Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/ilQvYPyHAE8Ew-CuKPDgDoTFOqg.roa
File: ilQvYPyHAE8Ew-CuKPDgDoTFOqg.roa (raw, json)
Hash identifier: 8y3uHVvQ4mYdr14Y4H2lwHF8ku0GnCEvFRH1wKV9gGI=
Subject key identifier: 8A:54:2F:60:FC:87:00:4F:04:C3:E0:AE:28:F0:E0:0E:84:C5:3A:A8
Certificate issuer: /CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Certificate serial: 0193D54D7878ACF0D89831C4239052453C7D
Authority key identifier: BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/ilQvYPyHAE8Ew-CuKPDgDoTFOqg.roa
Signing time: Tue 17 Dec 2024 15:47:24 +0000
ROA not before: Tue 17 Dec 2024 15:47:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215828
IP address blocks: 2a13:ccc5::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d5:4d:78:78:ac:f0:d8:98:31:c4:23:90:52:45:3c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa748ba14a76e5d8a6edacb5426082a56f5e3d
Validity
Not Before: Dec 17 15:47:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a542f60fc87004f04c3e0ae28f0e00e84c53aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1e:47:9f:3a:e9:08:d8:fa:ee:d7:04:9f:33:
b1:ad:76:74:9a:e7:d8:c4:f5:74:77:86:a6:74:a8:
bd:15:51:ee:4b:ba:f9:be:d1:e3:bc:8d:7d:1e:27:
1e:f2:0a:64:03:f9:97:ae:24:36:25:52:3c:b6:e7:
64:7c:f1:ff:96:00:d1:54:59:0c:74:32:a2:ae:06:
18:85:58:7b:89:ba:12:8d:d4:0a:6b:c6:15:ab:9b:
6d:91:ad:1f:8f:e0:62:e6:ef:4b:a8:6c:01:da:d2:
a8:ed:05:e0:15:9b:d5:5e:d1:98:15:89:fe:13:8e:
a7:7a:05:a1:b8:ff:0c:fc:1d:c1:d4:78:d1:20:7f:
6b:e3:6b:b9:a9:09:50:40:39:01:52:b7:e6:82:2e:
6a:81:5c:5a:e2:a1:43:0e:32:30:86:70:55:bb:38:
3e:9d:a5:ec:de:0d:85:c4:19:8d:d9:dd:cb:1a:89:
42:7c:74:ca:f1:72:ef:6e:6f:34:64:b4:2e:6f:eb:
ac:7d:65:41:f3:bd:15:1a:4e:45:b1:12:b4:a6:39:
a3:d4:40:17:8a:7f:4e:29:79:e2:f5:bc:9d:a3:ba:
be:9f:18:a9:55:3e:02:b5:72:13:1e:c0:35:09:bd:
eb:ee:3e:59:09:69:a7:8a:f3:24:58:7d:d5:67:72:
c5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:54:2F:60:FC:87:00:4F:04:C3:E0:AE:28:F0:E0:0E:84:C5:3A:A8
X509v3 Authority Key Identifier:
keyid:BA:AA:74:8B:A1:4A:76:E5:D8:A6:ED:AC:B5:42:60:82:A5:6F:5E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqp0i6FKduXYpu2stUJggqVvXj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/ilQvYPyHAE8Ew-CuKPDgDoTFOqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a8e45b-17c6-436d-81a8-c5195162e3be/1/uqp0i6FKduXYpu2stUJggqVvXj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ccc5::/32
