Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/stcblJCloKrq21i-3tGdy209Cks.roa
File: stcblJCloKrq21i-3tGdy209Cks.roa (raw, json)
Hash identifier: sV8E479KWjrK8MD/w/N9wPnQZDPeZCzIYkOl03vwH+Y=
Subject key identifier: B2:D7:1B:94:90:A5:A0:AA:EA:DB:58:BE:DE:D1:9D:CB:6D:3D:0A:4B
Certificate issuer: /CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Certificate serial: 01942747907616DCDC4DABC466E236BA6BD5
Authority key identifier: 5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/stcblJCloKrq21i-3tGdy209Cks.roa
Signing time: Thu 02 Jan 2025 13:49:48 +0000
ROA not before: Thu 02 Jan 2025 13:49:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200544
IP address blocks: 2a07:ad00::/29 maxlen: 29
2a07:ad00::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:90:76:16:dc:dc:4d:ab:c4:66:e2:36:ba:6b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e936bea1b0c3a208aba27d8b10b275e474dde2c
Validity
Not Before: Jan 2 13:49:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2d71b9490a5a0aaeadb58beded19dcb6d3d0a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:aa:18:6e:15:80:b1:c3:18:8f:bb:47:92:21:
d8:fb:f8:70:4a:f3:50:9f:59:ec:2d:74:8e:74:61:
67:ed:d9:f9:9d:4b:df:60:39:6e:80:ce:c4:fd:36:
ff:d4:8f:20:69:36:ee:bf:4f:af:6e:02:94:d5:4b:
f5:3f:8f:21:e4:e9:a2:b8:01:49:ac:59:4c:ad:b9:
69:c2:c3:97:f2:6e:29:68:ce:9b:bc:15:df:d6:7a:
e0:3b:da:20:ad:ca:d2:40:35:2b:a2:7f:06:e5:7b:
72:fc:43:12:84:72:01:07:7c:3e:88:c0:72:97:8c:
85:e3:f1:f0:ee:2d:2b:d1:07:5b:d7:45:fa:64:45:
be:f3:de:19:68:9a:e1:f7:82:08:2e:09:a7:b9:64:
7a:39:78:6d:46:fc:a2:a5:a3:40:2d:11:18:4a:47:
08:90:d3:32:78:2e:a8:6d:a0:20:6d:2e:c5:19:a4:
fb:08:9b:27:1e:e8:b8:83:7a:e8:d6:38:59:1f:67:
65:be:5d:52:a6:a3:c1:63:3e:ac:0d:6c:db:c6:48:
b6:78:4b:d3:14:e9:ce:2a:fb:f8:f1:36:3f:6f:97:
74:98:cc:8b:15:cd:98:01:02:1b:a6:54:10:5a:5a:
99:5d:e1:b8:81:26:d6:f2:90:83:3f:00:94:2b:df:
21:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D7:1B:94:90:A5:A0:AA:EA:DB:58:BE:DE:D1:9D:CB:6D:3D:0A:4B
X509v3 Authority Key Identifier:
keyid:5E:93:6B:EA:1B:0C:3A:20:8A:BA:27:D8:B1:0B:27:5E:47:4D:DE:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpNr6hsMOiCKuifYsQsnXkdN3iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/stcblJCloKrq21i-3tGdy209Cks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/32876b-a82b-4704-ba67-98477a8653c7/1/XpNr6hsMOiCKuifYsQsnXkdN3iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
