Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/Kq9oy1uLDEVjPK7uo7CtOBtF3Fs.roa
File: Kq9oy1uLDEVjPK7uo7CtOBtF3Fs.roa (raw, json)
Hash identifier: +hOcbW8T2Du+uljugS3IXJD+qzn/X9C29PD+zWkfcl4=
Subject key identifier: 2A:AF:68:CB:5B:8B:0C:45:63:3C:AE:EE:A3:B0:AD:38:1B:45:DC:5B
Certificate issuer: /CN=e1856c3082ab2fc8dd1b359a7b3991368538b4d0
Certificate serial: 01942067DFDCE9695EF98D23E07F06D2416B
Authority key identifier: E1:85:6C:30:82:AB:2F:C8:DD:1B:35:9A:7B:39:91:36:85:38:B4:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4YVsMIKrL8jdGzWaezmRNoU4tNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/Kq9oy1uLDEVjPK7uo7CtOBtF3Fs.roa
Signing time: Wed 01 Jan 2025 05:47:45 +0000
ROA not before: Wed 01 Jan 2025 05:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214895
IP address blocks: 2a13:2a40::/29 maxlen: 29
2a13:3d40::/29 maxlen: 29
2a13:3dc0::/29 maxlen: 29
2a14:5900::/29 maxlen: 29
2a14:5b00::/29 maxlen: 29
2a14:5d00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:df:dc:e9:69:5e:f9:8d:23:e0:7f:06:d2:41:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1856c3082ab2fc8dd1b359a7b3991368538b4d0
Validity
Not Before: Jan 1 05:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aaf68cb5b8b0c45633caeeea3b0ad381b45dc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:97:a3:7f:cf:10:39:66:e2:4d:e9:62:4d:
ce:87:72:42:23:ad:e9:a4:25:a9:ab:10:fa:72:b2:
19:a8:f0:bb:75:64:7b:71:df:10:66:4a:61:5d:2e:
5c:26:b3:cd:78:1b:3f:cb:25:91:4c:2a:ca:39:10:
6b:b8:9b:51:9d:da:9c:07:bc:e6:b5:95:e0:90:1a:
7f:fa:43:12:8f:69:13:91:c3:7f:ac:bc:25:a9:b2:
e9:eb:8a:e8:d1:7b:60:d9:92:75:04:ca:5f:09:4a:
87:e5:b0:68:a2:1e:10:3c:e1:a8:99:22:49:c3:28:
68:fa:b0:22:c1:cf:95:20:67:98:94:a9:ce:71:38:
3c:3a:44:59:81:8f:06:08:a6:43:9e:f8:d2:9c:95:
a6:1f:39:8a:cb:ac:f1:7b:27:b5:c6:81:9e:3a:e2:
80:5b:1a:b0:5c:24:71:d6:f4:f8:a5:12:67:6c:52:
da:7e:fc:ba:7f:61:8e:0b:dd:92:8e:e5:ef:14:2c:
39:c7:66:f1:b5:b6:e8:13:90:f3:71:ad:72:0a:b7:
37:0c:59:35:71:ee:87:c2:d6:ca:70:57:bf:5a:e9:
0c:e7:46:a7:da:f8:39:64:a9:17:5a:ec:d1:77:39:
67:13:51:42:c8:62:fc:1b:03:cc:67:0a:35:58:73:
3e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AF:68:CB:5B:8B:0C:45:63:3C:AE:EE:A3:B0:AD:38:1B:45:DC:5B
X509v3 Authority Key Identifier:
keyid:E1:85:6C:30:82:AB:2F:C8:DD:1B:35:9A:7B:39:91:36:85:38:B4:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4YVsMIKrL8jdGzWaezmRNoU4tNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/Kq9oy1uLDEVjPK7uo7CtOBtF3Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/4YVsMIKrL8jdGzWaezmRNoU4tNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2a40::/29
2a13:3d40::/29
2a13:3dc0::/29