Signature Algorithm: sha256WithRSAEncryption
8d:fc:01:d0:db:4a:38:1d:80:c4:c3:2b:0c:d7:9f:b2:af:4c:
b3:93:c6:8a:37:3a:4d:db:b7:db:ed:c1:8b:a1:80:8c:be:12:
48:04:95:ae:f8:0a:37:c5:28:19:42:d9:ae:b4:3e:bf:18:0d:
4f:01:2d:e7:f0:b2:4f:2c:98:d0:f0:62:34:24:2c:e9:a5:6e:
4a:3a:db:f7:03:42:b0:97:7f:ed:56:ba:ec:b9:50:7c:f9:87:
04:a6:27:e8:c0:6a:3b:b6:06:54:e7:83:8a:05:2f:21:2e:8b:
53:af:41:1b:2c:f9:95:44:42:19:41:08:f5:0f:11:d8:80:50:
b8:4b:e3:7f:3c:ad:25:c0:e3:b7:a5:64:a2:39:5b:e7:c5:60:
c8:b9:93:4f:67:f5:9d:5b:6c:bf:e7:b9:fe:bd:b8:ad:61:19:
09:2e:5f:9a:3a:6a:bf:48:b6:7e:9d:fe:09:80:da:5c:96:f0:
fc:24:6e:dc:5c:a0:9f:57:5e:ac:2d:a5:25:75:cb:6a:8c:74:
c4:e0:f3:bd:66:c8:36:78:ff:6a:de:73:33:59:73:73:0b:57:
fb:0c:63:ff:c3:55:9a:09:62:94:4e:fc:6c:b1:12:c9:7f:91:
31:a1:c8:49:9c:06:ca:2f:5e:62:ef:d1:aa:c9:b1:dc:62:43:
e9:8c:dd:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPVTXh4rPDYmDHEI5BSRTx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE3NDhiYTE0YTc2ZTVkOGE2ZWRhY2I1NDI2MDgyYTU2
ZjVlM2QwHhcNMjQxMjE3MTU0NzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTU0MmY2MGZjODcwMDRmMDRjM2UwYWUyOGYwZTAwZTg0YzUzYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh5HnzrpCNj67tcEnzOxrXZ0mufY
xPV0d4amdKi9FVHuS7r5vtHjvI19Hice8gpkA/mXriQ2JVI8tudkfPH/lgDRVFkM
dDKirgYYhVh7iboSjdQKa8YVq5ttka0fj+Bi5u9LqGwB2tKo7QXgFZvVXtGYFYn+
E46negWhuP8M/B3B1HjRIH9r42u5qQlQQDkBUrfmgi5qgVxa4qFDDjIwhnBVuzg+
naXs3g2FxBmN2d3LGolCfHTK8XLvbm80ZLQub+usfWVB870VGk5FsRK0pjmj1EAX
in9OKXni9bydo7q+nxipVT4CtXITHsA1Cb3r7j5ZCWmnivMkWH3VZ3LFrQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIpUL2D8hwBPBMPgrijw4A6ExTqoMB8GA1UdIwQY
MBaAFLqqdIuhSnbl2KbtrLVCYIKlb149MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgt
YzUxOTUxNjJlM2JlLzEvaWxRdllQeUhBRThFdy1DdUtQRGdEb1RGT3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hOGU0NWItMTdjNi00MzZkLTgxYTgtYzUxOTUxNjJlM2Jl
LzEvdXFwMGk2RktkdVhZcHUyc3RVSmdncVZ2WGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPMxTAN
BgkqhkiG9w0BAQsFAAOCAQEAjfwB0NtKOB2AxMMrDNefsq9Ms5PGijc6Tdu32+3B
i6GAjL4SSASVrvgKN8UoGULZrrQ+vxgNTwEt5/CyTyyY0PBiNCQs6aVuSjrb9wNC
sJd/7Va67LlQfPmHBKYn6MBqO7YGVOeDigUvIS6LU69BGyz5lURCGUEI9Q8R2IBQ
uEvjfzytJcDjt6Vkojlb58VgyLmTT2f1nVtsv+e5/r24rWEZCS5fmjpqv0i2fp3+
CYDaXJbw/CRu3Fygn1derC2lJXXLaox0xODzvWbINnj/at5zM1lzcwtX+wxj/8NV
mglilE78bLESyX+RMaHISZwGyi9eYu/Rqsmx3GJD6YzdiQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:24:09 2025 by rpki-client