Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/948LpAsMkLIu39enO_HhNF4kwnI.roa
File: 948LpAsMkLIu39enO_HhNF4kwnI.roa (raw, json)
Hash identifier: ra4yorlTsQRJm07XOF3AAmjH3FUClAN0KRsO5F6kwG4=
Subject key identifier: F7:8F:0B:A4:0B:0C:90:B2:2E:DF:D7:A7:3B:F1:E1:34:5E:24:C2:72
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018F061F0B1EBA3F84A1802CE15A2FA7401D
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/948LpAsMkLIu39enO_HhNF4kwnI.roa
Signing time: Mon 22 Apr 2024 14:04:08 +0000
ROA not before: Mon 22 Apr 2024 14:04:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 2a0d:3045::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:1f:0b:1e:ba:3f:84:a1:80:2c:e1:5a:2f:a7:40:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Apr 22 14:04:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f78f0ba40b0c90b22edfd7a73bf1e1345e24c272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5d:2d:75:0d:78:e0:cd:c8:85:d7:f6:43:64:
9a:49:89:ee:be:ba:c3:db:d8:10:66:2f:bd:9d:3a:
56:ee:ea:da:cc:81:dd:64:7e:24:c6:21:71:0a:4b:
47:e8:1f:25:da:95:07:8f:fc:4e:9a:53:93:7d:80:
ac:e3:1c:61:27:e1:6f:86:e8:69:8a:16:26:f9:40:
2e:38:e5:4a:60:eb:c9:96:2f:5f:99:9d:1b:fe:a0:
cd:17:ad:f5:7c:b0:1d:0d:ab:c3:7c:52:2e:eb:2e:
37:65:3c:de:33:13:5b:84:f3:12:29:19:6e:4d:ec:
e9:e5:86:6a:ae:93:4b:4c:29:bb:db:a5:a8:51:b5:
bc:ab:96:72:8a:2b:40:5e:2e:eb:07:f0:33:85:67:
29:9f:aa:2f:e0:50:c4:11:ff:56:d8:4c:c9:06:a8:
df:fc:d5:dc:b6:50:73:5e:1b:92:07:66:d7:ba:b2:
3e:21:ff:e5:1b:25:3d:c2:cc:37:de:b4:c7:ba:e9:
e2:50:cd:7e:bb:be:9a:74:6f:b5:e6:40:c4:75:f2:
bf:63:5a:48:da:82:6d:30:5c:2c:b9:e7:41:b4:d6:
f4:e1:5a:1c:cd:d0:bb:2e:c6:de:c8:bc:0b:6f:74:
a8:83:1f:1b:85:7e:6d:4c:0f:8a:8a:a9:cb:90:0b:
be:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:8F:0B:A4:0B:0C:90:B2:2E:DF:D7:A7:3B:F1:E1:34:5E:24:C2:72
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/948LpAsMkLIu39enO_HhNF4kwnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3045::/32
Signature Algorithm: sha256WithRSAEncryption
98:66:8e:89:f9:e2:57:68:37:07:e8:2d:bf:6d:74:b4:21:a9:
5d:3c:e4:45:a2:6d:fc:3b:15:ea:05:85:b1:9c:69:7f:a3:fe:
ba:79:14:d9:cd:77:9b:d8:f2:4f:b4:f3:16:6d:c0:d3:24:67:
f9:02:55:c2:44:63:c7:81:6b:12:49:e9:6f:e4:0c:9f:b6:1c:
f6:cf:b3:a3:ad:3f:7b:98:0d:b0:37:f5:fe:91:02:d4:47:4e:
8c:cd:fb:ca:92:84:1a:db:49:f4:27:d6:95:62:a1:c8:3d:61:
3d:ff:c7:bd:08:3e:4b:3c:01:d6:c0:6e:f6:1d:ec:d7:65:6f:
19:cd:86:3b:45:53:44:9d:9f:8f:ea:8a:f0:3d:19:f5:a8:7a:
52:14:62:07:64:8a:4e:3d:ec:ed:aa:c1:1a:6f:94:36:c9:60:
c2:00:d9:78:fd:08:db:ee:73:85:f9:4c:be:9b:15:41:4c:ff:
d0:9e:43:57:14:9c:76:a1:9a:13:1b:c5:ba:88:22:58:b1:d2:
c6:31:0f:0d:fa:93:69:5c:06:1c:d1:4c:ca:13:45:28:c8:29:
94:4f:43:98:49:f6:2f:b5:df:44:cf:ee:6f:03:dd:2e:b9:dc:
eb:fa:4e:af:46:39:1f:3a:fc:b5:df:3e:01:7b:9f:df:ff:fc:
ab:49:5d:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8GHwseuj+EoYAs4Vovp0AdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQwNDIyMTQwNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzhmMGJhNDBiMGM5MGIyMmVkZmQ3YTczYmYxZTEzNDVlMjRjMjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF0tdQ144M3Ihdf2Q2SaSYnuvrrD
29gQZi+9nTpW7urazIHdZH4kxiFxCktH6B8l2pUHj/xOmlOTfYCs4xxhJ+Fvhuhp
ihYm+UAuOOVKYOvJli9fmZ0b/qDNF631fLAdDavDfFIu6y43ZTzeMxNbhPMSKRlu
Tezp5YZqrpNLTCm726WoUbW8q5ZyiitAXi7rB/AzhWcpn6ov4FDEEf9W2EzJBqjf
/NXctlBzXhuSB2bXurI+If/lGyU9wsw33rTHuuniUM1+u76adG+15kDEdfK/Y1pI
2oJtMFwsuedBtNb04VoczdC7LsbeyLwLb3Sogx8bhX5tTA+KiqnLkAu+KQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPePC6QLDJCyLt/Xpzvx4TReJMJyMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvOTQ4THBBc01rTEl1Mzllbk9fSGhORjRrd25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg0wRTAN
BgkqhkiG9w0BAQsFAAOCAQEAmGaOifniV2g3B+gtv210tCGpXTzkRaJt/DsV6gWF
sZxpf6P+unkU2c13m9jyT7TzFm3A0yRn+QJVwkRjx4FrEknpb+QMn7Yc9s+zo60/
e5gNsDf1/pEC1EdOjM37ypKEGttJ9CfWlWKhyD1hPf/HvQg+SzwB1sBu9h3s12Vv
Gc2GO0VTRJ2fj+qK8D0Z9ah6UhRiB2SKTj3s7arBGm+UNslgwgDZeP0I2+5zhflM
vpsVQUz/0J5DVxScdqGaExvFuogiWLHSxjEPDfqTaVwGHNFMyhNFKMgplE9DmEn2
L7XfRM/ubwPdLrnc6/pOr0Y5Hzr8td8+AXuf3//8q0ldiw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:48:37 2025 by rpki-client