Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/8f51d8-6269-4d7a-88e2-dd447cfe9257/1/tWAfps1LMQEuwY1zrlCceHf4lAU.roa
File: tWAfps1LMQEuwY1zrlCceHf4lAU.roa (raw, json)
Hash identifier: G3Br63AVjFjoikttUAtm29ZhG8HFBNm89wMYXLsZqtE=
Subject key identifier: B5:60:1F:A6:CD:4B:31:01:2E:C1:8D:73:AE:50:9C:78:77:F8:94:05
Certificate issuer: /CN=104e382c1f727e75d515df8d19b63a80a08fe232
Certificate serial: 01856D5D241EE1C3C0DFE360A7A744083FCD
Authority key identifier: 10:4E:38:2C:1F:72:7E:75:D5:15:DF:8D:19:B6:3A:80:A0:8F:E2:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EE44LB9yfnXVFd-NGbY6gKCP4jI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/8f51d8-6269-4d7a-88e2-dd447cfe9257/1/tWAfps1LMQEuwY1zrlCceHf4lAU.roa
Signing time: Sun 01 Jan 2023 12:44:58 +0000
ROA not before: Sun 01 Jan 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39591
IP address blocks: 2a10:7180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:24:1e:e1:c3:c0:df:e3:60:a7:a7:44:08:3f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=104e382c1f727e75d515df8d19b63a80a08fe232
Validity
Not Before: Jan 1 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5601fa6cd4b31012ec18d73ae509c7877f89405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:fb:30:9b:de:bb:06:77:1b:85:56:b3:a9:ef:
88:3f:16:b0:9f:e7:d3:9f:70:15:a2:a1:27:3d:e3:
be:30:04:2e:33:5f:ee:e4:d0:ec:65:c2:2c:76:37:
c8:c9:6c:fc:17:66:c9:b7:1e:f9:b1:a9:8f:be:b3:
eb:ec:d2:95:00:7f:e6:40:4d:c8:98:30:35:05:e8:
c4:16:47:4b:f5:3c:62:10:13:32:af:50:13:8a:a6:
53:f7:b1:2b:e3:c7:cf:68:8d:a4:2f:db:e9:65:f8:
5c:23:1b:b5:cf:55:14:db:e3:2d:3c:f8:e3:ce:a5:
5d:c5:0a:04:12:ad:a3:7a:a4:40:dd:a2:30:f4:13:
ae:ae:02:7f:e5:9c:a1:72:37:7e:db:ac:29:d3:34:
4d:bd:23:c4:3e:76:9d:9c:61:92:70:04:5b:19:a5:
df:49:28:a6:21:12:e6:49:de:a5:fe:3e:e8:11:8b:
b6:4f:78:c5:87:e0:6c:cd:fa:29:57:f2:eb:b0:61:
50:81:a0:8e:59:56:45:ff:ca:d7:bc:b0:4e:b8:b7:
3f:9f:71:ac:71:cd:cc:de:31:20:54:e2:ee:21:ea:
0b:c7:b0:73:d4:e0:32:da:c6:d0:6d:03:a0:e3:9a:
32:c5:a8:61:57:78:13:d4:bb:0b:fc:25:ae:8d:58:
31:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:60:1F:A6:CD:4B:31:01:2E:C1:8D:73:AE:50:9C:78:77:F8:94:05
X509v3 Authority Key Identifier:
keyid:10:4E:38:2C:1F:72:7E:75:D5:15:DF:8D:19:B6:3A:80:A0:8F:E2:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EE44LB9yfnXVFd-NGbY6gKCP4jI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/8f51d8-6269-4d7a-88e2-dd447cfe9257/1/tWAfps1LMQEuwY1zrlCceHf4lAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/8f51d8-6269-4d7a-88e2-dd447cfe9257/1/EE44LB9yfnXVFd-NGbY6gKCP4jI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:7180::/29
