Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/cKbMhW8KnklH3RhFX6dyfANHtvo.roa
File: cKbMhW8KnklH3RhFX6dyfANHtvo.roa (raw, json)
Hash identifier: DV6na/ZhAR4OhHyP7EuV1zI9X6EaynT0j930pQX/cmY=
Subject key identifier: 70:A6:CC:85:6F:0A:9E:49:47:DD:18:45:5F:A7:72:7C:03:47:B6:FA
Certificate issuer: /CN=9de68c02854f9dc6785912249522ab7509937e48
Certificate serial: 01877049F78054BADA3CF246C6AD8746572B
Authority key identifier: 9D:E6:8C:02:85:4F:9D:C6:78:59:12:24:95:22:AB:75:09:93:7E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/neaMAoVPncZ4WRIklSKrdQmTfkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/cKbMhW8KnklH3RhFX6dyfANHtvo.roa
Signing time: Tue 11 Apr 2023 12:28:28 +0000
ROA not before: Tue 11 Apr 2023 12:28:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29491
IP address blocks: 2a13:f680::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:49:f7:80:54:ba:da:3c:f2:46:c6:ad:87:46:57:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de68c02854f9dc6785912249522ab7509937e48
Validity
Not Before: Apr 11 12:28:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a6cc856f0a9e4947dd18455fa7727c0347b6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:64:4d:a9:e8:0d:50:41:25:e7:98:8b:e3:af:
e4:b3:78:fb:ab:37:01:fa:d4:fd:b7:c2:de:37:97:
92:4a:5b:25:e4:f0:dd:e5:69:77:31:84:f4:23:c5:
26:7d:35:61:ee:12:73:0e:2b:41:ce:8d:07:6a:50:
bf:58:5b:01:12:13:07:61:db:28:bd:56:f3:12:3d:
b4:71:85:4e:85:fd:40:dc:a9:0f:50:ad:cd:3e:b6:
56:0c:c8:f8:82:2a:28:1b:54:93:9f:88:dd:c5:c6:
fb:3f:bb:d6:23:c0:f1:75:2f:3f:0a:18:b6:74:0f:
b9:a9:e8:e6:0d:0c:27:45:ee:8c:12:ec:6a:fc:4e:
c8:d6:27:43:0d:11:5b:f7:34:0b:d4:0b:cc:62:0a:
35:97:f1:2d:94:d4:1f:f8:ec:58:f0:94:9d:fd:93:
09:be:7f:2b:1e:c8:fa:bb:02:84:b6:b1:9a:74:17:
fe:d9:c9:e1:22:96:b0:66:86:c9:d7:e6:cb:3b:41:
4e:9d:fb:71:f7:52:0d:7d:89:7c:e7:88:c6:53:a1:
16:1f:42:23:80:6c:a1:54:f2:c9:79:fa:97:3c:ee:
aa:d3:b0:25:a6:2e:0f:af:b3:8c:e4:c2:5a:28:ea:
dd:27:b3:6d:27:46:d8:1d:82:3a:4d:e7:c0:04:96:
ae:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A6:CC:85:6F:0A:9E:49:47:DD:18:45:5F:A7:72:7C:03:47:B6:FA
X509v3 Authority Key Identifier:
keyid:9D:E6:8C:02:85:4F:9D:C6:78:59:12:24:95:22:AB:75:09:93:7E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/neaMAoVPncZ4WRIklSKrdQmTfkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/cKbMhW8KnklH3RhFX6dyfANHtvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5be0bd-695b-453c-9bf4-a6ecb89918b4/1/neaMAoVPncZ4WRIklSKrdQmTfkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f680::/29
