Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/R2R6Zwpm3C7mEGCf96myxK2TaP8.roa
File: R2R6Zwpm3C7mEGCf96myxK2TaP8.roa (raw, json)
Hash identifier: JHhhJ/hqneURZNBRt/i03bXTcRI7N5eSJkdKe9AFbQI=
Subject key identifier: 47:64:7A:67:0A:66:DC:2E:E6:10:60:9F:F7:A9:B2:C4:AD:93:68:FF
Certificate issuer: /CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Certificate serial: 0194236A137DF7DD28FCF0185DA93502B70E
Authority key identifier: EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/R2R6Zwpm3C7mEGCf96myxK2TaP8.roa
Signing time: Wed 01 Jan 2025 19:49:01 +0000
ROA not before: Wed 01 Jan 2025 19:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2119
IP address blocks: 138.14.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:13:7d:f7:dd:28:fc:f0:18:5d:a9:35:02:b7:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee4c3fc0122d831fbea8abb20a4e9b65c54039b2
Validity
Not Before: Jan 1 19:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47647a670a66dc2ee610609ff7a9b2c4ad9368ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b5:a7:fa:81:13:b7:c9:b7:aa:9e:62:08:61:
e1:ea:77:9e:32:2a:5c:51:c5:e3:10:ad:47:bf:e1:
63:c3:cf:f6:ff:b4:e9:df:70:d4:df:2e:e4:10:a2:
a4:9e:f2:65:86:77:7e:89:03:86:73:67:fb:06:2e:
01:b2:54:19:47:84:bc:9c:e4:2a:41:ae:69:28:98:
bd:25:1e:88:d0:e3:9a:d0:f5:19:d7:be:26:5a:13:
17:11:47:25:ef:c2:2c:69:fc:9a:55:d4:23:1c:5c:
f0:76:df:c6:94:c6:d8:a7:9d:73:31:c4:97:aa:6e:
c7:a8:2e:f6:b0:f2:8d:92:4d:e4:07:7f:6b:7c:d0:
4e:e6:77:39:f8:67:84:5d:5a:e7:55:8f:7c:65:e3:
67:de:0e:8f:d5:02:d0:23:a6:6e:d5:45:ed:80:8c:
13:36:3c:e1:53:23:3e:68:27:ad:c0:60:0d:65:39:
3a:7f:3b:b4:af:93:a9:10:45:e2:fc:6e:5e:df:73:
b3:62:ba:a7:fd:82:95:42:3e:46:9f:82:d8:6b:fa:
39:6e:f9:c6:c9:bf:b3:38:4b:59:6b:55:1a:0d:27:
5e:4c:45:b8:1d:e5:9b:03:7d:3e:3e:c8:7a:b5:b5:
cc:fe:bb:b7:ce:13:93:c0:97:28:b6:36:c8:0f:83:
53:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:64:7A:67:0A:66:DC:2E:E6:10:60:9F:F7:A9:B2:C4:AD:93:68:FF
X509v3 Authority Key Identifier:
keyid:EE:4C:3F:C0:12:2D:83:1F:BE:A8:AB:B2:0A:4E:9B:65:C5:40:39:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7kw_wBItgx--qKuyCk6bZcVAObI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/R2R6Zwpm3C7mEGCf96myxK2TaP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/ecd1bb-fbda-4dd9-9ef9-3ac7d9623291/1/7kw_wBItgx--qKuyCk6bZcVAObI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.14.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:0e:6f:ab:a5:e2:f3:af:6b:31:af:a1:4c:4b:8f:49:53:0f:
