Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/KDMQDMSKvzkVFCIuQ1vi5IKxFqc.roa
File: KDMQDMSKvzkVFCIuQ1vi5IKxFqc.roa (raw, json)
Hash identifier: W1z4PN9ehAB8VlW2fAtV3SogXVKZbFhw7EL82DUKuEY=
Subject key identifier: 28:33:10:0C:C4:8A:BF:39:15:14:22:2E:43:5B:E2:E4:82:B1:16:A7
Certificate issuer: /CN=0b934c36b773008865b9c9fb0fd48669395ac730
Certificate serial: 0194236A0F14CB7087478F3AA8FEBA7536C3
Authority key identifier: 0B:93:4C:36:B7:73:00:88:65:B9:C9:FB:0F:D4:86:69:39:5A:C7:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C5NMNrdzAIhlucn7D9SGaTlaxzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/KDMQDMSKvzkVFCIuQ1vi5IKxFqc.roa
Signing time: Wed 01 Jan 2025 19:49:00 +0000
ROA not before: Wed 01 Jan 2025 19:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40027
IP address blocks: 2a00:86c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:0f:14:cb:70:87:47:8f:3a:a8:fe:ba:75:36:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b934c36b773008865b9c9fb0fd48669395ac730
Validity
Not Before: Jan 1 19:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2833100cc48abf391514222e435be2e482b116a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2e:b7:d3:5e:e5:e3:4f:42:2b:aa:6a:13:03:
6c:75:29:c9:ca:14:7e:4e:0d:f5:15:8d:3b:c4:cb:
89:08:91:5a:97:ed:22:db:80:4e:7e:6c:b5:a6:81:
78:e7:b0:75:ac:12:c9:7e:e9:39:f6:16:6e:49:6a:
f5:fc:50:30:2a:93:90:d1:6d:d4:7c:5e:40:5d:40:
b4:3a:69:4b:c2:53:95:03:6d:28:ab:9a:21:2c:ba:
08:df:3e:fc:05:e3:f0:b5:8b:fa:c2:dc:3b:55:eb:
d8:93:a1:48:e2:c0:4e:fd:44:cf:fa:ca:14:a6:72:
69:a3:2f:dd:e5:6e:17:a7:0a:68:ab:91:2c:10:ec:
92:fe:b3:cb:7b:0a:68:fc:64:38:94:0e:6e:7c:86:
72:2b:c5:50:bf:c3:a5:3a:58:6a:3e:bd:78:96:87:
01:7d:3b:8e:57:9a:56:b4:24:90:e3:69:5d:2a:6e:
65:c2:88:f7:a9:dd:e1:45:c6:cb:0b:95:0d:7a:84:
89:db:80:89:96:ff:2e:59:b5:a4:79:66:31:b5:a8:
b2:a3:e1:a5:31:5c:34:85:f4:5b:12:fb:1f:05:c5:
24:1f:74:cf:4a:df:8a:b7:94:6b:1c:34:0d:9c:6b:
45:95:ff:af:4f:c3:09:1c:50:06:87:04:0a:80:a6:
40:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:33:10:0C:C4:8A:BF:39:15:14:22:2E:43:5B:E2:E4:82:B1:16:A7
X509v3 Authority Key Identifier:
keyid:0B:93:4C:36:B7:73:00:88:65:B9:C9:FB:0F:D4:86:69:39:5A:C7:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C5NMNrdzAIhlucn7D9SGaTlaxzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/KDMQDMSKvzkVFCIuQ1vi5IKxFqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/decb7d-0388-4e3c-8db4-a302f51d382c/1/C5NMNrdzAIhlucn7D9SGaTlaxzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:86c0::/32
