Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/0G5aWsFaZoxRAH_69yNaZ9v3VVY.roa
File: 0G5aWsFaZoxRAH_69yNaZ9v3VVY.roa (raw, json)
Hash identifier: 4XDyMBX5Kinlb41zpBgImY3fiU9lwd8VdG7ai8QxoX0=
Subject key identifier: D0:6E:5A:5A:C1:5A:66:8C:51:00:7F:FA:F7:23:5A:67:DB:F7:55:56
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 019575870D5B4DCA3AD8F873812694C545A1
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/0G5aWsFaZoxRAH_69yNaZ9v3VVY.roa
Signing time: Sat 08 Mar 2025 11:32:19 +0000
ROA not before: Sat 08 Mar 2025 11:32:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213891
IP address blocks: 2a14:67c1:a060::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:75:87:0d:5b:4d:ca:3a:d8:f8:73:81:26:94:c5:45:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Mar 8 11:32:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d06e5a5ac15a668c51007ffaf7235a67dbf75556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4d:be:9e:b1:3b:e7:93:86:89:cb:10:b8:05:
26:43:2f:e9:1d:c5:60:0a:f2:28:0d:5e:d8:47:63:
87:ec:9a:42:4e:96:f2:87:ed:1b:05:86:55:91:9c:
a7:ad:7f:a0:bd:6d:0d:1f:db:f9:fe:c6:ca:78:fe:
58:af:71:cd:74:64:23:18:92:41:db:10:4e:e3:68:
20:74:7c:52:a6:8b:4b:a6:0e:2f:cb:44:e1:97:d6:
d2:1b:16:92:35:06:1a:30:c3:ef:50:2f:2d:37:4c:
2b:e8:12:37:ad:a5:18:d4:57:6e:65:b4:06:10:34:
f2:01:b2:25:2f:3e:b7:13:9a:54:92:3a:a5:fd:d4:
94:d2:f8:19:e1:85:59:3c:d1:93:89:b3:04:92:5f:
a0:58:ee:e4:80:14:d9:db:e0:a1:c3:e6:e7:ab:c4:
48:0d:7f:01:05:a6:3a:82:78:d5:17:af:45:a4:83:
44:d8:bb:56:50:4d:20:6b:16:17:b6:7d:2d:24:5b:
de:69:43:61:04:96:fc:cd:4a:6b:ea:00:38:18:7a:
a4:00:4d:e1:92:61:a4:0c:3f:20:d7:49:8b:c2:54:
c5:4e:ec:e6:51:74:a2:41:1f:c1:27:38:a9:91:c0:
73:59:7c:98:3d:c0:4c:92:39:6d:39:66:40:d4:c1:
8b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6E:5A:5A:C1:5A:66:8C:51:00:7F:FA:F7:23:5A:67:DB:F7:55:56
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/0G5aWsFaZoxRAH_69yNaZ9v3VVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a060::/44
Signature Algorithm: sha256WithRSAEncryption
25:4c:18:b5:ae:c9:df:45:b8:75:a9:9c:ca:29:7e:84:31:89:
46:1d:f7:0a:cc:21:ca:86:2f:a1:c2:24:9a:e4:db:1b:fc:0d:
4b:3f:f9:54:22:a8:a3:75:b2:5f:e0:a1:1e:fa:b2:62:e0:54:
ad:48:38:c5:a3:8a:ea:60:35:bf:0f:c4:a9:a4:61:87:0f:3b:
72:f3:00:8e:9c:fc:cf:38:81:0f:bf:26:87:fd:b0:e6:5b:c7:
2c:b0:58:43:bb:b1:02:5a:53:d5:e5:ec:4b:74:e4:dc:17:1e:
a2:fb:43:8b:97:85:ed:29:4c:a7:ec:fd:e4:9e:5f:b8:48:ea:
eb:81:cf:2d:32:a9:57:88:84:d5:c6:22:8a:12:91:ae:c3:95:
c1:e1:7c:8b:fc:44:05:24:42:d3:2d:5f:09:4d:eb:ee:83:69:
0d:e1:5b:16:1a:73:59:b2:14:be:df:35:c4:e0:9b:02:b9:56:
87:7f:5f:23:4f:74:47:a4:53:c7:50:79:fd:b4:7e:00:c9:e6:
ba:c5:c5:ce:ec:2e:8d:c4:4d:20:5b:a1:82:27:e1:2f:12:89:
e7:27:8a:b2:d2:77:03:25:61:ea:15:a7:a6:ac:11:63:89:3e:
86:7b:84:48:15:f4:73:ab:72:8a:10:92:69:da:59:6e:71:9f:
43:c1:ca:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZV1hw1bTco62PhzgSaUxUWhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMzA4MTEzMjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZlNWE1YWMxNWE2NjhjNTEwMDdmZmFmNzIzNWE2N2RiZjc1NTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz02+nrE755OGicsQuAUmQy/pHcVg
CvIoDV7YR2OH7JpCTpbyh+0bBYZVkZynrX+gvW0NH9v5/sbKeP5Yr3HNdGQjGJJB
2xBO42ggdHxSpotLpg4vy0Thl9bSGxaSNQYaMMPvUC8tN0wr6BI3raUY1FduZbQG
EDTyAbIlLz63E5pUkjql/dSU0vgZ4YVZPNGTibMEkl+gWO7kgBTZ2+Chw+bnq8RI
DX8BBaY6gnjVF69FpINE2LtWUE0gaxYXtn0tJFveaUNhBJb8zUpr6gA4GHqkAE3h
kmGkDD8g10mLwlTFTuzmUXSiQR/BJzipkcBzWXyYPcBMkjltOWZA1MGLGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNBuWlrBWmaMUQB/+vcjWmfb91VWMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvMEc1YVdzRmFab3hSQUhfNjl5TmFaOXYzVlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhRnwaBg
MA0GCSqGSIb3DQEBCwUAA4IBAQAlTBi1rsnfRbh1qZzKKX6EMYlGHfcKzCHKhi+h
wiSa5Nsb/A1LP/lUIqijdbJf4KEe+rJi4FStSDjFo4rqYDW/D8SppGGHDzty8wCO
nPzPOIEPvyaH/bDmW8cssFhDu7ECWlPV5exLdOTcFx6i+0OLl4XtKUyn7P3knl+4
SOrrgc8tMqlXiITVxiKKEpGuw5XB4XyL/EQFJELTLV8JTevug2kN4VsWGnNZshS+
3zXE4JsCuVaHf18jT3RHpFPHUHn9tH4Ayea6xcXO7C6NxE0gW6GCJ+EvEonnJ4qy
0ncDJWHqFaemrBFjiT6Ge4RIFfRzq3KKEJJp2llucZ9Dwcpb
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:45:22 2025 by rpki-client