Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/sHn49Wbb5PrrjUwnaQqlFkCVe1w.roa
File: sHn49Wbb5PrrjUwnaQqlFkCVe1w.roa (raw, json)
Hash identifier: Js/zXcmF6Rja4dKWo6EIhgWUvKjRGSk5unEUfI1hOIs=
Subject key identifier: B0:79:F8:F5:66:DB:E4:FA:EB:8D:4C:27:69:0A:A5:16:40:95:7B:5C
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 0194252079F9875EDE848823373694F6205C
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/sHn49Wbb5PrrjUwnaQqlFkCVe1w.roa
Signing time: Thu 02 Jan 2025 03:47:52 +0000
ROA not before: Thu 02 Jan 2025 03:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47910
IP address blocks: 2a02:bc8:38::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:20:79:f9:87:5e:de:84:88:23:37:36:94:f6:20:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Jan 2 03:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b079f8f566dbe4faeb8d4c27690aa51640957b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:a7:97:1e:5b:62:a5:74:39:92:10:04:ca:
d7:93:2f:aa:8f:5a:d6:a0:d7:f9:83:8a:df:b6:08:
18:f6:c5:84:df:b2:37:aa:84:5a:1e:e7:23:da:b0:
e7:99:46:85:a6:ae:ca:45:3d:1f:d5:9a:01:e0:e2:
c6:55:fd:94:6a:9b:01:5d:b9:7d:40:00:38:8f:f8:
30:86:6f:da:39:44:5f:32:3d:e1:4f:1d:49:8e:f0:
41:21:51:07:77:2e:7d:bd:69:e1:24:12:ee:c1:81:
c2:3d:16:ce:db:a3:46:b3:29:55:47:fb:c0:13:a1:
9f:74:44:41:09:d3:9e:c6:ea:07:57:ed:e5:08:40:
97:92:65:2e:f0:15:63:f3:ed:0d:0e:0c:4f:e2:47:
fb:db:f5:79:04:51:9a:08:2f:a5:cd:75:8f:f0:48:
78:d1:6c:d6:59:f5:fb:02:25:09:a0:89:41:90:24:
4c:2e:08:fb:15:31:ce:d9:ab:be:90:4d:25:74:07:
c8:83:2f:5f:0a:70:33:c6:88:ff:c0:62:8c:3b:07:
34:5e:ef:b5:c8:a6:9d:5e:70:16:5f:2f:40:29:b6:
4e:69:66:7e:e5:b9:64:38:f9:1e:f2:d6:2f:53:0e:
57:f3:55:c3:5f:e9:a3:33:09:fe:a4:1e:aa:4d:0e:
11:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:79:F8:F5:66:DB:E4:FA:EB:8D:4C:27:69:0A:A5:16:40:95:7B:5C
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/sHn49Wbb5PrrjUwnaQqlFkCVe1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:bc8:38::/48
Signature Algorithm: sha256WithRSAEncryption
b3:e9:09:f2:70:f2:a2:b3:3a:6e:ca:e7:41:cc:33:37:1f:0b:
68:54:22:a9:05:b5:cb:9b:0e:1b:0f:f7:77:db:e8:99:69:6c:
43:02:1c:2b:42:4c:31:b4:41:e7:01:6c:49:66:9e:52:3d:b3:
6c:ff:18:36:21:db:76:c4:57:17:c6:92:a8:eb:ec:45:9e:a3:
55:ab:d5:10:0f:74:c4:be:4c:84:53:10:c0:83:9d:d3:99:62:
12:7a:f5:ae:0e:f7:4f:a7:83:c3:7d:76:bd:18:bd:42:ca:38:
75:01:87:9f:5a:26:4f:f1:4b:25:ae:18:9d:28:b5:f4:79:f5:
89:37:1f:66:f6:d9:81:b3:1d:bc:62:b6:0e:93:04:36:4d:b2:
0a:85:32:9f:d3:51:c7:34:8f:69:03:b3:07:17:47:a6:d7:7c:
76:32:e7:9e:5d:f2:30:a4:01:fd:86:dc:28:fa:b9:ea:8c:15:
15:42:be:f4:b0:93:93:f4:a2:6a:54:38:52:ff:57:d5:34:c9:
25:b2:0a:34:84:d2:b2:26:e3:24:8a:be:fa:63:62:d4:2c:01:
98:12:d9:19:ee:78:64:9b:c8:04:9c:77:f3:4a:7d:0d:78:ab:
b8:c2:ed:20:1f:b6:4a:70:55:eb:92:64:bc:72:50:51:2a:84:
76:7e:ab:cb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIHn5h17ehIgjNzaU9iBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjUwMTAyMDM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDc5ZjhmNTY2ZGJlNGZhZWI4ZDRjMjc2OTBhYTUxNjQwOTU3YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHenlx5bYqV0OZIQBMrXky+qj1rW
oNf5g4rftggY9sWE37I3qoRaHucj2rDnmUaFpq7KRT0f1ZoB4OLGVf2UapsBXbl9
QAA4j/gwhm/aOURfMj3hTx1JjvBBIVEHdy59vWnhJBLuwYHCPRbO26NGsylVR/vA
E6GfdERBCdOexuoHV+3lCECXkmUu8BVj8+0NDgxP4kf72/V5BFGaCC+lzXWP8Eh4
0WzWWfX7AiUJoIlBkCRMLgj7FTHO2au+kE0ldAfIgy9fCnAzxoj/wGKMOwc0Xu+1
yKadXnAWXy9AKbZOaWZ+5blkOPke8tYvUw5X81XDX+mjMwn+pB6qTQ4RDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLB5+PVm2+T6641MJ2kKpRZAlXtcMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvc0huNDlXYmI1UHJyalV3bmFRcWxGa0NWZTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgILyAA4
MA0GCSqGSIb3DQEBCwUAA4IBAQCz6QnycPKiszpuyudBzDM3HwtoVCKpBbXLmw4b
D/d32+iZaWxDAhwrQkwxtEHnAWxJZp5SPbNs/xg2Idt2xFcXxpKo6+xFnqNVq9UQ
D3TEvkyEUxDAg53TmWISevWuDvdPp4PDfXa9GL1Cyjh1AYefWiZP8UslrhidKLX0
efWJNx9m9tmBsx28YrYOkwQ2TbIKhTKf01HHNI9pA7MHF0em13x2MueeXfIwpAH9
htwo+rnqjBUVQr70sJOT9KJqVDhS/1fVNMklsgo0hNKyJuMkir76Y2LULAGYEtkZ
7nhkm8gEnHfzSn0NeKu4wu0gH7ZKcFXrkmS8clBRKoR2fqvL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:37 2025 by rpki-client