Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/wQs0Yo1QHKKFt6zHqmRv8MUWjEo.roa
File: wQs0Yo1QHKKFt6zHqmRv8MUWjEo.roa (raw, json)
Hash identifier: m39gEM8vLcG9CLc4OBGarQ2LSFANw6waCOJ2O7HkPgo=
Subject key identifier: C1:0B:34:62:8D:50:1C:A2:85:B7:AC:C7:AA:64:6F:F0:C5:16:8C:4A
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 018D78E20802EA7035A658DA5A1BEBDB4A8E
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/wQs0Yo1QHKKFt6zHqmRv8MUWjEo.roa
Signing time: Mon 05 Feb 2024 10:48:15 +0000
ROA not before: Mon 05 Feb 2024 10:48:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13127
IP address blocks: 2a04:9a00:1118::/48 maxlen: 48
2a07:3501:1080::/48 maxlen: 48
2a07:3501:1081::/48 maxlen: 48
2a07:3502:1190::/46 maxlen: 46
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:e2:08:02:ea:70:35:a6:58:da:5a:1b:eb:db:4a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Feb 5 10:48:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c10b34628d501ca285b7acc7aa646ff0c5168c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fd:85:a5:23:c4:67:61:ab:f4:7a:1b:31:f6:
3d:77:a6:01:22:c3:2e:eb:a5:db:7a:9f:a1:99:d6:
f6:1f:fc:1c:23:e9:c7:f2:02:57:2d:82:3f:c3:c6:
67:b1:9c:3f:a6:ad:a1:61:87:33:f1:22:f0:e8:a7:
81:72:eb:71:c4:5c:81:6e:b4:4d:26:2d:85:ba:f5:
91:86:79:68:e7:be:66:49:6f:4d:9e:1f:e8:b6:00:
ab:e5:dc:e0:61:05:72:19:a7:1c:81:ef:ca:4c:de:
b6:20:bd:fe:84:be:49:5e:75:cc:cd:36:48:5a:c1:
e7:ea:20:4f:2d:6e:81:c6:24:15:9a:4a:ab:9c:03:
70:78:72:2a:33:9b:18:ec:13:15:31:84:1b:16:ad:
06:ed:ac:46:42:57:d0:e3:15:20:69:ea:df:dd:2c:
a4:44:69:fa:f4:52:a9:cf:d1:fc:e0:94:48:a5:7e:
93:f1:e3:f1:5e:a7:ef:f5:9a:7f:25:b8:42:c5:70:
7a:b6:d5:00:64:38:fa:60:d3:fb:cd:b7:66:10:13:
c2:c2:db:9c:5e:69:c3:19:30:21:e4:40:2e:4f:31:
79:90:27:94:a5:34:01:1a:3e:fd:3f:04:df:52:87:
e4:8f:8b:3b:f6:29:84:3d:bf:9d:06:65:dc:d0:d9:
6c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0B:34:62:8D:50:1C:A2:85:B7:AC:C7:AA:64:6F:F0:C5:16:8C:4A
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/wQs0Yo1QHKKFt6zHqmRv8MUWjEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1118::/48
2a07:3501:1080::/47
2a07:3502:1190::/46
Signature Algorithm: sha256WithRSAEncryption
07:c3:d9:ef:28:85:43:dc:4f:52:f2:95:02:ad:9c:a1:85:d4:
f7:22:5b:82:b3:07:2a:6d:77:c5:ff:67:4a:0a:d3:2c:21:81:
d5:9b:30:b8:01:b6:3a:2d:ca:91:91:06:14:45:8f:ff:89:d2:
0e:d9:10:27:ff:6b:c8:ef:1a:bd:bc:2f:2b:58:6f:c4:30:dd:
df:f0:51:ec:3d:1c:67:d9:f2:95:6a:33:e8:45:45:b1:b2:fc:
4c:4d:38:88:47:b5:8d:62:95:81:54:56:fb:83:0e:f6:fc:2c:
43:fb:67:ae:12:8b:2a:ee:5e:5b:21:f4:f9:99:86:be:48:f9:
df:20:7e:49:d6:28:06:13:dd:b7:e2:74:86:c1:ae:84:70:bd:
14:62:f4:f2:d4:7e:17:31:f5:9a:1a:29:9d:61:0b:c2:ed:a8:
70:e0:0e:52:1d:ff:3a:84:1c:28:65:d6:98:c6:5b:38:47:31:
28:5f:ed:87:ec:f1:c1:86:6d:ab:94:6f:23:8f:be:b9:bb:0f:
3b:9e:5d:f8:a8:b4:e4:80:3a:bd:a3:2d:9c:32:c8:28:33:33:
79:94:1e:e1:a6:9e:3c:c9:50:af:be:85:66:15:bc:0f:b2:e3:
ee:60:c5:2b:04:cb:09:a2:a5:2e:cd:b1:9f:e7:60:7f:a2:be:
4a:f7:42:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY144ggC6nA1pljaWhvr20qOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQwMjA1MTA0ODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTBiMzQ2MjhkNTAxY2EyODViN2FjYzdhYTY0NmZmMGM1MTY4YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf2FpSPEZ2Gr9HobMfY9d6YBIsMu
66Xbep+hmdb2H/wcI+nH8gJXLYI/w8ZnsZw/pq2hYYcz8SLw6KeBcutxxFyBbrRN
Ji2FuvWRhnlo575mSW9Nnh/otgCr5dzgYQVyGaccge/KTN62IL3+hL5JXnXMzTZI
WsHn6iBPLW6BxiQVmkqrnANweHIqM5sY7BMVMYQbFq0G7axGQlfQ4xUgaerf3Syk
RGn69FKpz9H84JRIpX6T8ePxXqfv9Zp/JbhCxXB6ttUAZDj6YNP7zbdmEBPCwtuc
XmnDGTAh5EAuTzF5kCeUpTQBGj79PwTfUofkj4s79imEPb+dBmXc0NlsYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMELNGKNUByihbesx6pkb/DFFoxKMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvd1FzMFlvMVFIS0tGdDZ6SHFtUnY4TVVXakVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgSaABEY
AwcBKgc1ARCAAwcCKgc1AhGQMA0GCSqGSIb3DQEBCwUAA4IBAQAHw9nvKIVD3E9S
8pUCrZyhhdT3IluCswcqbXfF/2dKCtMsIYHVmzC4AbY6LcqRkQYURY//idIO2RAn
/2vI7xq9vC8rWG/EMN3f8FHsPRxn2fKVajPoRUWxsvxMTTiIR7WNYpWBVFb7gw72
/CxD+2euEosq7l5bIfT5mYa+SPnfIH5J1igGE9234nSGwa6EcL0UYvTy1H4XMfWa
GimdYQvC7ahw4A5SHf86hBwoZdaYxls4RzEoX+2H7PHBhm2rlG8jj765uw87nl34
qLTkgDq9oy2cMsgoMzN5lB7hpp48yVCvvoVmFbwPsuPuYMUrBMsJoqUuzbGf52B/
or5K90Ir
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:04 2025 by rpki-client