Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/ajN3vwMUxi2nmKoi6iB7JaWfTVg.roa
File: ajN3vwMUxi2nmKoi6iB7JaWfTVg.roa (raw, json)
Hash identifier: 5nVfOuqrR7S+aKWQmOTK3rFrCDvCCZKyMAWwWrUqao4=
Subject key identifier: 6A:33:77:BF:03:14:C6:2D:A7:98:AA:22:EA:20:7B:25:A5:9F:4D:58
Certificate issuer: /CN=69b01927a1a177d4261221d94628514a525a96e0
Certificate serial: 018539153BC0B070C44E49BAE6DD6CFCE424
Authority key identifier: 69:B0:19:27:A1:A1:77:D4:26:12:21:D9:46:28:51:4A:52:5A:96:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/abAZJ6Ghd9QmEiHZRihRSlJaluA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/ajN3vwMUxi2nmKoi6iB7JaWfTVg.roa
Signing time: Thu 22 Dec 2022 09:06:10 +0000
ROA not before: Thu 22 Dec 2022 09:06:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16267
IP address blocks: 213.146.0.0/19 maxlen: 19
2a01:4960::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:15:3b:c0:b0:70:c4:4e:49:ba:e6:dd:6c:fc:e4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69b01927a1a177d4261221d94628514a525a96e0
Validity
Not Before: Dec 22 09:06:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a3377bf0314c62da798aa22ea207b25a59f4d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a9:7f:dc:f5:fd:fa:24:f4:b2:f0:8a:43:dd:
88:88:77:2b:bf:8c:ef:f8:d3:d7:d1:9c:41:04:85:
73:54:8a:bf:a4:c3:fa:a4:26:7c:69:3a:ca:48:35:
ca:fe:75:a4:d5:58:13:f0:45:b0:7e:4d:c9:fe:5c:
c6:83:62:73:7b:2b:46:05:a7:bf:7e:3e:f7:70:8e:
72:ad:2e:ff:20:4c:06:02:09:f5:6d:71:03:02:7c:
78:c9:62:4c:8c:99:a8:94:24:f8:8a:06:83:c2:ae:
0c:a5:28:99:7c:de:f5:34:6b:67:dc:e6:84:02:69:
b6:6b:47:eb:11:99:30:c2:49:44:2f:24:45:1a:28:
46:e1:52:6c:67:72:d7:bd:3c:0f:f0:55:f9:01:43:
23:a0:9e:21:6d:c2:03:9f:89:f7:b3:54:ec:8d:85:
6c:1f:97:3c:a1:89:9a:9a:f6:64:ec:ca:c0:1b:8d:
9f:df:47:47:2d:3b:73:c2:a1:a7:1e:fa:68:e8:24:
05:f1:ff:b4:dc:3c:6b:86:57:08:79:90:0d:7d:03:
a0:95:e4:94:2d:30:04:f6:ec:de:c7:e3:53:1e:94:
a8:3c:78:86:16:28:6e:5c:f7:6c:60:cc:fa:e0:1a:
c4:2a:cb:7b:ac:32:24:c2:ed:9f:97:d5:3b:86:99:
57:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:33:77:BF:03:14:C6:2D:A7:98:AA:22:EA:20:7B:25:A5:9F:4D:58
X509v3 Authority Key Identifier:
keyid:69:B0:19:27:A1:A1:77:D4:26:12:21:D9:46:28:51:4A:52:5A:96:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/abAZJ6Ghd9QmEiHZRihRSlJaluA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/ajN3vwMUxi2nmKoi6iB7JaWfTVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/328eb3-5603-4955-aa92-2252bccfdbf9/1/abAZJ6Ghd9QmEiHZRihRSlJaluA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.146.0.0/19
IPv6:
