Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/vo9HB8YBYl6mAGuWnZii1LsprGs.roa
File: vo9HB8YBYl6mAGuWnZii1LsprGs.roa (raw, json)
Hash identifier: nKs8tJdvNF0UugKw+PkiYixS99POlzGjBLiJ98csXyo=
Subject key identifier: BE:8F:47:07:C6:01:62:5E:A6:00:6B:96:9D:98:A2:D4:BB:29:AC:6B
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018F80F3AEE4B788A4BAD4FD1D15A1616323
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/vo9HB8YBYl6mAGuWnZii1LsprGs.roa
Signing time: Thu 16 May 2024 10:30:04 +0000
ROA not before: Thu 16 May 2024 10:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49217
IP address blocks: 2a0f:eb03::/32 maxlen: 32
2a0f:ed07::/32 maxlen: 32
2a13:a446::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:f3:ae:e4:b7:88:a4:ba:d4:fd:1d:15:a1:61:63:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: May 16 10:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be8f4707c601625ea6006b969d98a2d4bb29ac6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:75:d0:85:53:7f:ab:35:15:4a:19:c4:67:
94:c8:4a:aa:e2:36:86:e0:8b:8d:df:99:1c:9b:49:
90:57:c8:1b:f0:a1:e5:f8:b0:e3:a0:55:b7:e8:36:
d0:ac:41:60:35:3f:b2:45:c7:d3:95:85:d0:63:6d:
c4:12:13:be:77:90:87:09:75:9c:c8:88:6c:c5:9f:
39:4d:fd:70:1e:38:3d:cc:75:bf:13:f5:41:f4:db:
46:1f:77:27:bf:03:a1:46:c5:c5:32:de:72:17:3b:
84:fc:91:05:cd:ef:7f:29:2f:86:68:e2:e1:5d:eb:
47:fd:8d:b0:ad:b2:42:2b:eb:9e:bb:46:d1:59:75:
2a:29:33:49:b8:b5:f9:4b:c3:43:f2:32:85:14:21:
f6:b6:a3:78:5d:cc:e0:c6:15:23:e6:11:be:09:7e:
95:2f:d1:12:63:e1:6d:98:55:80:d3:bb:1f:cd:4e:
33:5c:11:85:3c:6e:f2:eb:a5:6a:4a:01:8a:8d:5b:
3c:a2:7a:93:06:f2:1b:c5:bf:bc:2c:04:59:98:c9:
b5:89:5c:1d:ca:e2:7b:3c:25:75:3e:d1:5e:5e:59:
6e:83:5d:d4:d2:69:32:09:a8:7f:45:7a:43:64:bb:
80:5f:99:bc:c5:0f:7e:49:2a:ef:81:34:42:42:d6:
2a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:8F:47:07:C6:01:62:5E:A6:00:6B:96:9D:98:A2:D4:BB:29:AC:6B
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/vo9HB8YBYl6mAGuWnZii1LsprGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:eb03::/32
2a0f:ed07::/32
2a13:a446::/31
Signature Algorithm: sha256WithRSAEncryption
6c:0d:09:f9:cc:87:e7:90:0d:95:05:9c:83:0a:25:ab:8b:e1:
fc:00:67:31:df:6b:30:3e:1f:1e:c3:aa:c4:9b:f9:19:f9:73:
68:3f:cc:ef:18:2e:d8:82:84:04:3f:1c:85:5a:25:aa:bb:8a:
93:46:8c:77:4a:a5:1e:51:23:04:a2:8f:24:23:57:c4:5e:cf:
c3:48:d9:8c:a3:af:fa:ec:23:87:49:ab:19:16:41:54:f5:23:
f7:34:4c:88:fc:39:0b:9d:ea:c8:c8:4b:08:82:95:98:46:5a:
48:3b:ac:45:d9:49:22:52:cb:42:42:1c:67:ad:e2:e7:c5:a4:
48:3c:70:2a:da:d2:8a:ae:cc:51:46:66:9b:6a:17:f3:d1:48:
37:0b:b9:f8:25:37:b6:b5:39:6a:76:4e:cc:e9:b8:b4:8e:ec:
b1:57:32:ed:34:95:ec:c1:7d:2d:a6:4f:fa:26:1a:d2:a0:a5:
95:fd:34:96:a4:6f:f5:e0:4d:96:a6:ee:eb:39:8e:8b:1a:02:
e0:fb:5c:8e:7c:44:ed:db:61:5b:f7:c7:89:ed:00:ed:71:99:
a3:a5:55:e0:fc:55:75:e2:ea:5f:9b:e4:1d:49:c6:82:a1:6f:
e3:0e:4e:31:89:5d:85:7a:83:f8:a0:a8:03:ba:ca:53:67:15:
5e:e7:cc:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+A867kt4ikutT9HRWhYWMjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjQwNTE2MTAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZThmNDcwN2M2MDE2MjVlYTYwMDZiOTY5ZDk4YTJkNGJiMjlhYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV910IVTf6s1FUoZxGeUyEqq4jaG
4IuN35kcm0mQV8gb8KHl+LDjoFW36DbQrEFgNT+yRcfTlYXQY23EEhO+d5CHCXWc
yIhsxZ85Tf1wHjg9zHW/E/VB9NtGH3cnvwOhRsXFMt5yFzuE/JEFze9/KS+GaOLh
XetH/Y2wrbJCK+ueu0bRWXUqKTNJuLX5S8ND8jKFFCH2tqN4XczgxhUj5hG+CX6V
L9ESY+FtmFWA07sfzU4zXBGFPG7y66VqSgGKjVs8onqTBvIbxb+8LARZmMm1iVwd
yuJ7PCV1PtFeXllug13U0mkyCah/RXpDZLuAX5m8xQ9+SSrvgTRCQtYqDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL6PRwfGAWJepgBrlp2YotS7KaxrMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvdm85SEI4WUJZbDZtQUd1V25aaWkxTHNwckdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg/rAwMF
ACoP7QcDBQEqE6RGMA0GCSqGSIb3DQEBCwUAA4IBAQBsDQn5zIfnkA2VBZyDCiWr
i+H8AGcx32swPh8ew6rEm/kZ+XNoP8zvGC7YgoQEPxyFWiWqu4qTRox3SqUeUSME
oo8kI1fEXs/DSNmMo6/67COHSasZFkFU9SP3NEyI/DkLnerIyEsIgpWYRlpIO6xF
2UkiUstCQhxnreLnxaRIPHAq2tKKrsxRRmabahfz0Ug3C7n4JTe2tTlqdk7M6bi0
juyxVzLtNJXswX0tpk/6JhrSoKWV/TSWpG/14E2Wpu7rOY6LGgLg+1yOfETt22Fb
98eJ7QDtcZmjpVXg/FV14upfm+QdScaCoW/jDk4xiV2FeoP4oKgDuspTZxVe58y5
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:47 2025 by rpki-client