1c:3b:44:e5:ed:c5:8c:84:e8:51:82:30:b6:08:fb:50:bd:c7:
67:9a:48:ad:47:1e:71:dc:3a:93:50:53:36:79:a3:44:53:2d:
38:9b:d9:b9:a9:34:8e:ae:32:d2:fa:59:5a:39:69:7f:1f:6f:
a0:44:71:13:5c:10:59:b1:ad:9d:6f:20:20:6f:b4:4f:40:ff:
04:16:49:fb:53:a6:28:d7:7d:1e:97:91:f8:03:b5:bd:b5:75:
54:73:32:47:13:ac:f0:e2:ec:13:5d:7e:ed:74:64:83:5a:2d:
75:08:2f:f4:bf:59:21:b0:45:c5:f3:9c:0a:95:1f:e6:63:26:
99:08:7b:40:02:5b:a5:e7:83:49:00:51:eb:a8:0a:0b:75:15:
42:b8:cc:fb:d7:03:a3:2e:c3:63:b3:2c:ff:2f:50:e1:5d:7d:
76:c2:d8:69:eb:e1:4a:2d:ff:bc:57:3b:88:5d:f8:72:77:aa:
3f:48:6f:3c:a9:24:15:22:32:45:9d:2c:bd:c1:cf:0c:ca:87:
4d:ee:6d:e6:b3:31:b1:73:3e:c4:0e:b0:f9:60:96:a2:c5:0e:
42:ad:57:68:7e:c4:e7:f9:71:1d:de:1b:fe:bb:79:c3:23:95:
b2:5b:4d:8d:fa:1a:54:12:35:b9:0e:f4:87:26:3c:1c:08:a9:
c3:1f:9a:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnR5B2FtzcTavEZuI2umvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTM2YmVhMWIwYzNhMjA4YWJhMjdkOGIxMGIyNzVlNDc0
ZGRlMmMwHhcNMjUwMTAyMTM0OTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ3MWI5NDkwYTVhMGFhZWFkYjU4YmVkZWQxOWRjYjZkM2QwYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA26oYbhWAscMYj7tHkiHY+/hwSvNQ
n1nsLXSOdGFn7dn5nUvfYDlugM7E/Tb/1I8gaTbuv0+vbgKU1Uv1P48h5OmiuAFJ
rFlMrblpwsOX8m4paM6bvBXf1nrgO9ogrcrSQDUron8G5Xty/EMShHIBB3w+iMBy
l4yF4/Hw7i0r0Qdb10X6ZEW+894ZaJrh94IILgmnuWR6OXhtRvyipaNALREYSkcI
kNMyeC6obaAgbS7FGaT7CJsnHui4g3ro1jhZH2dlvl1SpqPBYz6sDWzbxki2eEvT
FOnOKvv48TY/b5d0mMyLFc2YAQIbplQQWlqZXeG4gSbW8pCDPwCUK98hAwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLLXG5SQpaCq6ttYvt7RncttPQpLMB8GA1UdIwQY
MBaAFF6Ta+obDDogiron2LELJ15HTd4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjct
OTg0NzdhODY1M2M3LzEvc3RjYmxKQ2xvS3JxMjFpLTN0R2R5MjA5Q2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zMjg3NmItYTgyYi00NzA0LWJhNjctOTg0NzdhODY1M2M3
LzEvWHBOcjZoc01PaUNLdWlmWXNRc25Ya2ROM2l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgetADAN
BgkqhkiG9w0BAQsFAAOCAQEAHDtE5e3FjIToUYIwtgj7UL3HZ5pIrUcecdw6k1BT
NnmjRFMtOJvZuak0jq4y0vpZWjlpfx9voERxE1wQWbGtnW8gIG+0T0D/BBZJ+1Om
KNd9HpeR+AO1vbV1VHMyRxOs8OLsE11+7XRkg1otdQgv9L9ZIbBFxfOcCpUf5mMm
mQh7QAJbpeeDSQBR66gKC3UVQrjM+9cDoy7DY7Ms/y9Q4V19dsLYaevhSi3/vFc7
iF34cneqP0hvPKkkFSIyRZ0svcHPDMqHTe5t5rMxsXM+xA6w+WCWosUOQq1XaH7E
5/lxHd4b/rt5wyOVsltNjfoaVBI1uQ70hyY8HAipwx+aTQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 01:58:12 2025 by rpki-client