2a01:4960::/32
Signature Algorithm: sha256WithRSAEncryption
5b:f1:da:5c:11:8e:55:d0:c3:52:91:b4:20:81:bc:04:aa:1b:
3d:40:6c:a4:52:8f:e7:5a:68:df:0c:66:21:3d:60:c9:bd:72:
73:4c:66:31:f5:33:6f:0b:f3:d5:6e:b1:2c:c8:8a:41:1c:4b:
a0:45:9b:9d:66:ff:85:ae:9b:92:e7:41:84:33:65:b6:1a:23:
0e:7a:d0:1a:87:84:7f:c0:4b:c3:4c:f5:20:ad:4c:17:56:21:
82:72:02:e1:fe:33:a5:d3:71:8b:7f:b2:0f:5a:a7:4a:e2:32:
0d:f5:02:6b:9b:a9:74:0b:e5:f6:ed:ec:c1:ad:02:44:5d:b3:
f1:fc:f7:c5:db:80:b6:d9:cd:50:79:df:3e:15:10:02:e6:2c:
02:d7:25:c4:c2:f0:17:5e:5a:bd:49:a8:f9:66:49:8b:79:98:
0b:c7:2b:6a:c9:a9:79:53:89:20:5e:13:ff:29:09:5d:54:46:
09:a1:98:0e:f2:3f:dd:e3:f3:55:05:64:38:3b:fb:08:95:7a:
91:58:0e:39:23:a7:fc:0b:ab:aa:43:10:8a:81:73:38:87:72:
9b:a6:d8:ba:8c:0b:e8:e6:1b:90:20:3c:eb:14:1a:8e:1d:98:
41:17:ca:7e:a5:59:41:2e:26:9f:2c:87:b2:ca:f0:12:6b:4c:
4c:96:7a:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYU5FTvAsHDETkm65t1s/OQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YjAxOTI3YTFhMTc3ZDQyNjEyMjFkOTQ2Mjg1MTRhNTI1
YTk2ZTAwHhcNMjIxMjIyMDkwNjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTMzNzdiZjAzMTRjNjJkYTc5OGFhMjJlYTIwN2IyNWE1OWY0ZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6l/3PX9+iT0svCKQ92IiHcrv4zv
+NPX0ZxBBIVzVIq/pMP6pCZ8aTrKSDXK/nWk1VgT8EWwfk3J/lzGg2JzeytGBae/
fj73cI5yrS7/IEwGAgn1bXEDAnx4yWJMjJmolCT4igaDwq4MpSiZfN71NGtn3OaE
Amm2a0frEZkwwklELyRFGihG4VJsZ3LXvTwP8FX5AUMjoJ4hbcIDn4n3s1TsjYVs
H5c8oYmamvZk7MrAG42f30dHLTtzwqGnHvpo6CQF8f+03DxrhlcIeZANfQOgleSU
LTAE9uzex+NTHpSoPHiGFihuXPdsYMz64BrEKst7rDIkwu2fl9U7hplXIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGozd78DFMYtp5iqIuogeyWln01YMB8GA1UdIwQY
MBaAFGmwGSehoXfUJhIh2UYoUUpSWpbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWJBWko2R2hkOVFtRWlIWlJpaFJTbEphbHVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zMjhlYjMtNTYwMy00OTU1LWFhOTIt
MjI1MmJjY2ZkYmY5LzEvYWpOM3Z3TVV4aTJubUtvaTZpQjdKYVdmVFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zMjhlYjMtNTYwMy00OTU1LWFhOTItMjI1MmJjY2ZkYmY5
LzEvYWJBWko2R2hkOVFtRWlIWlJpaFJTbEphbHVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ZIAMA0E
AgACMAcDBQAqAUlgMA0GCSqGSIb3DQEBCwUAA4IBAQBb8dpcEY5V0MNSkbQggbwE
qhs9QGykUo/nWmjfDGYhPWDJvXJzTGYx9TNvC/PVbrEsyIpBHEugRZudZv+FrpuS
50GEM2W2GiMOetAah4R/wEvDTPUgrUwXViGCcgLh/jOl03GLf7IPWqdK4jIN9QJr
m6l0C+X27ezBrQJEXbPx/PfF24C22c1Qed8+FRAC5iwC1yXEwvAXXlq9Saj5ZkmL
eZgLxytqyal5U4kgXhP/KQldVEYJoZgO8j/d4/NVBWQ4O/sIlXqRWA45I6f8C6uq
QxCKgXM4h3Kbpti6jAvo5huQIDzrFBqOHZhBF8p+pVlBLiafLIeyyvASa0xMlnrl
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:20:46 2025 by rpki-client