Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/Kvx8CFJShgrk9zFYI0lUsh--CwU.roa
File: Kvx8CFJShgrk9zFYI0lUsh--CwU.roa (raw, json)
Hash identifier: PVmg//o7LkW03D9ltn/laGXzfCJ6cNBsJDyBEL8Jj7s=
Subject key identifier: 2A:FC:7C:08:52:52:86:0A:E4:F7:31:58:23:49:54:B2:1F:BE:0B:05
Certificate issuer: /CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Certificate serial: 0194258F6CBA7E5B6539C4EAA2C3A1855564
Authority key identifier: E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/Kvx8CFJShgrk9zFYI0lUsh--CwU.roa
Signing time: Thu 02 Jan 2025 05:49:03 +0000
ROA not before: Thu 02 Jan 2025 05:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3261
IP address blocks: 2a02:300::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:6c:ba:7e:5b:65:39:c4:ea:a2:c3:a1:85:55:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7d799ae0efdd986dde77fb35ad0a10823cb972f
Validity
Not Before: Jan 2 05:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2afc7c085252860ae4f73158234954b21fbe0b05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1b:dd:43:cb:a1:3f:85:0c:54:7f:a5:df:4c:
bc:26:86:90:4c:26:b1:1e:0f:7b:f3:5f:49:23:20:
43:f1:bc:80:08:54:58:78:a9:b3:de:67:8b:20:e3:
97:7a:e5:87:95:39:81:94:3e:78:d0:39:5f:ce:9c:
84:f1:7d:7c:92:f4:d6:4e:b9:37:b7:fa:88:c0:03:
72:f9:7b:4b:16:97:b2:9a:f6:de:87:a7:a2:0f:7e:
cf:87:af:61:d0:ba:5b:b7:0a:fd:7b:45:7c:d5:6a:
d6:f7:4b:03:e6:7d:a0:cd:b3:3a:54:9a:a9:f7:eb:
45:6d:a8:1e:7d:08:12:f1:ec:80:89:81:c8:e4:db:
d9:45:39:5b:aa:17:fc:c8:4c:08:f1:42:a4:27:9b:
8f:3c:3d:38:43:e6:f5:b4:6f:60:70:2f:29:be:05:
62:94:49:7d:b8:3b:11:38:44:0f:9a:fa:6d:17:46:
eb:00:4e:f1:19:cf:9b:db:af:f9:21:85:56:79:ce:
0a:fd:43:29:5d:b3:4f:71:df:16:22:3e:a2:ee:6f:
81:b3:3e:27:31:97:cf:14:87:2f:6f:2e:fe:ad:98:
46:19:78:07:f8:1f:ee:fc:73:5e:09:12:d2:1b:d7:
84:7d:25:10:36:44:f2:cf:ff:e4:ab:8e:14:96:b3:
9a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:FC:7C:08:52:52:86:0A:E4:F7:31:58:23:49:54:B2:1F:BE:0B:05
X509v3 Authority Key Identifier:
keyid:E7:D7:99:AE:0E:FD:D9:86:DD:E7:7F:B3:5A:D0:A1:08:23:CB:97:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/59eZrg792Ybd53-zWtChCCPLly8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/Kvx8CFJShgrk9zFYI0lUsh--CwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/11081b-4ef9-4e2f-8153-287937940d7b/1/59eZrg792Ybd53-zWtChCCPLly8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:300::/32
