025 by rpki-client