Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/afO4hurvSrIP8znsQqZfWzAuCaw.roa
File: afO4hurvSrIP8znsQqZfWzAuCaw.roa (raw, json)
Hash identifier: 70XSJfwfBkJ1Y0qZMAnSwxD3V2qHt8opBQA7D5EoDdk=
Subject key identifier: 69:F3:B8:86:EA:EF:4A:B2:0F:F3:39:EC:42:A6:5F:5B:30:2E:09:AC
Certificate issuer: /CN=a15237c39a325aa309b69e66fe09237da1ad0d2b
Certificate serial: 019425214C3B2DB1A00C81381C9A0BFE2FFD
Authority key identifier: A1:52:37:C3:9A:32:5A:A3:09:B6:9E:66:FE:09:23:7D:A1:AD:0D:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/afO4hurvSrIP8znsQqZfWzAuCaw.roa
Signing time: Thu 02 Jan 2025 03:48:46 +0000
ROA not before: Thu 02 Jan 2025 03:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209808
IP address blocks: 2a13:75c1:200::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:4c:3b:2d:b1:a0:0c:81:38:1c:9a:0b:fe:2f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15237c39a325aa309b69e66fe09237da1ad0d2b
Validity
Not Before: Jan 2 03:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69f3b886eaef4ab20ff339ec42a65f5b302e09ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3b:98:df:7d:0b:83:fb:d7:ee:77:16:d4:64:
bd:48:2a:9a:e6:99:29:0f:68:d0:ee:1d:b4:4a:a8:
ff:ee:52:be:44:28:26:26:c0:b4:6d:3b:89:68:6f:
4d:0b:2a:a5:e5:8c:af:9d:d5:63:6a:94:aa:6e:f5:
b6:bb:8f:da:e8:ac:fd:12:3c:0c:db:6f:36:ec:c3:
bc:54:33:b3:c1:48:35:f3:c2:d5:59:a0:ac:55:e3:
85:8a:d8:a2:13:ab:72:b2:98:0d:c2:74:4f:48:a4:
0e:83:3a:f9:a1:ac:0d:a0:70:65:8e:62:31:d6:82:
16:c1:3f:d8:eb:01:45:ef:74:5a:2c:c6:22:ab:37:
51:1e:cb:40:d1:84:33:a1:95:cd:2e:fa:93:68:ec:
06:28:27:55:0f:17:26:8d:39:60:29:ae:2f:fd:a9:
8b:d3:85:21:0a:69:77:fb:22:6d:72:ae:cd:b6:0a:
b1:a9:40:24:3d:1f:45:fa:4b:05:d8:ab:5f:c6:02:
7a:aa:9a:b2:89:af:c0:74:c6:48:c9:79:b5:d2:69:
3c:89:53:bf:9e:95:0a:13:4f:05:1c:ef:0e:41:77:
1f:57:cd:41:dc:da:ec:dc:41:95:c5:98:ff:93:ae:
70:fd:50:b3:ee:b5:c6:b6:46:63:07:ef:20:bd:49:
ee:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F3:B8:86:EA:EF:4A:B2:0F:F3:39:EC:42:A6:5F:5B:30:2E:09:AC
X509v3 Authority Key Identifier:
keyid:A1:52:37:C3:9A:32:5A:A3:09:B6:9E:66:FE:09:23:7D:A1:AD:0D:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVI3w5oyWqMJtp5m_gkjfaGtDSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/afO4hurvSrIP8znsQqZfWzAuCaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f33229-ca2d-4108-892d-4c910ae3735d/1/oVI3w5oyWqMJtp5m_gkjfaGtDSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:75c1:200::/40
Signature Algorithm: sha256WithRSAEncryption
