Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/jr4b-Rf0xfPafQWq2uvd9nWvLEg.roa
File: jr4b-Rf0xfPafQWq2uvd9nWvLEg.roa (raw, json)
Hash identifier: Xv/PqNN2xhkW4QGTc+jzafFg6jr4IL/yGvEj1fBOV08=
Subject key identifier: 8E:BE:1B:F9:17:F4:C5:F3:DA:7D:05:AA:DA:EB:DD:F6:75:AF:2C:48
Certificate issuer: /CN=13b89b80186332d441bb0515c47261c5ffa0616b
Certificate serial: 019427483EA3B611CD5A1D6E3F0629F31FC4
Authority key identifier: 13:B8:9B:80:18:63:32:D4:41:BB:05:15:C4:72:61:C5:FF:A0:61:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E7ibgBhjMtRBuwUVxHJhxf-gYWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/jr4b-Rf0xfPafQWq2uvd9nWvLEg.roa
Signing time: Thu 02 Jan 2025 13:50:33 +0000
ROA not before: Thu 02 Jan 2025 13:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39018
IP address blocks: 2a10:8f00::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3e:a3:b6:11:cd:5a:1d:6e:3f:06:29:f3:1f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13b89b80186332d441bb0515c47261c5ffa0616b
Validity
Not Before: Jan 2 13:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ebe1bf917f4c5f3da7d05aadaebddf675af2c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:10:a7:bc:8a:05:ac:e4:2a:56:75:74:78:e5:
17:f5:06:44:2a:5c:ae:d8:6a:48:a6:e7:fd:9f:93:
2d:0b:54:1b:28:ee:8e:cd:13:b3:cf:10:16:4c:7e:
70:b0:93:89:61:11:02:0a:fa:9c:26:1c:06:64:15:
1c:9e:42:0b:ea:b4:9d:89:86:90:2c:8a:91:cd:ac:
c5:3b:21:15:2e:57:bd:e4:bd:7e:e1:84:e6:a0:39:
c0:45:f2:a3:82:b7:4a:3a:e3:a6:fe:75:a3:b4:0d:
aa:4b:98:7d:3a:fb:9e:39:ab:d5:13:89:c4:a1:75:
86:f4:7e:77:db:79:99:ac:8b:45:9a:d5:d5:eb:ac:
6a:3f:41:6f:05:58:1b:47:6c:eb:a6:dc:dc:0d:fe:
b0:93:45:3d:b7:20:9c:ea:41:dd:8e:24:a4:91:37:
e1:c7:8b:3c:05:b0:6e:f6:32:8d:57:0f:b3:71:a0:
fa:0e:6c:c1:2e:c9:1a:3a:73:44:8b:56:4d:9a:cc:
7c:5d:21:d1:7a:fe:88:a5:cf:1d:67:65:19:5b:9c:
a5:0d:a4:ca:a4:5b:4d:58:c0:d0:49:22:8d:67:9f:
78:69:a0:cd:4f:c9:a5:7b:c8:00:4f:49:40:7c:ee:
1a:66:dc:11:34:6e:d7:47:b9:cf:57:2a:08:0f:17:
c6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:BE:1B:F9:17:F4:C5:F3:DA:7D:05:AA:DA:EB:DD:F6:75:AF:2C:48
X509v3 Authority Key Identifier:
keyid:13:B8:9B:80:18:63:32:D4:41:BB:05:15:C4:72:61:C5:FF:A0:61:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E7ibgBhjMtRBuwUVxHJhxf-gYWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/jr4b-Rf0xfPafQWq2uvd9nWvLEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/6e5dc3-c7fa-4d36-9095-c19232bda430/1/E7ibgBhjMtRBuwUVxHJhxf-gYWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