a7:c6:01:1d:f7:24:29:fe:6e:82:1c:c8:d3:f3:11:10:67:3a:
87:41:6d:56:34:5b:09:bf:f4:bf:a8:82:1d:2a:85:9a:86:2d:
58:06:5d:12:61:a5:fa:88:88:df:f6:73:74:ef:75:f3:80:50:
3f:a5:75:77:ba:77:f0:c2:38:60:23:69:ef:b8:f9:44:8f:ab:
f9:cd:58:ae:f7:44:c9:d2:58:a2:84:54:85:23:2e:3e:d5:25:
4b:99:21:e9:d2:17:50:e0:ea:bd:b8:90:43:9c:46:06:eb:25:
4d:5f:a1:13:57:d0:84:ee:b5:3b:a0:7f:3f:f2:f4:57:8b:31:
fb:e6:8d:29:01:dc:8a:b7:44:3a:a6:ac:23:03:e4:4b:dd:16:
df:f1:96:ab:85:a8:b1:35:86:f6:89:27:9e:80:e2:12:9e:25:
f5:8d:2e:09:c3:a3:35:3f:b2:7a:7d:fb:1e:d4:06:76:04:4f:
b4:81:76:5a:e5:9d:8d:f9:5c:85:b8:ca:ce:68:7a:b3:85:7c:
66:66:ba:cd:3f:9f:4c:80:39:a8:07:d3:d6:96:e9:4c:3a:58:
ec:19:72:a4:29:37:e3:ce:b4:1e:c8:08:fc:52:03:37:31:d0:
d9:8f:59:a0
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQjahN9990o/PAYXak1ArcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNGMzZmMwMTIyZDgzMWZiZWE4YWJiMjBhNGU5YjY1YzU0
MDM5YjIwHhcNMjUwMTAxMTk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY0N2E2NzBhNjZkYzJlZTYxMDYwOWZmN2E5YjJjNGFkOTM2OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrWn+oETt8m3qp5iCGHh6neeMipc
UcXjEK1Hv+Fjw8/2/7Tp33DU3y7kEKKknvJlhnd+iQOGc2f7Bi4BslQZR4S8nOQq
Qa5pKJi9JR6I0OOa0PUZ174mWhMXEUcl78IsafyaVdQjHFzwdt/GlMbYp51zMcSX
qm7HqC72sPKNkk3kB39rfNBO5nc5+GeEXVrnVY98ZeNn3g6P1QLQI6Zu1UXtgIwT
NjzhUyM+aCetwGANZTk6fzu0r5OpEEXi/G5e33OzYrqn/YKVQj5Gn4LYa/o5bvnG
yb+zOEtZa1UaDSdeTEW4HeWbA30+Psh6tbXM/ru3zhOTwJcotjbID4NTtwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEdkemcKZtwu5hBgn/epssStk2j/MB8GA1UdIwQY
MBaAFO5MP8ASLYMfvqirsgpOm2XFQDmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjkt
M2FjN2Q5NjIzMjkxLzEvUjJSNlp3cG0zQzdtRUdDZjk2bXl4SzJUYVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9lY2QxYmItZmJkYS00ZGQ5LTllZjktM2FjN2Q5NjIzMjkx
LzEvN2t3X3dCSXRneC0tcUt1eUNrNmJaY1ZBT2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAig4wDQYJ
KoZIhvcNAQELBQADggEBACAOb6ul4vOvazGvoUxLj0lTD6fGAR33JCn+boIcyNPz
ERBnOodBbVY0Wwm/9L+ogh0qhZqGLVgGXRJhpfqIiN/2c3TvdfOAUD+ldXe6d/DC
OGAjae+4+USPq/nNWK73RMnSWKKEVIUjLj7VJUuZIenSF1Dg6r24kEOcRgbrJU1f
oRNX0ITutTugfz/y9FeLMfvmjSkB3Iq3RDqmrCMD5EvdFt/xlquFqLE1hvaJJ56A
4hKeJfWNLgnDozU/snp9+x7UBnYET7SBdlrlnY35XIW4ys5oerOFfGZmus0/n0yA
OagH09aW6Uw6WOwZcqQpN+POtB7ICPxSAzcx0NmPWaA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:10:02 2025 by rpki-client