Signature Algorithm: sha256WithRSAEncryption
89:4d:e9:57:fd:8d:50:7e:63:70:79:f4:1c:6a:11:ea:aa:c4:
b2:64:8a:33:f6:22:24:35:cb:b2:29:43:a1:c2:4a:5b:ec:a1:
f9:4a:9f:14:c3:1b:90:2b:c0:87:fd:ab:fa:7c:f0:c1:f0:e5:
5d:55:01:c2:f9:c7:8f:bd:2d:ac:ce:ec:c4:6e:36:a6:81:8d:
df:83:6e:91:12:29:49:31:af:5d:ed:59:7e:7c:f5:20:c8:86:
c9:be:5d:0e:52:5b:fd:bc:21:f7:53:52:9f:2d:3d:c9:c3:e1:
70:28:cc:ca:0e:3a:3d:1c:4e:e0:ad:68:9c:9c:cf:80:27:cc:
06:87:14:6a:ae:ad:ef:71:05:3d:ec:ba:e1:ad:e4:0d:9f:39:
ae:a5:2c:68:64:0e:27:92:cb:b9:11:e5:b4:30:d9:53:20:be:
6f:5e:99:45:b3:65:51:83:3a:aa:db:b9:5d:fe:e3:17:4f:15:
8d:06:30:f6:9f:1f:dd:1e:84:e4:e8:a7:d3:c2:50:4d:b7:d8:
fc:36:6e:1c:d9:ea:97:e4:91:52:ee:13:cb:4e:79:08:09:c6:
33:8d:f6:1d:e4:e8:a4:bc:07:87:b2:94:ed:1e:53:f7:dd:fd:
5e:a8:5e:f2:e5:0c:27:43:06:90:c5:b8:ca:4b:d8:f9:82:8d:
d3:99:9b:85
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYdwSfeAVLraPPJGxq2HRlcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTY4YzAyODU0ZjlkYzY3ODU5MTIyNDk1MjJhYjc1MDk5
MzdlNDgwHhcNMjMwNDExMTIyODI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGE2Y2M4NTZmMGE5ZTQ5NDdkZDE4NDU1ZmE3NzI3YzAzNDdiNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomRNqegNUEEl55iL46/ks3j7qzcB
+tT9t8LeN5eSSlsl5PDd5Wl3MYT0I8UmfTVh7hJzDitBzo0HalC/WFsBEhMHYdso
vVbzEj20cYVOhf1A3KkPUK3NPrZWDMj4giooG1STn4jdxcb7P7vWI8DxdS8/Chi2
dA+5qejmDQwnRe6MEuxq/E7I1idDDRFb9zQL1AvMYgo1l/EtlNQf+OxY8JSd/ZMJ
vn8rHsj6uwKEtrGadBf+2cnhIpawZobJ1+bLO0FOnftx91INfYl854jGU6EWH0Ij
gGyhVPLJefqXPO6q07Alpi4Pr7OM5MJaKOrdJ7NtJ0bYHYI6TefABJaujwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHCmzIVvCp5JR90YRV+ncnwDR7b6MB8GA1UdIwQY
MBaAFJ3mjAKFT53GeFkSJJUiq3UJk35IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVhTUFvVlBuY1o0V1JJa2xTS3JkUW1UZmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81YmUwYmQtNjk1Yi00NTNjLTliZjQt
YTZlY2I4OTkxOGI0LzEvY0tiTWhXOEtua2xIM1JoRlg2ZHlmQU5IdHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81YmUwYmQtNjk1Yi00NTNjLTliZjQtYTZlY2I4OTkxOGI0
LzEvbmVhTUFvVlBuY1o0V1JJa2xTS3JkUW1UZmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhP2gDAN
BgkqhkiG9w0BAQsFAAOCAQEAiU3pV/2NUH5jcHn0HGoR6qrEsmSKM/YiJDXLsilD
ocJKW+yh+UqfFMMbkCvAh/2r+nzwwfDlXVUBwvnHj70trM7sxG42poGN34NukRIp
STGvXe1Zfnz1IMiGyb5dDlJb/bwh91NSny09ycPhcCjMyg46PRxO4K1onJzPgCfM
BocUaq6t73EFPey64a3kDZ85rqUsaGQOJ5LLuRHltDDZUyC+b16ZRbNlUYM6qtu5
Xf7jF08VjQYw9p8f3R6E5Oin08JQTbfY/DZuHNnql+SRUu4Ty055CAnGM432HeTo
pLwHh7KU7R5T9939Xqhe8uUMJ0MGkMW4ykvY+YKN05mbhQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:30 2025 by rpki-client