Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/GsnOL5iHHrW6oQXApcRlDxJejY0.roa
File: GsnOL5iHHrW6oQXApcRlDxJejY0.roa (raw, json)
Hash identifier: ouWbGoaZHSfSjzbvHbi5NQp6GPK98y84LC+ZBJMKIe4=
Subject key identifier: 1A:C9:CE:2F:98:87:1E:B5:BA:A1:05:C0:A5:C4:65:0F:12:5E:8D:8D
Certificate issuer: /CN=5ec1769d3ff042124698e31c472b63bbf1bbb5ad
Certificate serial: 019427B5A63CABEE922D8129FE21C0496221
Authority key identifier: 5E:C1:76:9D:3F:F0:42:12:46:98:E3:1C:47:2B:63:BB:F1:BB:B5:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XsF2nT_wQhJGmOMcRytju_G7ta0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/GsnOL5iHHrW6oQXApcRlDxJejY0.roa
Signing time: Thu 02 Jan 2025 15:50:03 +0000
ROA not before: Thu 02 Jan 2025 15:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 2a14:1040::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:a6:3c:ab:ee:92:2d:81:29:fe:21:c0:49:62:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ec1769d3ff042124698e31c472b63bbf1bbb5ad
Validity
Not Before: Jan 2 15:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ac9ce2f98871eb5baa105c0a5c4650f125e8d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2f:81:99:d2:79:49:fc:b1:7f:7e:56:0b:a1:
17:b1:3f:d0:4b:f1:ad:a3:63:1d:61:2a:37:06:42:
e4:cb:c7:6b:3c:bf:e3:d2:9c:9a:d7:fb:00:20:d0:
9f:ab:10:81:9b:ba:ff:71:bc:17:c3:4b:69:29:4e:
a4:24:8c:45:a2:95:02:6a:e9:af:07:6c:0a:43:57:
42:e6:e0:c0:d8:5a:2b:cd:8b:27:23:a9:f5:bf:20:
20:7d:d3:df:cc:2c:8b:77:79:9c:06:a9:35:1e:4c:
db:56:82:12:cf:77:e3:3a:93:36:04:d1:d0:a6:83:
53:c1:f7:89:57:4e:ff:a5:c3:87:d0:50:9a:34:c4:
06:70:fa:e9:14:f2:c5:95:b8:57:47:06:8b:a4:1e:
fd:f5:0f:57:ae:30:a1:1b:ac:aa:aa:6c:2f:4e:4c:
59:ee:48:b4:97:5a:67:72:bf:1f:4c:c9:ce:ae:24:
8d:2b:3e:5d:c2:9f:69:47:c9:1e:c5:ec:fe:44:b6:
d4:cb:87:1c:8c:90:af:ec:e7:44:74:40:3b:7c:1f:
1a:24:be:d5:f6:59:36:7c:65:2e:e6:c3:55:9f:25:
7f:ae:cb:37:bf:78:d8:1e:26:f1:87:97:2a:de:9c:
cd:28:25:c2:d3:64:14:bd:96:70:64:02:19:3a:a4:
fe:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C9:CE:2F:98:87:1E:B5:BA:A1:05:C0:A5:C4:65:0F:12:5E:8D:8D
X509v3 Authority Key Identifier:
keyid:5E:C1:76:9D:3F:F0:42:12:46:98:E3:1C:47:2B:63:BB:F1:BB:B5:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XsF2nT_wQhJGmOMcRytju_G7ta0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/GsnOL5iHHrW6oQXApcRlDxJejY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/29fb04-e07b-4e30-b8f5-54204ddd2ca6/1/XsF2nT_wQhJGmOMcRytju_G7ta0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1040::/29
