Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uMTB6VBplkWYrrOGBfiZFb1uJko.roa
File: uMTB6VBplkWYrrOGBfiZFb1uJko.roa (raw, json)
Hash identifier: kZnTcqot2Rt+a1t9BK0pj0+qPfy08FIkqSJAZHfrRVw=
Subject key identifier: B8:C4:C1:E9:50:69:96:45:98:AE:B3:86:05:F8:99:15:BD:6E:26:4A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194B771AC795ECD21D79E5BAC756C98C02D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uMTB6VBplkWYrrOGBfiZFb1uJko.roa
Signing time: Thu 30 Jan 2025 13:41:07 +0000
ROA not before: Thu 30 Jan 2025 13:41:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 2a01:280:200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:71:ac:79:5e:cd:21:d7:9e:5b:ac:75:6c:98:c0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 30 13:41:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8c4c1e95069964598aeb38605f89915bd6e264a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ba:db:25:b1:1e:88:00:2d:c2:c1:36:c8:d0:
a3:c2:dd:1f:ef:5d:b9:f9:4d:a1:85:e9:c6:73:68:
8f:4b:71:37:bc:7f:5e:6e:43:65:e2:7b:ac:17:2a:
4b:8e:ec:80:17:59:14:b8:66:dd:eb:d5:e5:53:4d:
66:96:4d:c9:1e:b4:c6:29:22:67:ef:14:b7:e8:a6:
22:66:06:ea:93:e9:c5:da:f1:0c:c7:1b:c6:ab:16:
f2:75:60:2e:a8:46:7a:55:0a:81:f6:7f:b4:11:fc:
12:c1:8b:76:6a:c3:ff:2b:0c:ab:8e:65:e2:69:71:
ec:aa:3e:b8:91:ee:bb:ee:12:a8:6c:40:e6:f9:45:
55:fe:78:17:af:35:90:54:4b:45:ff:53:57:42:b4:
0a:3b:f3:21:db:c3:40:c9:6e:cb:99:3d:47:8c:f8:
f1:21:be:89:fc:4d:bd:b9:ef:a0:53:74:40:79:93:
41:cf:0e:7c:0f:ad:91:92:02:35:bc:3b:9f:00:a1:
7e:07:91:26:5c:86:5a:0f:0f:8b:05:dc:ce:b2:1c:
97:18:d2:e2:37:43:43:ff:6e:db:a4:f4:df:ef:cf:
de:01:8f:94:c9:bf:5c:c5:51:97:56:c3:57:b3:77:
73:f1:96:5c:46:7b:dd:d7:a4:89:c2:af:7b:58:24:
4a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C4:C1:E9:50:69:96:45:98:AE:B3:86:05:F8:99:15:BD:6E:26:4A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/uMTB6VBplkWYrrOGBfiZFb1uJko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:280:200::/40
Signature Algorithm: sha256WithRSAEncryption
b2:2a:db:42:b1:4f:93:a1:f6:c1:5c:12:82:2a:40:9d:ae:30:
c0:a4:5b:e4:61:f9:85:72:d2:ef:99:8f:94:de:f3:8f:46:5f:
f1:6e:d1:3a:e4:ab:b2:10:c1:96:62:78:b0:c8:01:7c:63:7c:
88:8c:8c:dc:7c:8e:f0:86:d2:b8:82:42:04:c6:61:b5:de:4a:
d6:f2:98:d0:64:65:7d:28:8d:ce:ca:ff:58:73:56:64:35:31:
49:07:41:d9:51:72:d8:bd:47:5e:83:d8:26:01:03:54:92:33:
02:48:a1:43:4c:96:47:71:c9:27:30:91:e0:87:3a:57:58:67:
cd:d1:50:b7:dc:cb:1a:e5:a6:36:ce:91:44:5c:10:30:55:f0:
df:18:d3:64:ec:e3:3d:ab:1d:e7:6a:95:02:42:23:06:cf:39:
d7:c4:dd:d5:76:f2:1a:48:ec:d9:b1:4a:bf:fa:0e:d8:a0:52:
52:7c:1b:1f:15:dc:51:2f:ee:16:52:ef:83:97:b9:af:f6:5d:
05:a5:11:21:c3:f0:60:02:8b:2f:6e:6c:7f:89:80:44:18:8b:
0f:14:ed:3c:29:5c:23:02:4b:f9:6d:99:b5:f8:ab:2d:84:ee:
ed:93:9b:5a:90:cc:05:8a:8a:d4:c7:53:74:57:2e:45:2b:08:
af:88:89:c5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZS3cax5Xs0h155brHVsmMAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTMwMTM0MTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM0YzFlOTUwNjk5NjQ1OThhZWIzODYwNWY4OTkxNWJkNmUyNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobrbJbEeiAAtwsE2yNCjwt0f7125
+U2hhenGc2iPS3E3vH9ebkNl4nusFypLjuyAF1kUuGbd69XlU01mlk3JHrTGKSJn
7xS36KYiZgbqk+nF2vEMxxvGqxbydWAuqEZ6VQqB9n+0EfwSwYt2asP/KwyrjmXi
aXHsqj64ke677hKobEDm+UVV/ngXrzWQVEtF/1NXQrQKO/Mh28NAyW7LmT1HjPjx
Ib6J/E29ue+gU3RAeZNBzw58D62RkgI1vDufAKF+B5EmXIZaDw+LBdzOshyXGNLi
N0ND/27bpPTf78/eAY+Uyb9cxVGXVsNXs3dz8ZZcRnvd16SJwq97WCRKGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLjEwelQaZZFmK6zhgX4mRW9biZKMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvdU1UQjZWQnBsa1dZcnJPR0JmaVpGYjF1SmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgECgAIw
DQYJKoZIhvcNAQELBQADggEBALIq20KxT5Oh9sFcEoIqQJ2uMMCkW+Rh+YVy0u+Z
j5Te849GX/Fu0Trkq7IQwZZieLDIAXxjfIiMjNx8jvCG0riCQgTGYbXeStbymNBk
ZX0ojc7K/1hzVmQ1MUkHQdlRcti9R16D2CYBA1SSMwJIoUNMlkdxyScwkeCHOldY
Z83RULfcyxrlpjbOkURcEDBV8N8Y02Ts4z2rHedqlQJCIwbPOdfE3dV28hpI7Nmx
Sr/6DtigUlJ8Gx8V3FEv7hZS74OXua/2XQWlESHD8GACiy9ubH+JgEQYiw8U7Twp
XCMCS/ltmbX4qy2E7u2Tm1qQzAWKitTHU3RXLkUrCK+IicU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:01 2025 by rpki-client