Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/17c994-1454-4b59-b661-c007436c20be/1/amK9JdEb2QNO8tKtMQeFboTTvaY.roa
File: amK9JdEb2QNO8tKtMQeFboTTvaY.roa (raw, json)
Hash identifier: 3iDbHFYu9H7QUrfFpIqJYvvIWl65t8+4iL9W8aHkZqY=
Subject key identifier: 6A:62:BD:25:D1:1B:D9:03:4E:F2:D2:AD:31:07:85:6E:84:D3:BD:A6
Certificate issuer: /CN=9b98f423292a35a98c220f90cf301dd4102584a1
Certificate serial: 018BF8F3AF07EE9A2CBE641D3A8CFB1941D9
Authority key identifier: 9B:98:F4:23:29:2A:35:A9:8C:22:0F:90:CF:30:1D:D4:10:25:84:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5j0IykqNamMIg-QzzAd1BAlhKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/17c994-1454-4b59-b661-c007436c20be/1/amK9JdEb2QNO8tKtMQeFboTTvaY.roa
Signing time: Wed 22 Nov 2023 21:33:21 +0000
ROA not before: Wed 22 Nov 2023 21:33:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216398
IP address blocks: 2a13:ef41:e000::/35 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f8:f3:af:07:ee:9a:2c:be:64:1d:3a:8c:fb:19:41:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b98f423292a35a98c220f90cf301dd4102584a1
Validity
Not Before: Nov 22 21:33:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a62bd25d11bd9034ef2d2ad3107856e84d3bda6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:55:e6:1e:cf:cb:bd:d5:49:86:7b:60:a7:af:
fa:45:37:ea:1b:c1:94:81:d2:ae:3b:f1:0e:b7:a5:
7d:9c:25:da:4c:f5:df:3d:f6:f6:35:27:3c:81:2b:
d4:6f:ed:b0:6b:89:89:7b:e7:e9:eb:dc:00:5d:bf:
55:cd:e0:96:c0:95:9d:2c:ec:e3:35:fe:d8:56:63:
32:a8:34:1a:05:30:6d:08:87:59:c0:ba:6a:64:19:
7c:98:8c:d5:d7:7f:54:43:45:17:d0:21:44:59:e4:
47:a5:21:7a:ad:f1:cc:49:dd:b1:0b:ae:0a:00:22:
51:5a:69:e4:13:d6:88:8d:86:e8:ab:49:76:ab:59:
4b:e5:9b:76:44:c3:fc:05:08:55:4f:89:a0:ad:ec:
f1:92:27:b2:8e:c3:d1:b2:69:05:a8:aa:7b:c9:1c:
5b:2b:fe:36:2a:92:a3:5a:94:cc:f4:db:7f:4a:bc:
03:f8:31:46:54:3d:b0:2c:a3:eb:20:64:4f:b9:f9:
a6:48:5c:0c:3c:cc:ab:39:fe:df:28:0a:87:78:77:
75:72:30:cc:34:24:21:74:30:15:44:cd:44:ed:be:
fc:fd:c9:14:37:d2:d7:56:e0:c0:22:52:ed:07:c0:
18:35:1a:0a:35:42:22:2d:9e:20:7c:bf:0a:e7:51:
38:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:62:BD:25:D1:1B:D9:03:4E:F2:D2:AD:31:07:85:6E:84:D3:BD:A6
X509v3 Authority Key Identifier:
keyid:9B:98:F4:23:29:2A:35:A9:8C:22:0F:90:CF:30:1D:D4:10:25:84:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5j0IykqNamMIg-QzzAd1BAlhKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/17c994-1454-4b59-b661-c007436c20be/1/amK9JdEb2QNO8tKtMQeFboTTvaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/17c994-1454-4b59-b661-c007436c20be/1/m5j0IykqNamMIg-QzzAd1BAlhKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ef41:e000::/35
