Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/kfPEBc7tUut9cOelykzRmwlWyTk.roa
File: kfPEBc7tUut9cOelykzRmwlWyTk.roa (raw, json)
Hash identifier: o6J62ZzOFLP0/bHr7/FtTQa5VkoXZlWJ8hkPYjRZJBM=
Subject key identifier: 91:F3:C4:05:CE:ED:52:EB:7D:70:E7:A5:CA:4C:D1:9B:09:56:C9:39
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E2D6CE69D2C1B06256A0FF370DCFC
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/kfPEBc7tUut9cOelykzRmwlWyTk.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3305
IP address blocks: 2a00:ec81::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2d:6c:e6:9d:2c:1b:06:25:6a:0f:f3:70:dc:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91f3c405ceed52eb7d70e7a5ca4cd19b0956c939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:50:d4:bc:49:ef:b8:08:60:cc:e0:08:6a:ce:
6e:b3:42:c9:0b:70:96:ce:1e:cc:20:c8:e8:35:1f:
30:35:6d:c1:51:c5:e3:49:0b:a5:f1:74:fe:13:88:
3c:01:7e:a2:c2:c7:40:41:e9:72:70:f6:12:13:d2:
86:5f:35:50:a6:ba:5b:22:44:4c:32:87:57:26:c6:
ea:cf:ac:2e:37:1c:3b:dd:bc:af:b3:03:95:c9:5d:
ca:65:b6:3b:77:96:74:f4:43:bc:44:3e:da:d9:28:
a3:3e:f1:f0:5d:1c:64:29:fa:32:a2:d7:ca:4a:39:
f0:cd:1c:3d:b7:3d:df:c8:86:86:ab:6a:e6:71:a0:
b1:7b:26:23:26:4b:9a:21:11:89:4f:91:12:19:a6:
1f:96:a3:53:bf:47:9c:50:4a:84:95:0d:5b:38:d2:
0c:e5:a1:ad:bd:ec:ab:d9:62:a7:f2:6e:86:25:65:
a8:9a:b4:11:25:70:44:70:28:0f:e8:23:e4:d4:ab:
7e:fb:a3:fe:52:6e:23:fd:25:19:9d:b9:06:1e:82:
62:ff:6b:44:77:b5:48:72:d3:5c:a8:0d:58:1d:92:
6e:45:55:34:e0:9f:02:78:e0:19:a7:14:0a:11:1e:
4d:f4:92:fa:ea:15:85:35:d8:aa:19:d4:67:2b:4d:
38:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F3:C4:05:CE:ED:52:EB:7D:70:E7:A5:CA:4C:D1:9B:09:56:C9:39
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/kfPEBc7tUut9cOelykzRmwlWyTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ec81::/32
Signature Algorithm: sha256WithRSAEncryption
2c:64:30:d4:37:1b:fa:bd:99:41:74:8c:b0:08:26:f9:22:e1:
c5:f8:04:a6:b8:0c:6d:aa:82:40:71:7b:c2:95:4d:cb:76:f2:
5a:b1:5f:99:34:3d:fb:ea:49:a3:e5:a2:96:ee:b5:e0:27:82:
58:52:f3:ed:3c:3f:e3:84:24:6e:65:d3:4b:93:82:61:7b:27:
69:cd:58:3f:d4:47:13:83:3c:8d:dd:5e:8d:b1:23:36:68:85:
4f:51:f5:1e:62:fd:4c:de:27:60:d9:19:be:ac:17:76:3f:b6:
9c:01:18:92:01:5c:0e:83:99:ac:a3:dc:cc:50:cc:e8:51:44:
71:1a:85:02:74:22:21:dd:d8:88:92:97:a8:00:a2:69:fd:f0:
77:95:f1:b6:04:2c:50:08:72:d7:a0:3c:ba:dd:81:37:03:93:
ec:54:b1:2b:94:be:96:e8:f9:3b:5d:4d:6f:64:e8:8b:97:7b:
33:eb:e2:d2:4c:c8:df:75:7e:1f:a1:f0:84:e0:50:b9:50:0b:
f8:7d:3c:6b:27:8b:de:5b:ae:87:ba:23:18:dc:5c:36:ae:c2:
e7:68:ad:94:e3:98:28:c6:56:4a:ed:ed:df:48:16:16:c7:2f:
d4:1e:c5:69:09:47:78:a1:51:87:ea:26:57:83:5a:e5:37:a1:
6e:8f:a9:b4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTi1s5p0sGwYlag/zcNz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYzYzQwNWNlZWQ1MmViN2Q3MGU3YTVjYTRjZDE5YjA5NTZjOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlDUvEnvuAhgzOAIas5us0LJC3CW
zh7MIMjoNR8wNW3BUcXjSQul8XT+E4g8AX6iwsdAQelycPYSE9KGXzVQprpbIkRM
ModXJsbqz6wuNxw73byvswOVyV3KZbY7d5Z09EO8RD7a2SijPvHwXRxkKfoyotfK
SjnwzRw9tz3fyIaGq2rmcaCxeyYjJkuaIRGJT5ESGaYflqNTv0ecUEqElQ1bONIM
5aGtveyr2WKn8m6GJWWomrQRJXBEcCgP6CPk1Kt++6P+Um4j/SUZnbkGHoJi/2tE
d7VIctNcqA1YHZJuRVU04J8CeOAZpxQKER5N9JL66hWFNdiqGdRnK004kwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJHzxAXO7VLrfXDnpcpM0ZsJVsk5MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEva2ZQRUJjN3RVdXQ5Y09lbHlrelJtd2xXeVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgDsgTAN
BgkqhkiG9w0BAQsFAAOCAQEALGQw1Dcb+r2ZQXSMsAgm+SLhxfgEprgMbaqCQHF7
wpVNy3byWrFfmTQ9++pJo+Wilu614CeCWFLz7Tw/44QkbmXTS5OCYXsnac1YP9RH
E4M8jd1ejbEjNmiFT1H1HmL9TN4nYNkZvqwXdj+2nAEYkgFcDoOZrKPczFDM6FFE
cRqFAnQiId3YiJKXqACiaf3wd5XxtgQsUAhy16A8ut2BNwOT7FSxK5S+luj5O11N
b2Toi5d7M+vi0kzI33V+H6HwhOBQuVAL+H08ayeL3luuh7ojGNxcNq7C52itlOOY
KMZWSu3t30gWFscv1B7FaQlHeKFRh+omV4Na5Tehbo+ptA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:16:52 2025 by rpki-client