Signature Algorithm: sha256WithRSAEncryption
6d:1c:fa:98:01:e4:c6:dd:4d:4f:63:9f:3b:2e:12:0d:26:47:
06:72:bc:13:5c:f9:10:1f:83:9e:7e:67:f3:98:ad:dc:b5:ef:
84:09:48:40:81:64:78:7a:2e:77:bc:d9:49:e1:79:78:62:6b:
83:3d:43:b0:b1:17:d4:0a:44:c1:ba:b8:c0:26:87:b2:7b:40:
fe:cc:e5:5a:c4:77:6d:a1:bd:4b:b6:11:3a:f1:07:90:09:8c:
28:ba:4e:e9:bb:00:cb:aa:d0:e9:bc:c9:06:1d:91:be:8d:21:
96:2d:3c:9f:fd:35:5e:0f:dd:24:61:7a:ee:cd:b2:a7:21:d2:
26:ef:fe:99:c4:9f:38:a3:71:e8:e6:15:1d:ed:ce:c1:b9:bc:
78:11:18:6d:e5:63:05:06:cb:34:66:8f:cd:0b:12:a6:15:0e:
d3:7f:ea:74:83:a0:99:50:50:34:b4:9f:d1:e4:61:25:c9:59:
96:78:d1:f3:42:c9:75:d0:64:95:35:81:34:41:fa:bd:44:9f:
ad:16:79:5a:be:66:74:f4:43:e6:5b:4d:08:5b:97:18:db:47:
b5:ef:bb:13:b8:02:d5:aa:20:5f:45:ae:0d:9d:60:ed:1f:06:
06:b0:39:a3:aa:20:14:75:ba:1b:af:ab:f4:89:c0:ac:2a:b6:
56:93:e4:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtXSQe4cPA3+Ngp6dECD/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNGUzODJjMWY3MjdlNzVkNTE1ZGY4ZDE5YjYzYTgwYTA4
ZmUyMzIwHhcNMjMwMTAxMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTYwMWZhNmNkNGIzMTAxMmVjMThkNzNhZTUwOWM3ODc3Zjg5NDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPswm967BncbhVazqe+IPxawn+fT
n3AVoqEnPeO+MAQuM1/u5NDsZcIsdjfIyWz8F2bJtx75samPvrPr7NKVAH/mQE3I
mDA1BejEFkdL9TxiEBMyr1ATiqZT97Er48fPaI2kL9vpZfhcIxu1z1UU2+MtPPjj
zqVdxQoEEq2jeqRA3aIw9BOurgJ/5Zyhcjd+26wp0zRNvSPEPnadnGGScARbGaXf
SSimIRLmSd6l/j7oEYu2T3jFh+BszfopV/LrsGFQgaCOWVZF/8rXvLBOuLc/n3Gs
cc3M3jEgVOLuIeoLx7Bz1OAy2sbQbQOg45oyxahhV3gT1LsL/CWujVgx3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLVgH6bNSzEBLsGNc65QnHh3+JQFMB8GA1UdIwQY
MBaAFBBOOCwfcn511RXfjRm2OoCgj+IyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUU0NExCOXlmblhWRmQtTkdiWTZnS0NQNGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy84ZjUxZDgtNjI2OS00ZDdhLTg4ZTIt
ZGQ0NDdjZmU5MjU3LzEvdFdBZnBzMUxNUUV1d1kxenJsQ2NlSGY0bEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy84ZjUxZDgtNjI2OS00ZDdhLTg4ZTItZGQ0NDdjZmU5MjU3
LzEvRUU0NExCOXlmblhWRmQtTkdiWTZnS0NQNGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhBxgDAN
BgkqhkiG9w0BAQsFAAOCAQEAbRz6mAHkxt1NT2OfOy4SDSZHBnK8E1z5EB+Dnn5n
85it3LXvhAlIQIFkeHoud7zZSeF5eGJrgz1DsLEX1ApEwbq4wCaHsntA/szlWsR3
baG9S7YROvEHkAmMKLpO6bsAy6rQ6bzJBh2Rvo0hli08n/01Xg/dJGF67s2ypyHS
Ju/+mcSfOKNx6OYVHe3Owbm8eBEYbeVjBQbLNGaPzQsSphUO03/qdIOgmVBQNLSf
0eRhJclZlnjR80LJddBklTWBNEH6vUSfrRZ5Wr5mdPRD5ltNCFuXGNtHte+7E7gC
1aogX0WuDZ1g7R8GBrA5o6ogFHW6G6+r9InArCq2VpPkiQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:38 2025 by rpki-client