Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/kOR6Gsf1d66aBIeQUn8G4s0dBwE.roa
File: kOR6Gsf1d66aBIeQUn8G4s0dBwE.roa (raw, json)
Hash identifier: cmSwTUZKOBrEWN6YemqkyRkwBMmZNjtYUvWiF22FIqI=
Subject key identifier: 90:E4:7A:1A:C7:F5:77:AE:9A:04:87:90:52:7F:06:E2:CD:1D:07:01
Certificate issuer: /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial: 018CC3495E279A73C6B8236EC3F1A563AFB4
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/kOR6Gsf1d66aBIeQUn8G4s0dBwE.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 2a09:9f41::/32 maxlen: 32
2a0f:304::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5e:27:9a:73:c6:b8:23:6e:c3:f1:a5:63:af:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90e47a1ac7f577ae9a048790527f06e2cd1d0701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7f:55:7d:33:23:23:ac:5b:88:37:26:9d:a3:
32:bf:0b:12:15:aa:4f:e6:c1:33:84:58:cc:f9:e8:
61:32:83:94:23:67:75:ab:99:24:b9:21:83:a8:6e:
ea:5b:5d:94:aa:9a:10:ca:7b:ce:8a:f2:f4:60:a3:
4f:f7:f5:cd:c1:04:7e:46:9a:0d:81:4b:ab:f5:19:
b1:d2:08:5f:27:be:98:c7:50:95:46:32:13:fb:c2:
c5:3a:c6:18:da:76:da:25:12:08:1e:b9:f1:2f:7e:
02:fd:28:2f:e6:b5:59:36:d9:03:e1:c7:f9:ab:ef:
28:02:7e:72:c8:2f:74:18:5a:90:02:84:e1:f0:24:
0e:1d:79:8c:68:d5:b3:a7:6a:29:45:98:4c:ca:b7:
b9:c8:4c:a8:d1:2b:86:77:fa:54:d2:99:69:78:88:
ab:a7:38:5e:75:dd:71:94:92:9b:b1:5e:6a:ca:06:
d7:2b:48:61:74:21:2c:82:16:bc:3f:93:de:41:4f:
29:7a:6e:86:be:e9:6d:b8:e9:70:08:0b:3c:06:c1:
a9:bb:57:2d:63:28:80:0e:22:00:9a:fc:bc:16:71:
21:6f:2e:ec:f3:f6:4d:c4:18:b8:c8:1d:bb:9b:f0:
81:4a:f6:d1:b3:3b:01:d1:30:fc:79:39:fc:96:75:
d1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E4:7A:1A:C7:F5:77:AE:9A:04:87:90:52:7F:06:E2:CD:1D:07:01
X509v3 Authority Key Identifier:
keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/kOR6Gsf1d66aBIeQUn8G4s0dBwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9f41::/32
2a0f:304::/32
Signature Algorithm: sha256WithRSAEncryption
02:25:48:e2:76:3e:94:5d:8f:3b:b0:d8:d7:89:be:cc:ba:a5:
72:60:63:d0:bb:4f:10:a6:c0:da:2b:ba:c8:98:c2:d9:f8:01:
53:54:cb:27:26:a9:59:f9:af:d4:12:df:39:d4:31:c8:f0:c5:
17:0a:45:1c:e5:6a:73:b5:18:94:3b:87:f3:04:52:40:19:5f:
42:3e:6f:f2:38:34:c4:3e:76:e0:da:01:53:81:db:30:ee:8b:
99:ef:94:89:14:bd:6b:ca:55:52:47:88:e4:c1:df:4f:83:a7:
f7:54:51:2a:5a:d7:3d:7a:51:41:7d:cf:bd:16:85:62:6f:ae:
b8:86:46:75:79:37:30:0e:1f:ef:00:67:a2:a8:64:a8:02:4a:
e8:0e:57:e0:f4:42:48:21:81:aa:d0:c3:25:e6:c2:86:df:36:
42:d9:b0:83:cb:e6:c9:48:83:3e:06:34:1e:7f:aa:e3:b1:50:
03:3f:fb:98:43:7c:e2:ea:6f:53:93:ea:06:ce:38:c2:92:a0:
18:b0:6b:64:68:5a:1a:c0:c6:f4:5e:5e:f0:aa:98:c0:6d:06:
10:05:7d:b6:67:f0:f4:b1:c8:71:3b:82:d9:81:a1:81:2b:67:
b0:95:4e:05:a3:8d:2c:b9:29:73:db:00:05:c3:70:74:03:66:
d8:11:7c:75
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDSV4nmnPGuCNuw/GlY6+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGU0N2ExYWM3ZjU3N2FlOWEwNDg3OTA1MjdmMDZlMmNkMWQwNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX9VfTMjI6xbiDcmnaMyvwsSFapP
5sEzhFjM+ehhMoOUI2d1q5kkuSGDqG7qW12UqpoQynvOivL0YKNP9/XNwQR+RpoN
gUur9Rmx0ghfJ76Yx1CVRjIT+8LFOsYY2nbaJRIIHrnxL34C/Sgv5rVZNtkD4cf5
q+8oAn5yyC90GFqQAoTh8CQOHXmMaNWzp2opRZhMyre5yEyo0SuGd/pU0plpeIir
pzhedd1xlJKbsV5qygbXK0hhdCEsgha8P5PeQU8pem6GvultuOlwCAs8BsGpu1ct
YyiADiIAmvy8FnEhby7s8/ZNxBi4yB27m/CBSvbRszsB0TD8eTn8lnXRCwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJDkehrH9XeumgSHkFJ/BuLNHQcBMB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEva09SNkdzZjFkNjZhQkllUVVuOEc0czBkQndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgmfQQMF
ACoPAwQwDQYJKoZIhvcNAQELBQADggEBAAIlSOJ2PpRdjzuw2NeJvsy6pXJgY9C7
TxCmwNorusiYwtn4AVNUyycmqVn5r9QS3znUMcjwxRcKRRzlanO1GJQ7h/MEUkAZ
X0I+b/I4NMQ+duDaAVOB2zDui5nvlIkUvWvKVVJHiOTB30+Dp/dUUSpa1z16UUF9
z70WhWJvrriGRnV5NzAOH+8AZ6KoZKgCSugOV+D0QkghgarQwyXmwobfNkLZsIPL
5slIgz4GNB5/quOxUAM/+5hDfOLqb1OT6gbOOMKSoBiwa2RoWhrAxvReXvCqmMBt
BhAFfbZn8PSxyHE7gtmBoYErZ7CVTgWjjSy5KXPbAAXDcHQDZtgRfHU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:16:48 2025 by rpki-client