Signature Algorithm: sha256WithRSAEncryption
41:fb:0e:fb:ec:b6:85:17:93:f2:0c:1c:d3:f6:88:d3:3c:01:
03:a2:37:da:cf:8c:e7:78:66:38:09:ca:ee:82:45:49:a7:c3:
ff:96:55:0e:34:a9:bf:ea:64:b5:e1:17:3c:b2:b7:fa:2b:c8:
fd:86:50:c5:55:db:e3:99:4c:50:33:a8:61:a4:f1:7f:c0:d3:
5a:a7:83:75:82:0c:a7:cc:71:cf:65:a2:ba:1f:e3:6a:5a:1b:
d8:97:a1:97:fb:16:04:fb:b8:a1:49:7d:a3:7f:c2:01:2e:b1:
57:4a:10:d5:c8:14:1d:4b:9c:b6:5c:3d:ef:02:c2:51:c5:56:
9a:67:93:cd:13:6c:af:e0:22:a6:9a:fe:79:88:ad:14:c4:8e:
32:ea:4f:ea:1b:1e:a0:3d:76:78:28:42:d9:77:21:ca:c7:d9:
c5:ea:96:81:d2:c7:db:6d:f1:42:72:d1:b9:a1:31:18:e0:ec:
72:3d:91:17:cb:56:88:30:14:d3:df:e2:6a:00:a7:8f:d5:98:
51:1c:1a:61:ee:d6:a7:8a:2a:fa:d2:06:62:8b:36:ae:68:36:
ee:ce:9a:ad:69:cc:7e:4e:38:f8:14:0b:5d:5e:0d:92:2a:6e:
ea:64:08:f2:86:e9:1d:c3:e8:e6:da:21:50:93:cb:eb:38:c1:
09:4c:3e:f6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjag8Uy3CHR486qP66dTbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOTM0YzM2Yjc3MzAwODg2NWI5YzlmYjBmZDQ4NjY5Mzk1
YWM3MzAwHhcNMjUwMTAxMTk0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODMzMTAwY2M0OGFiZjM5MTUxNDIyMmU0MzViZTJlNDgyYjExNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi63017l409CK6pqEwNsdSnJyhR+
Tg31FY07xMuJCJFal+0i24BOfmy1poF457B1rBLJfuk59hZuSWr1/FAwKpOQ0W3U
fF5AXUC0OmlLwlOVA20oq5ohLLoI3z78BePwtYv6wtw7VevYk6FI4sBO/UTP+soU
pnJpoy/d5W4Xpwpoq5EsEOyS/rPLewpo/GQ4lA5ufIZyK8VQv8OlOlhqPr14locB
fTuOV5pWtCSQ42ldKm5lwoj3qd3hRcbLC5UNeoSJ24CJlv8uWbWkeWYxtaiyo+Gl
MVw0hfRbEvsfBcUkH3TPSt+Kt5RrHDQNnGtFlf+vT8MJHFAGhwQKgKZAlwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCgzEAzEir85FRQiLkNb4uSCsRanMB8GA1UdIwQY
MBaAFAuTTDa3cwCIZbnJ+w/Uhmk5WscwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzVOTU5yZHpBSWhsdWNuN0Q5U0dhVGxheHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9kZWNiN2QtMDM4OC00ZTNjLThkYjQt
YTMwMmY1MWQzODJjLzEvS0RNUURNU0t2emtWRkNJdVExdmk1SUt4RnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9kZWNiN2QtMDM4OC00ZTNjLThkYjQtYTMwMmY1MWQzODJj
LzEvQzVOTU5yZHpBSWhsdWNuN0Q5U0dhVGxheHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCGwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQfsO++y2hReT8gwc0/aI0zwBA6I32s+M53hmOAnK
7oJFSafD/5ZVDjSpv+pkteEXPLK3+ivI/YZQxVXb45lMUDOoYaTxf8DTWqeDdYIM
p8xxz2Wiuh/jalob2Jehl/sWBPu4oUl9o3/CAS6xV0oQ1cgUHUuctlw97wLCUcVW
mmeTzRNsr+Aippr+eYitFMSOMupP6hseoD12eChC2XchysfZxeqWgdLH223xQnLR
uaExGODscj2RF8tWiDAU09/iagCnj9WYURwaYe7Wp4oq+tIGYos2rmg27s6arWnM
fk44+BQLXV4Nkipu6mQI8obpHcPo5tohUJPL6zjBCUw+9g==
-----END CERTIFICATE-----
Generated at Mon Apr 28 21:23:29 2025 by rpki-client