Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/KGq1jeU_iNN_A4rYU-FZmNDv154.roa
File: KGq1jeU_iNN_A4rYU-FZmNDv154.roa (raw, json)
Hash identifier: e4Et49fOooQKeBuTAdfcYvIUgorxLRVr/TEbEeQ43WE=
Subject key identifier: 28:6A:B5:8D:E5:3F:88:D3:7F:03:8A:D8:53:E1:59:98:D0:EF:D7:9E
Certificate issuer: /CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Certificate serial: 019425FD7A561B7C7788956A757B5A22727C
Authority key identifier: E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/KGq1jeU_iNN_A4rYU-FZmNDv154.roa
Signing time: Thu 02 Jan 2025 07:49:16 +0000
ROA not before: Thu 02 Jan 2025 07:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8990
IP address blocks: 2a01:7d80:2000::/35 maxlen: 35
2a01:7d80:a000::/35 maxlen: 35
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:7a:56:1b:7c:77:88:95:6a:75:7b:5a:22:72:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1e8f41f6b02b93f85d1a7b48b48cfa322f088f8
Validity
Not Before: Jan 2 07:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=286ab58de53f88d37f038ad853e15998d0efd79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ba:3f:b0:1b:82:98:53:dc:cf:e8:d8:32:2d:
ac:f2:e3:20:9d:5e:a0:b2:6b:cc:2f:40:64:92:0f:
23:e6:22:52:5d:14:c7:38:49:32:4a:de:ff:09:35:
9e:01:11:04:60:84:34:49:43:17:3d:e3:f0:89:f7:
58:14:92:fc:99:0f:a7:4f:73:05:ef:0a:ed:08:67:
61:8a:ae:65:c8:33:9d:32:29:3d:57:3e:fa:37:ba:
63:b6:7a:0b:f0:02:a5:b3:3e:a0:a1:b6:02:f2:87:
a0:6b:c8:22:f5:e1:1d:c2:cf:38:ee:69:84:7b:f7:
d2:b2:fd:f6:37:03:3d:04:af:73:b9:3e:22:b9:59:
5c:6e:2d:de:c6:7b:12:5e:2d:0d:b7:08:a7:7e:6f:
b4:1f:f5:2a:e2:f0:a7:0a:b8:f6:42:52:28:33:e5:
c6:cd:05:22:c8:58:55:fa:1c:09:a1:3c:71:78:31:
51:34:95:9e:37:3d:ae:b3:1a:2a:f4:a7:0b:d8:ad:
d3:6d:da:08:4d:c1:2b:ab:7b:d4:d6:f7:75:b7:a5:
73:f5:dd:ba:b7:6f:b9:20:92:84:a5:8a:a8:22:c5:
e1:db:73:08:ce:f7:ba:e1:6e:4b:e5:13:8a:b1:79:
5a:6f:2d:4d:b0:a6:4b:98:7d:ab:f3:65:ae:76:26:
8e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6A:B5:8D:E5:3F:88:D3:7F:03:8A:D8:53:E1:59:98:D0:EF:D7:9E
X509v3 Authority Key Identifier:
keyid:E1:E8:F4:1F:6B:02:B9:3F:85:D1:A7:B4:8B:48:CF:A3:22:F0:88:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ej0H2sCuT-F0ae0i0jPoyLwiPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/KGq1jeU_iNN_A4rYU-FZmNDv154.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ba940-0078-4fd0-afde-537a2b0b4dda/1/4ej0H2sCuT-F0ae0i0jPoyLwiPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:7d80:2000::/35
