Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/75v8MXN6ygIDIQ1yKj4s-tBmnDc.roa
File: 75v8MXN6ygIDIQ1yKj4s-tBmnDc.roa (raw, json)
Hash identifier: +hNOWOd/FkxeQUfDxD5BSVh1+NbXlPhgasRyv+Zdt/w=
Subject key identifier: EF:9B:FC:31:73:7A:CA:02:03:21:0D:72:2A:3E:2C:FA:D0:66:9C:37
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018FE98AA22BCB984EA5FC15F96E4C85161D
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/75v8MXN6ygIDIQ1yKj4s-tBmnDc.roa
Signing time: Wed 05 Jun 2024 17:55:27 +0000
ROA not before: Wed 05 Jun 2024 17:55:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a0f:eb03::/32 maxlen: 32
2a0f:ed00::/32 maxlen: 32
2a0f:ed05::/32 maxlen: 32
2a0f:ed07::/32 maxlen: 32
2a13:a442::/32 maxlen: 32
2a13:a443::/32 maxlen: 32
2a13:a444::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a446::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e9:8a:a2:2b:cb:98:4e:a5:fc:15:f9:6e:4c:85:16:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Jun 5 17:55:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef9bfc31737aca0203210d722a3e2cfad0669c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a9:c7:b7:d2:a0:5e:62:86:51:d7:90:fd:25:
d4:d2:c4:1a:59:84:d7:42:5b:cc:3b:59:99:3c:c7:
f8:f7:d4:3e:da:56:3d:8e:7f:e2:ba:7a:96:e9:6b:
01:bc:1c:53:f4:77:9a:2c:6a:e5:9b:06:82:b5:ee:
64:41:28:2d:fe:8d:8d:e0:fa:76:6e:84:c0:f9:f5:
17:e0:1e:64:ca:24:5d:a8:8b:99:e4:99:3e:55:81:
64:1b:6d:f9:b6:69:fa:84:0e:fb:b0:2a:bb:e4:d3:
ac:f8:5c:34:37:00:db:5d:9e:da:38:3f:97:db:1d:
b0:bd:1b:80:72:8c:3d:bf:f0:e5:e3:67:73:96:8b:
a4:76:43:7b:53:0d:7f:65:16:e5:f7:2c:ef:1f:a3:
18:77:ea:b5:17:35:9d:56:96:ba:fa:71:5b:1f:9f:
b5:35:0d:58:35:2c:5c:36:9f:5e:c3:7d:5f:f6:d8:
f6:f9:8d:cc:62:7f:9d:72:c7:c4:7d:39:a0:09:e3:
80:38:11:2d:a7:10:22:17:ef:8c:50:38:de:47:2b:
3c:41:88:81:1b:b1:13:0e:b0:b7:c9:2f:27:99:3e:
da:0e:57:72:13:08:4e:3d:b5:b5:58:87:71:51:95:
63:34:c6:27:1f:b1:f5:3d:eb:2c:c1:a9:7c:3a:1c:
d4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9B:FC:31:73:7A:CA:02:03:21:0D:72:2A:3E:2C:FA:D0:66:9C:37
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/75v8MXN6ygIDIQ1yKj4s-tBmnDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:eb03::/32
2a0f:ed00::/32
2a0f:ed05::/32
2a0f:ed07::/32
2a13:a442::-2a13:a446:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:f8:0b:ad:a6:4f:21:ed:39:e0:1b:a8:92:a3:c8:2f:17:db:
98:b2:9d:dc:ee:17:cd:b4:41:9f:95:e2:b0:de:71:20:63:6e:
d8:e6:34:5a:cb:f3:98:23:e6:76:51:6e:69:61:0f:54:23:b0:
88:ad:23:f3:37:a8:07:4b:dd:b6:79:cb:d6:f4:6d:06:fd:a3:
c7:50:d3:71:d6:8e:ee:4b:f9:5d:20:20:9e:f5:2e:28:2d:9b:
f0:d0:f7:41:45:46:fc:aa:ce:c0:38:17:ad:c7:99:6c:b8:a8:
61:50:4a:e2:ea:23:ac:94:49:5d:02:70:c0:06:60:e8:2e:87:
74:67:0d:7d:8a:85:92:86:81:3b:b5:b6:c0:33:02:ac:f0:5d:
94:ce:b0:31:74:64:a7:80:52:ce:49:17:4f:7d:fb:1f:e1:8d:
16:db:1b:f6:59:b7:14:1e:de:d2:64:2c:b8:7f:11:91:2c:2a:
fc:00:dc:eb:c5:ff:fb:2e:d5:db:71:a4:db:02:6e:43:20:df:
b8:59:45:b0:64:c2:1c:81:3b:d1:32:42:6a:a6:0a:4e:80:b5:
7f:85:48:39:99:7b:db:3f:1d:97:12:e0:ab:14:d8:d2:d5:e1:
55:59:a6:f6:a3:41:7a:f6:bf:b5:81:c6:46:15:c3:29:3f:03:
8f:bc:07:7e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY/piqIry5hOpfwV+W5MhRYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNjA1MTc1NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjliZmMzMTczN2FjYTAyMDMyMTBkNzIyYTNlMmNmYWQwNjY5YzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06nHt9KgXmKGUdeQ/SXU0sQaWYTX
QlvMO1mZPMf499Q+2lY9jn/iunqW6WsBvBxT9HeaLGrlmwaCte5kQSgt/o2N4Pp2
boTA+fUX4B5kyiRdqIuZ5Jk+VYFkG235tmn6hA77sCq75NOs+Fw0NwDbXZ7aOD+X
2x2wvRuAcow9v/Dl42dzloukdkN7Uw1/ZRbl9yzvH6MYd+q1FzWdVpa6+nFbH5+1
NQ1YNSxcNp9ew31f9tj2+Y3MYn+dcsfEfTmgCeOAOBEtpxAiF++MUDjeRys8QYiB
G7ETDrC3yS8nmT7aDldyEwhOPbW1WIdxUZVjNMYnH7H1Pesswal8OhzUAQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFO+b/DFzesoCAyENcio+LPrQZpw3MB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvNzV2OE1YTjZ5Z0lESVExeUtqNHMtdEJtbkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUAKg/rAwMF
ACoP7QADBQAqD+0FAwUAKg/tBzAOAwUBKhOkQgMFACoTpEYwDQYJKoZIhvcNAQEL
BQADggEBAAv4C62mTyHtOeAbqJKjyC8X25iyndzuF820QZ+V4rDecSBjbtjmNFrL
85gj5nZRbmlhD1QjsIitI/M3qAdL3bZ5y9b0bQb9o8dQ03HWju5L+V0gIJ71Ligt
m/DQ90FFRvyqzsA4F63HmWy4qGFQSuLqI6yUSV0CcMAGYOguh3RnDX2KhZKGgTu1
tsAzAqzwXZTOsDF0ZKeAUs5JF099+x/hjRbbG/ZZtxQe3tJkLLh/EZEsKvwA3OvF
//su1dtxpNsCbkMg37hZRbBkwhyBO9EyQmqmCk6AtX+FSDmZe9s/HZcS4KsU2NLV
4VVZpvajQXr2v7WBxkYVwyk/A4+8B34=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:34 2025 by rpki-client