Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bN-wKf12mmL4uB_knXAcWxNDs5E.roa
File: bN-wKf12mmL4uB_knXAcWxNDs5E.roa (raw, json)
Hash identifier: dzIh6kVKW5cCuN55gOQaRkmJItcJ9fR15MFH5S9DJ9E=
Subject key identifier: 6C:DF:B0:29:FD:76:9A:62:F8:B8:1F:E4:9D:70:1C:5B:13:43:B3:91
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018C7C8209C378E0678EA859A4009B4805CB
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bN-wKf12mmL4uB_knXAcWxNDs5E.roa
Signing time: Mon 18 Dec 2023 10:39:06 +0000
ROA not before: Mon 18 Dec 2023 10:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 2a13:3884::/30 maxlen: 30
2a13:8c44::/30 maxlen: 30
2a13:8c40::/30 maxlen: 30
2a11:5780::/30 maxlen: 30
2a11:5784::/30 maxlen: 30
2a13:3880::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:82:09:c3:78:e0:67:8e:a8:59:a4:00:9b:48:05:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Dec 18 10:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cdfb029fd769a62f8b81fe49d701c5b1343b391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:29:74:af:23:91:aa:87:ae:3d:32:7d:2f:85:
c7:95:b6:96:e3:0d:37:6b:41:c0:dc:70:b0:9e:d6:
62:94:f5:95:b3:dd:eb:98:d0:6f:a6:1a:43:b9:e6:
ad:17:5f:de:93:bc:59:3f:bd:3b:9e:06:88:d3:9f:
f4:bc:8c:36:c5:10:55:a2:02:4b:b2:ed:7f:36:a5:
05:d7:3b:00:6d:ee:8e:66:3e:47:24:39:5c:c3:dc:
92:a1:ae:79:70:1d:bc:d5:4e:e9:05:69:33:5c:da:
1b:85:a8:a2:25:f2:e5:4a:f7:e0:e4:cd:24:92:0b:
87:ac:57:ae:7f:f3:09:ac:52:fc:e8:db:02:9e:2b:
e9:a4:49:62:33:3f:d7:56:32:b1:74:c7:29:46:bc:
65:6d:68:fb:65:39:f5:02:be:43:90:51:5f:b0:9d:
a2:29:4e:f0:c2:42:f0:7c:92:da:a1:d9:c8:5a:3d:
07:9c:33:66:ad:96:7f:af:7e:d8:cb:64:d4:bc:d2:
1e:ed:ad:e9:76:36:63:88:35:ea:6a:03:4e:69:03:
e4:df:bd:33:64:fa:38:17:d6:a7:71:12:9d:8d:74:
6e:43:a8:1c:6b:51:90:56:0c:23:ed:c2:ab:eb:10:
71:ab:6f:cf:2b:b7:6d:0d:c8:a7:0f:0e:6d:07:08:
92:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:DF:B0:29:FD:76:9A:62:F8:B8:1F:E4:9D:70:1C:5B:13:43:B3:91
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bN-wKf12mmL4uB_knXAcWxNDs5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5780::/29
2a13:3880::/29
2a13:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
ad:89:b7:31:f1:a1:b9:01:36:63:5d:03:72:37:90:d3:c2:a7:
2f:24:ff:71:a9:09:50:db:fd:dc:50:12:f2:ae:af:8f:74:72:
7a:f9:da:63:1b:03:34:db:c8:85:d1:ac:06:11:1e:f9:b1:ec:
a1:59:a1:5f:e2:81:e8:28:a1:43:7b:d6:86:f2:f8:36:e2:e6:
f6:5e:3a:b3:8b:63:94:e9:48:b2:0e:4d:11:bc:b4:f6:43:03:
ab:73:37:e3:1e:c9:a0:2c:25:c1:16:75:51:d4:39:38:01:e4:
4e:01:7a:ab:6e:d9:4e:69:aa:41:13:aa:27:ed:9f:ce:b3:01:
02:94:c8:e4:b0:e3:fe:6d:50:89:ff:87:d8:94:75:cf:44:00:
4b:39:d8:f1:c1:3d:6b:11:83:61:ff:e6:62:7e:f0:1e:8d:7d:
69:4c:38:16:d3:97:b1:05:2f:d4:61:16:a5:ad:6a:80:5e:ce:
49:fb:7d:3b:16:64:9a:43:19:6c:40:76:ce:f1:15:50:f1:18:
87:34:3b:b9:32:d2:7c:41:fb:a7:84:58:4e:45:6f:cd:f8:47:
36:8e:ce:57:33:1e:9e:a5:c0:0a:13:5f:7a:eb:e5:b3:0a:a1:
99:f5:db:2c:4c:f0:ee:c7:45:4a:57:e5:74:26:14:56:43:fc:
0f:60:aa:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYx8ggnDeOBnjqhZpACbSAXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMjE4MTAzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2RmYjAyOWZkNzY5YTYyZjhiODFmZTQ5ZDcwMWM1YjEzNDNiMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjil0ryORqoeuPTJ9L4XHlbaW4w03
a0HA3HCwntZilPWVs93rmNBvphpDueatF1/ek7xZP707ngaI05/0vIw2xRBVogJL
su1/NqUF1zsAbe6OZj5HJDlcw9ySoa55cB281U7pBWkzXNobhaiiJfLlSvfg5M0k
kguHrFeuf/MJrFL86NsCnivppEliMz/XVjKxdMcpRrxlbWj7ZTn1Ar5DkFFfsJ2i
KU7wwkLwfJLaodnIWj0HnDNmrZZ/r37Yy2TUvNIe7a3pdjZjiDXqagNOaQPk370z
ZPo4F9ancRKdjXRuQ6gca1GQVgwj7cKr6xBxq2/PK7dtDcinDw5tBwiS6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGzfsCn9dppi+Lgf5J1wHFsTQ7ORMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvYk4td0tmMTJtbUw0dUJfa25YQWNXeE5EczVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhFXgAMF
AyoTOIADBQMqE4xAMA0GCSqGSIb3DQEBCwUAA4IBAQCtibcx8aG5ATZjXQNyN5DT
wqcvJP9xqQlQ2/3cUBLyrq+PdHJ6+dpjGwM028iF0awGER75seyhWaFf4oHoKKFD
e9aG8vg24ub2Xjqzi2OU6UiyDk0RvLT2QwOrczfjHsmgLCXBFnVR1Dk4AeROAXqr
btlOaapBE6on7Z/OswEClMjksOP+bVCJ/4fYlHXPRABLOdjxwT1rEYNh/+ZifvAe
jX1pTDgW05exBS/UYRalrWqAXs5J+307FmSaQxlsQHbO8RVQ8RiHNDu5MtJ8Qfun
hFhORW/N+Ec2js5XMx6epcAKE1966+WzCqGZ9dssTPDux0VKV+V0JhRWQ/wPYKrc
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:21 2025 by rpki-client