Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/AYNfqVlSCZxSkottsPIfKriDdHo.roa
File: AYNfqVlSCZxSkottsPIfKriDdHo.roa (raw, json)
Hash identifier: DR+WljYSnHEBz/1Nc0C8V29PSzaZP+WZg97TUOW5Zds=
Subject key identifier: 01:83:5F:A9:59:52:09:9C:52:92:8B:6D:B0:F2:1F:2A:B8:83:74:7A
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 01942444CE2F24DED6CAFB8E9EFB651D2374
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/AYNfqVlSCZxSkottsPIfKriDdHo.roa
Signing time: Wed 01 Jan 2025 23:47:56 +0000
ROA not before: Wed 01 Jan 2025 23:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204318
IP address blocks: 2a13:4c00::/34 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ce:2f:24:de:d6:ca:fb:8e:9e:fb:65:1d:23:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Jan 1 23:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01835fa95952099c52928b6db0f21f2ab883747a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:b5:0b:b7:55:0f:cd:4c:d7:fe:05:91:bb:
5d:d3:5e:c1:c1:66:3c:9a:0d:38:72:8a:fa:00:f3:
96:3e:39:5b:92:16:c1:f0:95:98:b1:e3:31:d7:47:
7e:b5:47:7a:9a:d4:a2:4d:67:64:12:ca:58:21:6a:
52:25:d3:76:73:b5:73:72:20:9f:a9:77:3c:c7:01:
09:46:6a:00:e0:7b:d9:a7:87:50:ad:49:4e:27:19:
15:8d:2a:cc:22:d7:0a:ed:21:02:0c:80:20:b9:86:
fb:f2:4b:0a:5d:c7:36:d5:04:11:b8:3f:d2:e7:22:
2d:92:60:d1:14:47:61:79:35:d7:85:a0:ca:f3:6b:
3b:4f:e7:bf:dc:96:b2:49:3e:61:cf:11:a6:54:52:
77:3a:ce:56:56:98:30:ae:ad:64:99:93:4a:c8:b3:
9e:4b:88:d9:a0:06:f8:bf:b7:19:84:c4:c2:e4:47:
b6:d8:d8:a0:6b:95:f6:3e:35:77:12:b3:5c:a5:2b:
88:08:09:a0:9f:64:7e:5e:de:30:f1:85:72:e9:ad:
f2:19:42:c4:ef:d7:05:7b:8b:d4:cd:24:c8:2c:08:
4b:8e:28:48:64:38:9a:6b:5a:dd:38:56:fe:70:b7:
e1:fa:93:96:d3:d3:17:39:6d:51:b4:f2:c9:83:d5:
10:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:83:5F:A9:59:52:09:9C:52:92:8B:6D:B0:F2:1F:2A:B8:83:74:7A
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/AYNfqVlSCZxSkottsPIfKriDdHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:4c00::/34
Signature Algorithm: sha256WithRSAEncryption
9c:81:e5:9f:b2:ac:1a:dc:53:02:1a:7b:9c:7b:80:fa:1c:47:
a6:92:6a:76:1a:b4:4e:9c:e6:60:f2:90:2b:18:f5:69:44:92:
cd:6f:15:ae:36:03:91:8b:6a:f4:50:69:26:4c:dc:03:06:7b:
0e:96:9a:84:f0:b5:1b:ef:b9:10:21:6d:0b:de:fd:0d:de:be:
ab:7c:c4:a0:35:46:26:86:f2:64:00:6f:ee:db:7a:6d:7d:11:
32:bc:8f:57:39:2f:fc:43:24:d8:df:48:0b:01:f6:cd:c3:1d:
af:9e:f8:9b:bb:0c:b1:ff:d6:89:b5:22:d4:99:ae:13:e9:aa:
c1:e5:33:fc:e1:7d:24:08:27:e4:70:50:81:51:a2:53:aa:2e:
0c:39:78:bb:fb:b7:76:c2:d3:16:4c:e6:3c:29:4a:73:65:50:
5a:13:db:b5:a0:89:1c:79:f9:94:22:29:cf:98:9a:77:eb:af:
b8:45:1d:fa:e1:ab:00:69:b0:0d:2c:54:5e:15:4d:a3:16:fa:
58:1c:cc:ba:3d:74:ef:ee:48:ca:a1:8f:fb:5b:39:5a:80:03:
4f:92:0e:8c:7e:25:0e:54:8c:47:0b:3c:c9:16:03:69:67:f8:
33:bb:a7:60:6c:d7:7b:7f:f8:5c:be:7f:22:f9:0e:2d:c8:e8:
dc:06:0a:b2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQkRM4vJN7WyvuOnvtlHSN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjUwMTAxMjM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTgzNWZhOTU5NTIwOTljNTI5MjhiNmRiMGYyMWYyYWI4ODM3NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4a1C7dVD81M1/4Fkbtd017BwWY8
mg04cor6APOWPjlbkhbB8JWYseMx10d+tUd6mtSiTWdkEspYIWpSJdN2c7VzciCf
qXc8xwEJRmoA4HvZp4dQrUlOJxkVjSrMItcK7SECDIAguYb78ksKXcc21QQRuD/S
5yItkmDRFEdheTXXhaDK82s7T+e/3JayST5hzxGmVFJ3Os5WVpgwrq1kmZNKyLOe
S4jZoAb4v7cZhMTC5Ee22Niga5X2PjV3ErNcpSuICAmgn2R+Xt4w8YVy6a3yGULE
79cFe4vUzSTILAhLjihIZDiaa1rdOFb+cLfh+pOW09MXOW1RtPLJg9UQQQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAGDX6lZUgmcUpKLbbDyHyq4g3R6MB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEvQVlOZnFWbFNDWnhTa290dHNQSWZLcmlEZEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKhNMAAAw
DQYJKoZIhvcNAQELBQADggEBAJyB5Z+yrBrcUwIae5x7gPocR6aSanYatE6c5mDy
kCsY9WlEks1vFa42A5GLavRQaSZM3AMGew6WmoTwtRvvuRAhbQve/Q3evqt8xKA1
RiaG8mQAb+7bem19ETK8j1c5L/xDJNjfSAsB9s3DHa+e+Ju7DLH/1om1ItSZrhPp
qsHlM/zhfSQIJ+RwUIFRolOqLgw5eLv7t3bC0xZM5jwpSnNlUFoT27WgiRx5+ZQi
Kc+Ymnfrr7hFHfrhqwBpsA0sVF4VTaMW+lgczLo9dO/uSMqhj/tbOVqAA0+SDox+
JQ5UjEcLPMkWA2ln+DO7p2Bs13t/+Fy+fyL5Di3I6NwGCrI=
-----END CERTIFICATE-----
Generated at Wed Apr 9 00:06:22 2025 by rpki-client