Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/krkHvQTFRMAHxqzj2-GUJS4vv5k.roa
File: krkHvQTFRMAHxqzj2-GUJS4vv5k.roa (raw, json)
Hash identifier: C5MGMOeEqfjeIsk0wpl23sCeOVmlXe89F8dL33SV4Mg=
Subject key identifier: 92:B9:07:BD:04:C5:44:C0:07:C6:AC:E3:DB:E1:94:25:2E:2F:BF:99
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 018BD1F37EDB33A7AA0A306093BE229F1195
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/krkHvQTFRMAHxqzj2-GUJS4vv5k.roa
Signing time: Wed 15 Nov 2023 07:47:57 +0000
ROA not before: Wed 15 Nov 2023 07:47:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 2a0e:4203::/32 maxlen: 32
2a0e:4204::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:f3:7e:db:33:a7:aa:0a:30:60:93:be:22:9f:11:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Nov 15 07:47:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92b907bd04c544c007c6ace3dbe194252e2fbf99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:48:7b:b8:b3:1f:ae:95:b1:ac:8a:90:4a:a2:
74:b3:30:fd:ff:0e:a3:8f:7c:f9:41:6d:19:6f:6f:
e0:b1:64:c6:7b:67:1a:3f:5a:7c:00:cf:67:86:36:
c7:5b:4e:24:a9:50:6c:cf:e8:d3:3c:9c:d2:86:ba:
c8:88:73:54:d3:c3:5b:e3:9a:2d:71:df:e5:aa:d7:
f3:ea:7f:fc:42:de:a0:20:0b:0c:10:7e:e3:38:a6:
61:54:0f:d6:ed:f9:10:3b:5e:63:2d:88:21:ed:48:
f2:c9:31:1a:49:ae:5f:79:7b:56:c8:e7:d1:a4:ff:
8f:88:4e:cc:0e:88:d2:92:aa:3f:1c:4f:a8:0d:a2:
89:33:14:da:b8:91:f5:51:74:79:d5:2a:3b:a3:02:
d7:da:dc:ec:da:c9:50:08:22:d8:35:85:bf:d4:6e:
de:78:f0:ed:e6:7b:39:5d:ed:6f:06:da:a7:a8:e5:
5b:f9:97:b6:ea:63:1f:ea:a6:fd:da:e3:d2:be:8e:
d2:bd:a6:a6:fb:ea:b7:44:ab:11:cb:48:63:0e:23:
07:9e:bb:55:0e:84:a9:3d:39:20:47:83:f5:65:b4:
e7:85:7d:4f:f1:51:a8:a0:05:d1:64:7a:c3:44:d2:
f9:9d:0a:64:67:16:89:df:04:8f:9e:9a:05:23:47:
29:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B9:07:BD:04:C5:44:C0:07:C6:AC:E3:DB:E1:94:25:2E:2F:BF:99
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/krkHvQTFRMAHxqzj2-GUJS4vv5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4203::-2a0e:4204:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:e6:17:d3:8f:21:2f:78:96:d9:27:93:c1:55:38:84:91:6a:
2b:63:5c:c1:2a:d0:d8:2e:97:b8:5f:88:66:0a:69:b6:8d:11:
f6:58:cf:cc:4a:85:47:1c:5b:cd:8e:fa:dd:ee:4c:e8:91:49:
65:b3:f7:8c:ee:25:a7:94:cc:f7:e2:8d:d1:f2:81:4b:d5:11:
c1:e4:48:c1:b8:39:41:2d:dd:6c:f1:45:ca:30:3c:80:22:ed:
63:ae:a5:70:f2:7b:d4:1b:2a:72:8a:4c:e7:85:2f:03:ff:ea:
70:4b:b0:ce:ad:07:ff:de:14:88:31:76:e6:00:55:9c:32:ea:
c6:50:d1:06:51:41:a5:ed:10:17:11:bc:39:67:21:e4:ac:a5:
01:8c:bb:c1:31:92:0e:4c:b6:58:cb:72:59:6f:a0:1b:a8:dd:
28:00:0e:91:ca:6b:f1:d8:dd:9c:0a:43:6e:33:13:66:b4:a5:
07:53:61:89:fd:13:54:0b:7d:ec:e9:d5:51:72:91:6d:86:ef:
9c:24:3b:0c:2f:1b:10:40:f5:f5:23:ee:4e:cc:2a:7d:8f:66:
76:47:47:fe:17:ba:00:54:46:f6:8a:9f:12:75:9a:ba:8a:02:
02:45:87:10:a4:53:bc:4b:93:c5:22:6b:f3:50:78:be:bd:3e:
89:bc:96:41
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYvR837bM6eqCjBgk74inxGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjMxMTE1MDc0NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI5MDdiZDA0YzU0NGMwMDdjNmFjZTNkYmUxOTQyNTJlMmZiZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUh7uLMfrpWxrIqQSqJ0szD9/w6j
j3z5QW0Zb2/gsWTGe2caP1p8AM9nhjbHW04kqVBsz+jTPJzShrrIiHNU08Nb45ot
cd/lqtfz6n/8Qt6gIAsMEH7jOKZhVA/W7fkQO15jLYgh7UjyyTEaSa5feXtWyOfR
pP+PiE7MDojSkqo/HE+oDaKJMxTauJH1UXR51So7owLX2tzs2slQCCLYNYW/1G7e
ePDt5ns5Xe1vBtqnqOVb+Ze26mMf6qb92uPSvo7Svaam++q3RKsRy0hjDiMHnrtV
DoSpPTkgR4P1ZbTnhX1P8VGooAXRZHrDRNL5nQpkZxaJ3wSPnpoFI0cp8QIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJK5B70ExUTAB8as49vhlCUuL7+ZMB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEva3JrSHZRVEZSTUFIeHF6ajItR1VKUzR2djVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqDkID
AwUAKg5CBDANBgkqhkiG9w0BAQsFAAOCAQEAQOYX048hL3iW2SeTwVU4hJFqK2Nc
wSrQ2C6XuF+IZgppto0R9ljPzEqFRxxbzY763e5M6JFJZbP3jO4lp5TM9+KN0fKB
S9URweRIwbg5QS3dbPFFyjA8gCLtY66lcPJ71BsqcopM54UvA//qcEuwzq0H/94U
iDF25gBVnDLqxlDRBlFBpe0QFxG8OWch5KylAYy7wTGSDky2WMtyWW+gG6jdKAAO
kcpr8djdnApDbjMTZrSlB1Nhif0TVAt97OnVUXKRbYbvnCQ7DC8bEED19SPuTswq
fY9mdkdH/he6AFRG9oqfEnWauooCAkWHEKRTvEuTxSJr81B4vr0+ibyWQQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:46 2025 by rpki-client