Signature Algorithm: sha256WithRSAEncryption
0d:ba:f9:6a:af:8a:3e:3b:cb:3d:c6:8c:e0:9b:6d:e6:b3:d1:
a2:92:9b:6f:1b:b3:58:39:d7:dc:2f:c8:76:de:84:a7:e2:78:
e9:e2:8c:2e:33:4c:55:66:9b:3e:01:18:76:63:b2:a5:dc:9e:
f5:d9:b0:df:d3:e6:0b:bd:e8:16:47:1c:1b:9b:8d:ce:7d:79:
97:e7:40:79:63:9d:ef:02:3d:a1:85:7a:24:c8:5e:2e:ec:88:
d1:15:7d:fe:72:15:1d:31:04:20:55:a0:59:b7:c9:23:78:40:
35:31:d5:ed:3f:38:69:04:8c:18:6b:01:56:79:09:c7:c5:e8:
f1:d9:85:ec:38:a9:45:ca:6f:4a:6e:25:fa:4e:02:59:86:9a:
33:48:ed:b2:d8:02:5e:ad:93:82:a3:3d:ef:5c:b7:b0:14:7a:
18:e4:08:ac:0d:34:82:d6:a3:06:78:47:47:d3:c2:41:a1:78:
a2:bc:c8:c5:13:3b:dc:a1:dd:73:54:02:6b:91:88:b3:f5:99:
aa:f1:df:3d:22:7f:ec:6d:b3:3e:fa:fa:3c:d4:4f:8e:9e:ad:
b6:13:93:bd:bc:e1:4b:65:14:c0:56:16:61:29:f7:28:f8:1a:
7a:6d:aa:ae:ec:74:79:da:af:db:f2:c3:eb:96:90:8a:47:6e:
7c:2c:b5:d8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntaY8q+6SLYEp/iHASWIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYzE3NjlkM2ZmMDQyMTI0Njk4ZTMxYzQ3MmI2M2JiZjFi
YmI1YWQwHhcNMjUwMTAyMTU1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM5Y2UyZjk4ODcxZWI1YmFhMTA1YzBhNWM0NjUwZjEyNWU4ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy+BmdJ5Sfyxf35WC6EXsT/QS/Gt
o2MdYSo3BkLky8drPL/j0pya1/sAINCfqxCBm7r/cbwXw0tpKU6kJIxFopUCaumv
B2wKQ1dC5uDA2ForzYsnI6n1vyAgfdPfzCyLd3mcBqk1HkzbVoISz3fjOpM2BNHQ
poNTwfeJV07/pcOH0FCaNMQGcPrpFPLFlbhXRwaLpB799Q9XrjChG6yqqmwvTkxZ
7ki0l1pncr8fTMnOriSNKz5dwp9pR8kexez+RLbUy4ccjJCv7OdEdEA7fB8aJL7V
9lk2fGUu5sNVnyV/rss3v3jYHibxh5cq3pzNKCXC02QUvZZwZAIZOqT+XwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBrJzi+Yhx61uqEFwKXEZQ8SXo2NMB8GA1UdIwQY
MBaAFF7Bdp0/8EISRpjjHEcrY7vxu7WtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHNGMm5UX3dRaEpHbU9NY1J5dGp1X0c3dGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yOWZiMDQtZTA3Yi00ZTMwLWI4ZjUt
NTQyMDRkZGQyY2E2LzEvR3NuT0w1aUhIclc2b1FYQXBjUmxEeEplalkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yOWZiMDQtZTA3Yi00ZTMwLWI4ZjUtNTQyMDRkZGQyY2E2
LzEvWHNGMm5UX3dRaEpHbU9NY1J5dGp1X0c3dGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQQQDAN
BgkqhkiG9w0BAQsFAAOCAQEADbr5aq+KPjvLPcaM4Jtt5rPRopKbbxuzWDnX3C/I
dt6Ep+J46eKMLjNMVWabPgEYdmOypdye9dmw39PmC73oFkccG5uNzn15l+dAeWOd
7wI9oYV6JMheLuyI0RV9/nIVHTEEIFWgWbfJI3hANTHV7T84aQSMGGsBVnkJx8Xo
8dmF7DipRcpvSm4l+k4CWYaaM0jtstgCXq2TgqM971y3sBR6GOQIrA00gtajBnhH
R9PCQaF4orzIxRM73KHdc1QCa5GIs/WZqvHfPSJ/7G2zPvr6PNRPjp6tthOTvbzh
S2UUwFYWYSn3KPgaem2qrux0edqv2/LD65aQikdufCy12A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:04:48 2025 by rpki-client