Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/VulQHWhzzPXQiRPOfzUk9fbQoJg.roa
File: VulQHWhzzPXQiRPOfzUk9fbQoJg.roa (raw, json)
Hash identifier: 1pq8LhNOVu3KfmYwRxokFt42T5gBAiGcBFnCuEB+z6M=
Subject key identifier: 56:E9:50:1D:68:73:CC:F5:D0:89:13:CE:7F:35:24:F5:F6:D0:A0:98
Certificate issuer: /CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Certificate serial: 0194282379147405661BB8F8F8AA1B76EF96
Authority key identifier: 4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/VulQHWhzzPXQiRPOfzUk9fbQoJg.roa
Signing time: Thu 02 Jan 2025 17:50:00 +0000
ROA not before: Thu 02 Jan 2025 17:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214235
IP address blocks: 2a10:b9c7::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:79:14:74:05:66:1b:b8:f8:f8:aa:1b:76:ef:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7f4f8ac8ca7343ed1b4ff12ce276318b69d10e
Validity
Not Before: Jan 2 17:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56e9501d6873ccf5d08913ce7f3524f5f6d0a098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:51:6f:28:73:78:5f:d2:4a:cc:c7:83:18:32:
2b:61:85:1e:87:2e:3c:ed:fc:8e:72:a9:08:e8:37:
52:74:68:e3:d8:15:fc:15:01:ec:73:fe:73:ff:05:
6b:6a:6e:fa:92:a2:75:b7:a7:63:4c:0d:8f:e9:d5:
2f:29:5b:8f:f3:cc:86:1b:a7:21:0b:1f:41:e8:c9:
8e:27:ea:f7:57:42:8b:04:0d:9b:3f:e4:29:fe:de:
d1:ec:99:26:35:44:9b:e8:9e:b6:c8:21:9d:18:ff:
be:0c:da:93:e5:f4:0d:09:ad:58:3a:85:11:84:68:
1c:e5:de:92:44:07:78:fa:b9:98:59:04:ab:d0:44:
cd:83:03:67:b3:59:aa:c9:8e:98:77:3c:e3:17:0c:
71:13:72:49:4d:5e:77:e5:83:f1:c4:33:6a:e3:92:
45:f4:2f:8d:6d:f5:b7:50:c5:e1:a1:a7:4c:b0:4a:
3a:96:66:06:f1:03:c7:e6:c9:30:af:99:bf:51:42:
05:5e:30:15:38:11:96:ed:f4:f2:5c:43:c4:ed:47:
0c:92:1a:db:0b:dd:e0:4a:4b:92:81:6c:e7:dd:05:
ff:7b:6a:f5:c6:b9:59:f1:9f:c1:3a:09:e3:44:8c:
6a:2b:b0:2b:a3:ed:b6:a9:b9:29:ce:2b:ba:65:b9:
13:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E9:50:1D:68:73:CC:F5:D0:89:13:CE:7F:35:24:F5:F6:D0:A0:98
X509v3 Authority Key Identifier:
keyid:4A:7F:4F:8A:C8:CA:73:43:ED:1B:4F:F1:2C:E2:76:31:8B:69:D1:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/VulQHWhzzPXQiRPOfzUk9fbQoJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0e6962-96b7-4fb8-a839-9ec7add0eb68/1/Sn9PisjKc0PtG0_xLOJ2MYtp0Q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:b9c7::/44
Signature Algorithm: sha256WithRSAEncryption
c5:92:e9:03:4e:60:5a:6a:65:ae:02:d4:a8:d2:fa:60:df:ec:
19:13:ac:20:33:4a:f9:3e:4c:95:73:85:6d:13:a3:7c:07:64:
f5:51:6c:0f:45:e2:a4:71:ef:69:62:2e:1d:5c:37:e3:f7:5f:
47:a8:5b:18:07:04:13:97:91:3c:86:36:be:9c:ff:03:ac:ea:
16:1f:61:0e:ce:45:cd:50:7e:fd:d2:cd:21:10:94:f8:fb:e9:
94:e9:1e:55:e3:f7:39:8f:b9:57:3f:ab:fb:48:34:7e:d9:37:
08:70:88:ce:88:5b:9e:78:88:35:c1:fc:b2:10:72:c5:fa:0f:
a3:82:ac:d3:36:a0:dd:08:aa:aa:84:b6:98:d8:3b:34:84:ae:
c6:57:bc:a2:44:ba:a9:93:fd:56:ec:d5:16:72:27:50:38:09:
58:74:f2:8b:44:08:21:85:b6:52:a4:9a:65:bf:bc:38:58:b9:
c8:88:ba:75:d7:a1:11:06:22:f0:77:51:1f:85:55:79:41:b1:
f5:4e:59:ec:e7:65:33:41:1d:41:c6:4d:ce:5b:68:86:c6:46:
2f:59:66:b8:71:0a:c8:c1:a2:a2:78:b8:ba:0e:b6:79:1c:30:
3c:e6:9c:50:d7:a1:1b:06:58:bf:52:5e:08:90:fe:df:65:00:
44:28:b0:72
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoI3kUdAVmG7j4+Kobdu+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2Y0ZjhhYzhjYTczNDNlZDFiNGZmMTJjZTI3NjMxOGI2
OWQxMGUwHhcNMjUwMTAyMTc1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmU5NTAxZDY4NzNjY2Y1ZDA4OTEzY2U3ZjM1MjRmNWY2ZDBhMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1FvKHN4X9JKzMeDGDIrYYUehy48
7fyOcqkI6DdSdGjj2BX8FQHsc/5z/wVram76kqJ1t6djTA2P6dUvKVuP88yGG6ch
Cx9B6MmOJ+r3V0KLBA2bP+Qp/t7R7JkmNUSb6J62yCGdGP++DNqT5fQNCa1YOoUR
hGgc5d6SRAd4+rmYWQSr0ETNgwNns1mqyY6YdzzjFwxxE3JJTV535YPxxDNq45JF
9C+NbfW3UMXhoadMsEo6lmYG8QPH5skwr5m/UUIFXjAVOBGW7fTyXEPE7UcMkhrb
C93gSkuSgWzn3QX/e2r1xrlZ8Z/BOgnjRIxqK7Aro+22qbkpziu6ZbkTlwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFbpUB1oc8z10IkTzn81JPX20KCYMB8GA1UdIwQY
MBaAFEp/T4rIynND7RtP8SzidjGLadEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4Mzkt
OWVjN2FkZDBlYjY4LzEvVnVsUUhXaHp6UFhRaVJQT2Z6VWs5ZmJRb0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wZTY5NjItOTZiNy00ZmI4LWE4MzktOWVjN2FkZDBlYjY4
LzEvU245UGlzaktjMFB0RzBfeExPSjJNWXRwMFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhC5xwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQDFkukDTmBaamWuAtSo0vpg3+wZE6wgM0r5PkyV
c4VtE6N8B2T1UWwPReKkce9pYi4dXDfj919HqFsYBwQTl5E8hja+nP8DrOoWH2EO
zkXNUH790s0hEJT4++mU6R5V4/c5j7lXP6v7SDR+2TcIcIjOiFueeIg1wfyyEHLF
+g+jgqzTNqDdCKqqhLaY2Ds0hK7GV7yiRLqpk/1W7NUWcidQOAlYdPKLRAghhbZS
pJplv7w4WLnIiLp116ERBiLwd1EfhVV5QbH1Tlns52UzQR1Bxk3OW2iGxkYvWWa4
cQrIwaKieLi6DrZ5HDA85pxQ16EbBli/Ul4IkP7fZQBEKLBy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:43:50 2025 by rpki-client