Signature Algorithm: sha256WithRSAEncryption
02:75:d1:0d:b3:e6:a7:33:fd:a8:5f:f0:93:4c:96:3d:ec:b9:
19:54:3e:f8:26:cc:ff:57:db:52:45:30:d9:bc:f1:40:66:bb:
99:60:3e:8d:5c:63:fa:1b:a8:9a:ee:40:63:53:28:cc:07:2f:
a8:ee:26:ed:0e:a5:07:46:33:a2:3a:97:fa:a2:c1:d7:ac:13:
fd:a2:14:71:72:2e:0c:8e:0f:e4:24:60:c1:f8:66:77:b5:b3:
96:a1:55:3d:ad:0f:bc:d8:e3:91:ec:c1:99:a0:ef:0c:06:66:
ee:60:90:fd:9e:92:a9:3f:15:4a:a5:e8:78:a8:d8:61:e6:cc:
ca:79:d4:f7:3d:6e:dc:e9:2e:8d:9a:55:a5:11:3b:9c:38:53:
d2:6e:e6:4c:c2:96:a7:e0:c9:c2:03:d0:bf:9d:d5:f0:87:02:
67:18:e9:3e:4d:44:8f:4b:e4:59:0f:90:a1:54:ff:f4:c2:a5:
ea:b6:5a:64:87:bc:de:01:08:b3:56:27:b3:bc:a9:01:54:a6:
8d:8d:e3:3b:16:ef:94:1e:1d:e6:dd:87:70:1b:c4:3c:ff:8b:
99:e7:7a:bd:f0:4e:6e:72:db:5a:a2:95:0b:0d:12:f9:69:c2:
ea:ed:89:5a:a0:d9:69:28:a3:ac:d7:da:1c:cf:16:fb:c0:ab:
ec:92:8f:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlj2y6fltlOcTqosOhhVVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZDc5OWFlMGVmZGQ5ODZkZGU3N2ZiMzVhZDBhMTA4MjNj
Yjk3MmYwHhcNMjUwMTAyMDU0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWZjN2MwODUyNTI4NjBhZTRmNzMxNTgyMzQ5NTRiMjFmYmUwYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBvdQ8uhP4UMVH+l30y8JoaQTCax
Hg97819JIyBD8byACFRYeKmz3meLIOOXeuWHlTmBlD540DlfzpyE8X18kvTWTrk3
t/qIwANy+XtLFpeymvbeh6eiD37Ph69h0Lpbtwr9e0V81WrW90sD5n2gzbM6VJqp
9+tFbagefQgS8eyAiYHI5NvZRTlbqhf8yEwI8UKkJ5uPPD04Q+b1tG9gcC8pvgVi
lEl9uDsROEQPmvptF0brAE7xGc+b26/5IYVWec4K/UMpXbNPcd8WIj6i7m+Bsz4n
MZfPFIcvby7+rZhGGXgH+B/u/HNeCRLSG9eEfSUQNkTyz//kq44UlrOawwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCr8fAhSUoYK5PcxWCNJVLIfvgsFMB8GA1UdIwQY
MBaAFOfXma4O/dmG3ed/s1rQoQgjy5cvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMt
Mjg3OTM3OTQwZDdiLzEvS3Z4OENGSlNoZ3JrOXpGWUkwbFVzaC0tQ3dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8xMTA4MWItNGVmOS00ZTJmLTgxNTMtMjg3OTM3OTQwZDdi
LzEvNTllWnJnNzkyWWJkNTMteld0Q2hDQ1BMbHk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIDADAN
BgkqhkiG9w0BAQsFAAOCAQEAAnXRDbPmpzP9qF/wk0yWPey5GVQ++CbM/1fbUkUw
2bzxQGa7mWA+jVxj+huomu5AY1MozAcvqO4m7Q6lB0YzojqX+qLB16wT/aIUcXIu
DI4P5CRgwfhmd7WzlqFVPa0PvNjjkezBmaDvDAZm7mCQ/Z6SqT8VSqXoeKjYYebM
ynnU9z1u3OkujZpVpRE7nDhT0m7mTMKWp+DJwgPQv53V8IcCZxjpPk1Ej0vkWQ+Q
oVT/9MKl6rZaZIe83gEIs1Yns7ypAVSmjY3jOxbvlB4d5t2HcBvEPP+Lmed6vfBO
bnLbWqKVCw0S+WnC6u2JWqDZaSijrNfaHM8W+8Cr7JKP7Q==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:42 2025 by rpki-client