Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S3D_wXUqgO9LU5KnXkxHeEzFVaI.roa
File: S3D_wXUqgO9LU5KnXkxHeEzFVaI.roa (raw, json)
Hash identifier: e2K6z7kKa8PDiR51qb0f2AEtb5hlg6Gr288AKhO4szs=
Subject key identifier: 4B:70:FF:C1:75:2A:80:EF:4B:53:92:A7:5E:4C:47:78:4C:C5:55:A2
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018A70E3D6D33712C5CD11617F5B1DF88FE0
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S3D_wXUqgO9LU5KnXkxHeEzFVaI.roa
Signing time: Thu 07 Sep 2023 18:24:54 +0000
ROA not before: Thu 07 Sep 2023 18:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216349
IP address blocks: 2a10:3f84::/30 maxlen: 30
2a0f:9ac0::/29 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:e3:d6:d3:37:12:c5:cd:11:61:7f:5b:1d:f8:8f:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Sep 7 18:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b70ffc1752a80ef4b5392a75e4c47784cc555a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7d:47:66:06:87:07:48:26:89:22:6b:47:d7:
5b:81:13:49:22:ef:c8:80:8d:9b:2a:c1:94:37:ef:
5d:2b:95:be:72:af:54:f2:28:8d:78:4b:ce:d5:47:
33:ec:b8:19:01:db:c9:02:43:7a:4f:8d:7f:88:be:
66:7f:18:a6:79:44:97:eb:d2:e7:b7:ee:6d:71:31:
53:75:9b:fc:47:eb:68:41:a0:ec:f9:ca:dd:ac:d6:
85:da:31:1e:77:10:40:8a:35:22:1f:d7:62:78:f8:
8a:eb:f0:f7:ed:09:dc:af:66:ee:1d:29:9b:fe:82:
1e:9f:ae:bc:6a:6e:d1:91:e9:61:6c:ee:3a:a6:52:
4c:16:b1:13:e2:de:6d:48:74:01:76:0b:72:d6:03:
7a:7c:c3:17:81:44:54:ea:ff:b1:d9:0c:2b:1b:87:
cb:74:4e:ed:98:0c:7a:a9:61:26:0e:93:f9:fb:3f:
da:cb:48:14:5f:c9:6c:56:56:4e:86:45:d2:6e:f8:
19:78:89:30:af:0d:05:61:f4:a2:fa:75:79:fb:35:
ce:24:3a:38:6f:83:2e:fd:34:b3:dd:89:d0:b1:f8:
6b:21:62:be:81:53:09:e3:35:ec:f6:39:4d:26:e4:
f7:a3:13:70:21:0c:60:cd:3c:4c:5f:67:10:48:f0:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:70:FF:C1:75:2A:80:EF:4B:53:92:A7:5E:4C:47:78:4C:C5:55:A2
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/S3D_wXUqgO9LU5KnXkxHeEzFVaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9ac0::/29
2a10:3f84::/30
Signature Algorithm: sha256WithRSAEncryption
4a:f3:61:b6:57:4e:96:ac:0f:f2:2c:38:c3:62:f7:a2:39:ba:
aa:a4:49:83:84:ba:dd:95:10:8d:e7:2a:37:14:32:9c:69:ed:
f0:f4:21:38:31:99:0e:bd:56:f2:2f:7d:74:1e:2d:66:d3:28:
be:52:d9:84:65:31:48:00:f2:36:f2:d9:d8:cb:5b:bf:c4:ba:
b1:31:c4:53:95:af:f7:c6:0d:0f:1b:57:61:c7:ba:ee:ca:c3:
f9:25:77:92:35:12:37:70:c6:51:e1:3f:01:20:6c:8a:1a:32:
d7:cd:a1:92:79:fd:a9:94:d0:48:a8:76:14:0e:b1:f4:cc:cf:
87:98:f4:d1:c0:48:63:6a:c7:e5:bb:7c:37:8f:d7:5c:e4:af:
a7:d3:cd:b9:43:b6:54:5b:24:d5:d9:2d:09:20:ca:c0:1b:97:
55:6a:22:20:d7:77:fd:04:44:f1:41:af:6c:16:f6:1f:17:50:
76:84:8b:b1:8f:19:d2:45:f5:64:4f:dc:ea:8c:de:8d:7e:79:
5f:ac:3d:7a:da:49:a4:ae:2b:97:29:13:a4:1c:7a:13:f9:33:
2e:a6:36:3d:0a:65:92:a7:4b:55:50:2f:d2:e5:e5:e3:3d:0b:
72:9c:7c:c3:29:39:33:54:f4:68:12:cb:12:da:d4:25:8d:6f:
b4:59:19:16
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYpw49bTNxLFzRFhf1sd+I/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjMwOTA3MTgyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjcwZmZjMTc1MmE4MGVmNGI1MzkyYTc1ZTRjNDc3ODRjYzU1NWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0X1HZgaHB0gmiSJrR9dbgRNJIu/I
gI2bKsGUN+9dK5W+cq9U8iiNeEvO1Ucz7LgZAdvJAkN6T41/iL5mfximeUSX69Ln
t+5tcTFTdZv8R+toQaDs+crdrNaF2jEedxBAijUiH9diePiK6/D37Qncr2buHSmb
/oIen668am7RkelhbO46plJMFrET4t5tSHQBdgty1gN6fMMXgURU6v+x2QwrG4fL
dE7tmAx6qWEmDpP5+z/ay0gUX8lsVlZOhkXSbvgZeIkwrw0FYfSi+nV5+zXOJDo4
b4Mu/TSz3YnQsfhrIWK+gVMJ4zXs9jlNJuT3oxNwIQxgzTxMX2cQSPB2twIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEtw/8F1KoDvS1OSp15MR3hMxVWiMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvUzNEX3dYVXFnTzlMVTVLblhreEhlRXpGVmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg+awAMF
AioQP4QwDQYJKoZIhvcNAQELBQADggEBAErzYbZXTpasD/IsOMNi96I5uqqkSYOE
ut2VEI3nKjcUMpxp7fD0ITgxmQ69VvIvfXQeLWbTKL5S2YRlMUgA8jby2djLW7/E
urExxFOVr/fGDQ8bV2HHuu7Kw/kld5I1EjdwxlHhPwEgbIoaMtfNoZJ5/amU0Eio
dhQOsfTMz4eY9NHASGNqx+W7fDeP11zkr6fTzblDtlRbJNXZLQkgysAbl1VqIiDX
d/0ERPFBr2wW9h8XUHaEi7GPGdJF9WRP3OqM3o1+eV+sPXraSaSuK5cpE6QcehP5
My6mNj0KZZKnS1VQL9Ll5eM9C3KcfMMpOTNU9GgSyxLa1CWNb7RZGRY=
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:26:07 2025 by rpki-client