2a01:7d80:a000::/35
Signature Algorithm: sha256WithRSAEncryption
a2:42:b0:76:cb:b5:96:b7:2a:9a:36:90:60:4c:e3:4e:35:e0:
4e:36:13:75:d6:eb:00:ea:7a:cf:5f:3e:9c:2e:f5:6c:e5:22:
aa:b0:5a:0c:81:3d:ba:4a:00:c5:04:42:02:d7:07:d6:18:b2:
94:c1:f8:b9:eb:ac:ef:59:11:18:b5:a7:3a:4f:15:a9:c7:29:
b3:87:68:68:7e:c4:2e:27:29:e6:04:6b:fc:d7:41:f7:ee:ee:
de:55:8e:be:c0:cf:dc:71:f5:6a:60:c1:22:35:c0:04:a4:bd:
35:37:49:ed:51:8e:96:6a:b4:d8:16:de:5b:6f:f4:13:a8:96:
fe:a6:fc:8f:a7:65:d9:f3:cb:c2:cb:d9:f9:05:42:87:4a:e7:
3e:94:7d:3f:9a:29:1f:1a:73:f4:07:ce:12:9b:b5:a8:b8:90:
29:d3:fd:6a:af:8d:e4:90:3e:c8:64:10:d3:0a:1a:91:88:b1:
f3:8f:ac:52:f2:4f:85:1f:20:fc:85:ad:04:8d:f1:42:22:86:
67:68:ca:cb:62:95:82:ca:1c:06:8a:92:13:1b:be:dc:fd:8c:
21:27:2b:ea:d8:ab:ea:cc:c6:68:0d:2c:1e:ef:28:45:46:c1:
6d:0d:2d:87:2b:2b:c7:b4:f2:ee:c6:a0:4f:29:7c:25:e2:71:
35:9d:9a:d3
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQl/XpWG3x3iJVqdXtaInJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZThmNDFmNmIwMmI5M2Y4NWQxYTdiNDhiNDhjZmEzMjJm
MDg4ZjgwHhcNMjUwMTAyMDc0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZhYjU4ZGU1M2Y4OGQzN2YwMzhhZDg1M2UxNTk5OGQwZWZkNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwro/sBuCmFPcz+jYMi2s8uMgnV6g
smvML0Bkkg8j5iJSXRTHOEkySt7/CTWeAREEYIQ0SUMXPePwifdYFJL8mQ+nT3MF
7wrtCGdhiq5lyDOdMik9Vz76N7pjtnoL8AKlsz6gobYC8oega8gi9eEdws847mmE
e/fSsv32NwM9BK9zuT4iuVlcbi3exnsSXi0Ntwinfm+0H/Uq4vCnCrj2QlIoM+XG
zQUiyFhV+hwJoTxxeDFRNJWeNz2usxoq9KcL2K3TbdoITcErq3vU1vd1t6Vz9d26
t2+5IJKEpYqoIsXh23MIzve64W5L5ROKsXlaby1NsKZLmH2r82WudiaOzwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFChqtY3lP4jTfwOK2FPhWZjQ79eeMB8GA1UdIwQY
MBaAFOHo9B9rArk/hdGntItIz6Mi8Ij4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUt
NTM3YTJiMGI0ZGRhLzEvS0dxMWplVV9pTk5fQTRyWVUtRlptTkR2MTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85YmE5NDAtMDA3OC00ZmQwLWFmZGUtNTM3YTJiMGI0ZGRh
LzEvNGVqMEgyc0N1VC1GMGFlMGkwalBveUx3aVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYFKgF9gCAD
BgUqAX2AoDANBgkqhkiG9w0BAQsFAAOCAQEAokKwdsu1lrcqmjaQYEzjTjXgTjYT
ddbrAOp6z18+nC71bOUiqrBaDIE9ukoAxQRCAtcH1hiylMH4ueus71kRGLWnOk8V
qccps4doaH7ELicp5gRr/NdB9+7u3lWOvsDP3HH1amDBIjXABKS9NTdJ7VGOlmq0
2BbeW2/0E6iW/qb8j6dl2fPLwsvZ+QVCh0rnPpR9P5opHxpz9AfOEpu1qLiQKdP9
aq+N5JA+yGQQ0woakYix84+sUvJPhR8g/IWtBI3xQiKGZ2jKy2KVgsocBoqSExu+
3P2MIScr6tir6szGaA0sHu8oRUbBbQ0thysrx7Ty7sagTyl8JeJxNZ2a0w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:01:11 2025 by rpki-client