7a:61:36:60:64:0c:94:2c:c1:7c:52:d1:ce:95:b0:b9:5a:d6:
00:fe:63:ca:0f:0f:90:4b:30:c7:67:68:88:43:18:17:61:cf:
70:72:95:c1:2b:39:12:de:77:00:45:4e:10:f7:14:6f:33:20:
56:bb:3a:41:4b:f6:e0:24:ab:81:51:a0:c7:d9:3e:48:dc:b5:
d7:50:40:65:a6:eb:54:5c:57:07:bc:26:3d:f6:17:f6:bf:ba:
7a:e3:e4:54:97:b0:48:ec:a4:07:c9:43:33:ae:e8:70:25:98:
6f:33:e8:60:8a:b3:c3:ea:fa:7b:43:76:db:7a:a0:75:4a:29:
91:83:78:67:67:a8:64:12:b6:24:11:b6:b1:7e:4a:bb:b7:c4:
c5:02:ad:5d:a0:f6:b7:8f:ab:47:d0:57:7e:14:28:ea:87:50:
ae:62:26:23:d9:6d:69:c2:4c:c2:a6:fe:66:bc:a4:15:dd:ae:
a5:08:58:c5:e3:03:8e:91:51:eb:b3:22:b0:d0:d6:c0:5d:98:
26:d4:fd:c6:87:97:59:e2:20:a6:61:4d:55:eb:c0:26:7b:40:
1f:6e:ef:14:88:6c:fb:6a:13:0b:65:55:53:56:11:30:ff:3d:
22:1f:a7:82:de:4b:3e:c0:30:92:ec:86:3c:55:36:ee:f1:88:
d0:3b:25:92
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIUw7LbGgDIE4HJoL/i/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTIzN2MzOWEzMjVhYTMwOWI2OWU2NmZlMDkyMzdkYTFh
ZDBkMmIwHhcNMjUwMTAyMDM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWYzYjg4NmVhZWY0YWIyMGZmMzM5ZWM0MmE2NWY1YjMwMmUwOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljuY330Lg/vX7ncW1GS9SCqa5pkp
D2jQ7h20Sqj/7lK+RCgmJsC0bTuJaG9NCyql5YyvndVjapSqbvW2u4/a6Kz9EjwM
22827MO8VDOzwUg188LVWaCsVeOFitiiE6tyspgNwnRPSKQOgzr5oawNoHBljmIx
1oIWwT/Y6wFF73RaLMYiqzdRHstA0YQzoZXNLvqTaOwGKCdVDxcmjTlgKa4v/amL
04UhCml3+yJtcq7NtgqxqUAkPR9F+ksF2KtfxgJ6qpqyia/AdMZIyXm10mk8iVO/
npUKE08FHO8OQXcfV81B3Nrs3EGVxZj/k65w/VCz7rXGtkZjB+8gvUnuMQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGnzuIbq70qyD/M57EKmX1swLgmsMB8GA1UdIwQY
MBaAFKFSN8OaMlqjCbaeZv4JI32hrQ0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZJM3c1b3lXcU1KdHA1bV9na2pmYUd0RFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mMzMyMjktY2EyZC00MTA4LTg5MmQt
NGM5MTBhZTM3MzVkLzEvYWZPNGh1cnZTcklQOHpuc1FxWmZXekF1Q2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mMzMyMjktY2EyZC00MTA4LTg5MmQtNGM5MTBhZTM3MzVk
LzEvb1ZJM3c1b3lXcU1KdHA1bV9na2pmYUd0RFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhN1wQIw
DQYJKoZIhvcNAQELBQADggEBAHphNmBkDJQswXxS0c6VsLla1gD+Y8oPD5BLMMdn
aIhDGBdhz3BylcErORLedwBFThD3FG8zIFa7OkFL9uAkq4FRoMfZPkjctddQQGWm
61RcVwe8Jj32F/a/unrj5FSXsEjspAfJQzOu6HAlmG8z6GCKs8Pq+ntDdtt6oHVK
KZGDeGdnqGQStiQRtrF+Sru3xMUCrV2g9rePq0fQV34UKOqHUK5iJiPZbWnCTMKm
/ma8pBXdrqUIWMXjA46RUeuzIrDQ1sBdmCbU/caHl1niIKZhTVXrwCZ7QB9u7xSI
bPtqEwtlVVNWETD/PSIfp4LeSz7AMJLshjxVNu7xiNA7JZI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:47 2025 by rpki-client