2a14:5900::/29
2a14:5b00::/29
2a14:5d00::/29
Signature Algorithm: sha256WithRSAEncryption
a8:bd:20:2e:d9:3d:d1:79:49:fa:b3:57:88:09:8d:e2:41:a7:
38:f4:00:6f:c6:dc:d6:b5:4f:dd:e0:1b:8c:52:73:c1:9e:13:
ee:95:e8:79:01:e1:fb:c6:41:28:51:d9:ae:fd:be:a1:ba:fb:
aa:10:a1:15:13:89:cd:9b:a3:3a:7a:ee:69:10:d4:e4:00:44:
af:0e:fc:06:2e:14:03:88:ce:d5:24:70:91:8e:b4:83:28:2e:
45:e7:f7:be:23:d6:85:10:df:25:82:5d:ed:dd:37:54:30:ac:
64:6c:c0:6d:d3:cc:0f:03:a2:7d:11:b1:c7:39:86:94:93:d3:
ea:d3:ee:3e:58:e0:af:94:3b:47:09:5c:75:5e:72:20:b9:28:
05:40:63:5b:46:09:ba:a6:87:06:44:09:fb:bd:0d:b2:16:dd:
98:80:5d:35:89:f3:9c:c9:19:24:a6:7f:62:06:7c:1c:5c:f6:
dd:16:c1:1a:65:0e:b8:a7:4c:80:77:e5:32:f9:b4:4c:60:a9:
2a:6f:54:6c:35:96:6c:02:bf:e4:31:27:97:e4:a8:d7:3b:da:
01:71:b0:50:98:47:36:c6:2d:41:93:d7:50:e8:b4:15:5e:b7:
1c:4f:aa:a4:a1:c9:af:de:90:82:57:75:77:e6:14:2e:e4:a5:
24:04:d1:91
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQgZ9/c6Wle+Y0j4H8G0kFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxODU2YzMwODJhYjJmYzhkZDFiMzU5YTdiMzk5MTM2ODUz
OGI0ZDAwHhcNMjUwMTAxMDU0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWFmNjhjYjViOGIwYzQ1NjMzY2FlZWVhM2IwYWQzODFiNDVkYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnqXo3/PEDlm4k3pYk3Oh3JCI63p
pCWpqxD6crIZqPC7dWR7cd8QZkphXS5cJrPNeBs/yyWRTCrKORBruJtRndqcB7zm
tZXgkBp/+kMSj2kTkcN/rLwlqbLp64ro0Xtg2ZJ1BMpfCUqH5bBooh4QPOGomSJJ
wyho+rAiwc+VIGeYlKnOcTg8OkRZgY8GCKZDnvjSnJWmHzmKy6zxeye1xoGeOuKA
WxqwXCRx1vT4pRJnbFLafvy6f2GOC92SjuXvFCw5x2bxtbboE5Dzca1yCrc3DFk1
ce6HwtbKcFe/WukM50an2vg5ZKkXWuzRdzlnE1FCyGL8GwPMZwo1WHM+aQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCqvaMtbiwxFYzyu7qOwrTgbRdxbMB8GA1UdIwQY
MBaAFOGFbDCCqy/I3Rs1mns5kTaFOLTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFlWc01JS3JMOGpkR3pXYWV6bVJOb1U0dE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NjRiZDAtN2I1Mi00NGRkLWI1NmIt
OGVhYTZiZjQwMzU3LzEvS3E5b3kxdUxERVZqUEs3dW83Q3RPQnRGM0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NjRiZDAtN2I1Mi00NGRkLWI1NmItOGVhYTZiZjQwMzU3
LzEvNFlWc01JS3JMOGpkR3pXYWV6bVJOb1U0dE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhMqQAMF
AyoTPUADBQMqEz3AAwUDKhRZAAMFAyoUWwADBQMqFF0AMA0GCSqGSIb3DQEBCwUA
A4IBAQCovSAu2T3ReUn6s1eICY3iQac49ABvxtzWtU/d4BuMUnPBnhPuleh5AeH7
xkEoUdmu/b6huvuqEKEVE4nNm6M6eu5pENTkAESvDvwGLhQDiM7VJHCRjrSDKC5F
5/e+I9aFEN8lgl3t3TdUMKxkbMBt08wPA6J9EbHHOYaUk9Pq0+4+WOCvlDtHCVx1
XnIguSgFQGNbRgm6pocGRAn7vQ2yFt2YgF01ifOcyRkkpn9iBnwcXPbdFsEaZQ64
p0yAd+Uy+bRMYKkqb1RsNZZsAr/kMSeX5KjXO9oBcbBQmEc2xi1Bk9dQ6LQVXrcc
T6qkocmv3pCCV3V35hQu5KUkBNGR
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:01:12 2025 by rpki-client