Signature Algorithm: sha256WithRSAEncryption
9f:df:a8:bb:8c:66:93:76:2d:e8:b9:da:d5:c9:bd:a6:d9:17:
86:38:1a:15:7e:84:85:f7:d6:62:8e:e8:18:c6:94:d3:83:42:
3c:b1:89:8d:e0:71:6c:b4:3d:7d:9f:51:65:e3:8b:3b:fd:dc:
f3:05:63:9b:31:62:c2:80:9c:10:c7:3c:63:ad:0e:19:64:30:
1f:ae:3e:15:13:43:05:bf:33:84:cd:1b:d2:98:f7:80:8d:73:
bf:09:89:a0:4b:f8:95:f2:d9:34:7b:25:b4:f3:1f:bb:ad:ea:
aa:b9:2c:46:16:a7:d7:9c:b4:4b:4c:a6:e6:8c:f1:7c:08:79:
30:9b:53:9c:80:19:52:7d:90:33:98:40:5f:e9:51:0f:37:b5:
cf:79:9c:eb:b4:e2:7a:d0:95:e4:c4:c1:59:7f:d6:80:30:17:
64:71:60:20:b7:0a:16:1c:d6:eb:4d:a2:2b:68:23:2f:18:0c:
6b:c3:29:e0:48:2f:84:1a:48:36:26:d4:e6:51:3f:af:bd:ae:
be:30:bd:2d:67:33:c6:c4:7f:76:8d:33:83:f8:52:32:57:be:
20:9e:4a:2d:8e:ac:d9:89:bb:b5:e5:02:d7:ac:78:4c:de:c0:
2d:a7:c2:a3:a5:93:77:53:c5:c1:9b:6f:84:2e:ab:57:2c:6c:
3b:ca:3f:13
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYv4868H7posvmQdOoz7GUHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOThmNDIzMjkyYTM1YTk4YzIyMGY5MGNmMzAxZGQ0MTAy
NTg0YTEwHhcNMjMxMTIyMjEzMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTYyYmQyNWQxMWJkOTAzNGVmMmQyYWQzMTA3ODU2ZTg0ZDNiZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFXmHs/LvdVJhntgp6/6RTfqG8GU
gdKuO/EOt6V9nCXaTPXfPfb2NSc8gSvUb+2wa4mJe+fp69wAXb9VzeCWwJWdLOzj
Nf7YVmMyqDQaBTBtCIdZwLpqZBl8mIzV139UQ0UX0CFEWeRHpSF6rfHMSd2xC64K
ACJRWmnkE9aIjYboq0l2q1lL5Zt2RMP8BQhVT4mgrezxkieyjsPRsmkFqKp7yRxb
K/42KpKjWpTM9Nt/SrwD+DFGVD2wLKPrIGRPufmmSFwMPMyrOf7fKAqHeHd1cjDM
NCQhdDAVRM1E7b78/ckUN9LXVuDAIlLtB8AYNRoKNUIiLZ4gfL8K51E4MwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGpivSXRG9kDTvLSrTEHhW6E072mMB8GA1UdIwQY
MBaAFJuY9CMpKjWpjCIPkM8wHdQQJYShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVqMEl5a3FOYW1NSWctUXp6QWQxQkFsaEtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xN2M5OTQtMTQ1NC00YjU5LWI2NjEt
YzAwNzQzNmMyMGJlLzEvYW1LOUpkRWIyUU5POHRLdE1RZUZib1RUdmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xN2M5OTQtMTQ1NC00YjU5LWI2NjEtYzAwNzQzNmMyMGJl
LzEvbTVqMEl5a3FOYW1NSWctUXp6QWQxQkFsaEtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYFKhPvQeAw
DQYJKoZIhvcNAQELBQADggEBAJ/fqLuMZpN2Lei52tXJvabZF4Y4GhV+hIX31mKO
6BjGlNODQjyxiY3gcWy0PX2fUWXjizv93PMFY5sxYsKAnBDHPGOtDhlkMB+uPhUT
QwW/M4TNG9KY94CNc78JiaBL+JXy2TR7JbTzH7ut6qq5LEYWp9ectEtMpuaM8XwI
eTCbU5yAGVJ9kDOYQF/pUQ83tc95nOu04nrQleTEwVl/1oAwF2RxYCC3ChYc1utN
oitoIy8YDGvDKeBIL4QaSDYm1OZRP6+9rr4wvS1nM8bEf3aNM4P4UjJXviCeSi2O
rNmJu7XlAteseEzewC2nwqOlk3dTxcGbb4Quq1csbDvKPxM=
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:00:35 2025 by rpki-client