18:ab:b2:71:05:b0:cb:8e:a2:d3:aa:e2:19:91:6c:bd:f4:a2:
f5:cd:d7:62:24:b1:11:fe:06:c9:dc:3a:40:67:cc:3c:e4:f6:
53:47:90:45:66:22:d7:22:97:34:56:85:5e:a6:45:af:96:21:
00:67:bb:ad:e7:88:c8:7d:13:7c:bd:83:b7:47:49:a9:5a:9e:
f4:b4:87:ad:b2:d5:3b:b1:54:5d:67:8b:3c:6a:1e:7a:8c:b6:
e7:64:b4:52:6e:4b:5b:0a:31:b4:b1:aa:ab:f5:f0:4b:39:47:
27:73:57:62:64:38:e0:d0:bb:aa:2c:2a:fa:b8:d1:30:d3:06:
09:80:68:17:e9:60:c0:16:e9:37:33:80:a7:7d:45:7c:5f:b0:
18:63:f4:b3:30:cf:55:ec:35:06:6f:ac:63:5d:e5:21:88:68:
f2:5e:76:e1:b2:2f:e1:a5:f9:54:36:5a:42:7e:31:01:4a:50:
7f:c3:1e:ec:1d:e5:64:9d:7f:87:5b:eb:97:6e:43:35:12:51:
70:4e:46:27:91:a2:7e:31:1b:4e:29:28:a6:55:8f:32:13:d8:
40:69:b4:c5:3b:df:40:44:35:18:ea:da:41:08:29:aa:ce:ad:
be:50:7d:68:cd:3c:78:89:81:2b:f6:90:b6:b5:10:11:c9:7a:
46:cb:3f:c0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSD6jthHNWh1uPwYp8x/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYjg5YjgwMTg2MzMyZDQ0MWJiMDUxNWM0NzI2MWM1ZmZh
MDYxNmIwHhcNMjUwMTAyMTM1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWJlMWJmOTE3ZjRjNWYzZGE3ZDA1YWFkYWViZGRmNjc1YWYyYzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohCnvIoFrOQqVnV0eOUX9QZEKlyu
2GpIpuf9n5MtC1QbKO6OzROzzxAWTH5wsJOJYRECCvqcJhwGZBUcnkIL6rSdiYaQ
LIqRzazFOyEVLle95L1+4YTmoDnARfKjgrdKOuOm/nWjtA2qS5h9OvueOavVE4nE
oXWG9H5323mZrItFmtXV66xqP0FvBVgbR2zrptzcDf6wk0U9tyCc6kHdjiSkkTfh
x4s8BbBu9jKNVw+zcaD6DmzBLskaOnNEi1ZNmsx8XSHRev6Ipc8dZ2UZW5ylDaTK
pFtNWMDQSSKNZ594aaDNT8mle8gAT0lAfO4aZtwRNG7XR7nPVyoIDxfGewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFI6+G/kX9MXz2n0Fqtrr3fZ1ryxIMB8GA1UdIwQY
MBaAFBO4m4AYYzLUQbsFFcRyYcX/oGFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTdpYmdCaGpNdFJCdXdVVnhISmh4Zi1nWVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS82ZTVkYzMtYzdmYS00ZDM2LTkwOTUt
YzE5MjMyYmRhNDMwLzEvanI0Yi1SZjB4ZlBhZlFXcTJ1dmQ5bld2TEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS82ZTVkYzMtYzdmYS00ZDM2LTkwOTUtYzE5MjMyYmRhNDMw
LzEvRTdpYmdCaGpNdFJCdXdVVnhISmh4Zi1nWVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhCPADAN
BgkqhkiG9w0BAQsFAAOCAQEAGKuycQWwy46i06riGZFsvfSi9c3XYiSxEf4Gydw6
QGfMPOT2U0eQRWYi1yKXNFaFXqZFr5YhAGe7reeIyH0TfL2Dt0dJqVqe9LSHrbLV
O7FUXWeLPGoeeoy252S0Um5LWwoxtLGqq/XwSzlHJ3NXYmQ44NC7qiwq+rjRMNMG
CYBoF+lgwBbpNzOAp31FfF+wGGP0szDPVew1Bm+sY13lIYho8l524bIv4aX5VDZa
Qn4xAUpQf8Me7B3lZJ1/h1vrl25DNRJRcE5GJ5GifjEbTikoplWPMhPYQGm0xTvf
QEQ1GOraQQgpqs6tvlB9aM08eImBK/aQtrUQEcl6Rss/wA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:18:17 2025 by rpki-client