Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/g4zIfG0TDqDyDnvJoxFjUpVYpL8.roa
File: g4zIfG0TDqDyDnvJoxFjUpVYpL8.roa (raw, json)
Hash identifier: G2OueW5nCAhVGg6zx0zYvsb+rbueiIuCJgJ6h2hu4bs=
Subject key identifier: 83:8C:C8:7C:6D:13:0E:A0:F2:0E:7B:C9:A3:11:63:52:95:58:A4:BF
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 0193539F51301F72C1CE6D7CD9ED39C2C8A1
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/g4zIfG0TDqDyDnvJoxFjUpVYpL8.roa
Signing time: Fri 22 Nov 2024 11:26:10 +0000
ROA not before: Fri 22 Nov 2024 11:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 2a0e:4203::/32 maxlen: 48
2a0e:4204::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:9f:51:30:1f:72:c1:ce:6d:7c:d9:ed:39:c2:c8:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Nov 22 11:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=838cc87c6d130ea0f20e7bc9a31163529558a4bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:eb:fe:b8:34:77:2f:1d:1f:e6:7c:33:ea:b8:
31:7e:70:1e:36:03:64:b7:86:d2:3f:38:9e:c2:75:
84:56:b8:d8:63:f2:43:c4:49:20:13:a4:82:12:80:
d7:7a:42:35:54:bf:2d:aa:d1:44:8a:01:35:29:3d:
c9:ff:5d:3f:31:88:70:16:34:4d:ad:94:b2:fc:62:
50:66:47:54:85:2e:35:90:5c:53:14:9a:3f:65:cf:
da:1c:bd:ff:d9:6d:7c:9f:c0:5b:e6:48:db:df:c0:
5f:e3:32:0a:ef:34:48:37:de:88:73:f6:34:5c:28:
80:6f:ac:84:cb:57:67:af:49:2b:13:83:40:5c:c3:
15:bd:e6:89:71:b5:42:8c:e0:fc:72:11:93:7d:33:
25:05:1c:f4:14:34:99:b3:4d:38:cf:f7:92:fb:1e:
69:1d:25:29:83:ab:9d:79:a1:36:af:8e:13:4b:3c:
3c:f9:a9:be:e8:38:c3:08:db:b5:56:1e:e5:b1:76:
e3:2f:7a:78:eb:2e:65:2e:84:48:49:0c:6c:cc:39:
f8:13:42:eb:84:e5:b2:0b:3c:f6:b1:73:55:0d:8e:
04:6a:b2:d3:ce:cc:0a:34:46:fd:a3:ef:5e:cd:80:
71:8e:25:51:e0:60:06:7e:2b:5f:57:32:d8:c7:cf:
6f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8C:C8:7C:6D:13:0E:A0:F2:0E:7B:C9:A3:11:63:52:95:58:A4:BF
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/g4zIfG0TDqDyDnvJoxFjUpVYpL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4203::-2a0e:4204:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
39:aa:71:07:4c:76:d3:51:4f:48:0e:a8:c4:cd:89:3b:b3:f8:
08:07:29:ac:d9:c1:94:4c:00:bf:62:1b:37:0a:c0:f4:87:b9:
66:2a:a0:70:a1:74:aa:12:8c:3c:06:5a:8b:24:92:aa:f7:72:
63:e1:c2:e3:9c:f0:e0:a1:90:c9:1e:b1:5e:47:f1:49:9b:50:
cb:1a:ea:ac:8c:72:e6:d0:b9:fe:2c:7d:67:09:00:a4:d6:82:
40:bd:c5:2a:45:57:15:64:e3:58:80:3e:69:5c:f5:2a:d4:b3:
00:71:1a:9b:1e:f1:03:64:f9:69:e3:53:fc:7a:82:71:fc:42:
7c:4c:3f:42:6f:d4:60:3f:aa:a2:a9:41:80:c6:54:13:5c:20:
5c:eb:06:3d:e0:d6:38:94:e8:7f:6d:6b:b4:1e:e3:17:2b:d8:
fe:d4:7b:94:68:a9:bf:5b:6f:6e:f6:87:0d:56:f1:3f:5d:13:
58:a9:b5:ac:77:b3:59:9c:e0:12:97:cb:ec:71:55:57:1f:79:
44:4e:16:23:bf:84:37:66:fb:3d:9c:50:f3:e7:98:dc:98:5e:
12:b0:80:f6:ab:d3:71:76:fe:eb:3e:f4:41:f8:40:64:9b:23:
76:3c:12:4f:c3:2f:24:41:47:5f:55:da:d6:f1:64:0e:ee:85:
08:1e:a4:b1
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZNTn1EwH3LBzm182e05wsihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjQxMTIyMTEyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhjYzg3YzZkMTMwZWEwZjIwZTdiYzlhMzExNjM1Mjk1NThhNGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuv+uDR3Lx0f5nwz6rgxfnAeNgNk
t4bSPziewnWEVrjYY/JDxEkgE6SCEoDXekI1VL8tqtFEigE1KT3J/10/MYhwFjRN
rZSy/GJQZkdUhS41kFxTFJo/Zc/aHL3/2W18n8Bb5kjb38Bf4zIK7zRIN96Ic/Y0
XCiAb6yEy1dnr0krE4NAXMMVveaJcbVCjOD8chGTfTMlBRz0FDSZs004z/eS+x5p
HSUpg6udeaE2r44TSzw8+am+6DjDCNu1Vh7lsXbjL3p46y5lLoRISQxszDn4E0Lr
hOWyCzz2sXNVDY4EarLTzswKNEb9o+9ezYBxjiVR4GAGfitfVzLYx89v2wIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFIOMyHxtEw6g8g57yaMRY1KVWKS/MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvZzR6SWZHMFREcUR5RG52Sm94RmpVcFZZcEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDkID
AwUAKg5CBDANBgkqhkiG9w0BAQsFAAOCAQEAOapxB0x201FPSA6oxM2JO7P4CAcp
rNnBlEwAv2IbNwrA9Ie5ZiqgcKF0qhKMPAZaiySSqvdyY+HC45zw4KGQyR6xXkfx
SZtQyxrqrIxy5tC5/ix9ZwkApNaCQL3FKkVXFWTjWIA+aVz1KtSzAHEamx7xA2T5
aeNT/HqCcfxCfEw/Qm/UYD+qoqlBgMZUE1wgXOsGPeDWOJTof21rtB7jFyvY/tR7
lGipv1tvbvaHDVbxP10TWKm1rHezWZzgEpfL7HFVVx95RE4WI7+EN2b7PZxQ8+eY
3JheErCA9qvTcXb+6z70QfhAZJsjdjwST8MvJEFHX1Xa1vFkDu6FCB6ksQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:55:57 2025 by rpki-client