Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/nc0QnNEGuF1kLi9w3egLsBhEL6Y.roa
File: nc0QnNEGuF1kLi9w3egLsBhEL6Y.roa (raw, json)
Hash identifier: KWBWDWBG7Sj1CyJ1paoXUYeG29P/pnqgE+4DRW4DIYU=
Subject key identifier: 9D:CD:10:9C:D1:06:B8:5D:64:2E:2F:70:DD:E8:0B:B0:18:44:2F:A6
Certificate issuer: /CN=d116835d037786620a9e9f7a0e360498bb654127
Certificate serial: 01942521B9DBC4EA62A7E89EF63985885EEB
Authority key identifier: D1:16:83:5D:03:77:86:62:0A:9E:9F:7A:0E:36:04:98:BB:65:41:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0RaDXQN3hmIKnp96DjYEmLtlQSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/nc0QnNEGuF1kLi9w3egLsBhEL6Y.roa
Signing time: Thu 02 Jan 2025 03:49:14 +0000
ROA not before: Thu 02 Jan 2025 03:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8220
IP address blocks: 2001:678:274::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:b9:db:c4:ea:62:a7:e8:9e:f6:39:85:88:5e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d116835d037786620a9e9f7a0e360498bb654127
Validity
Not Before: Jan 2 03:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dcd109cd106b85d642e2f70dde80bb018442fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:3f:b2:d6:a8:82:df:9f:3b:4a:5f:d4:42:ee:
0d:e9:18:17:35:e0:b4:ed:b6:93:f9:7a:44:1e:90:
6f:aa:7e:0a:67:0b:f2:ac:42:04:c9:dc:0c:1a:14:
d4:68:42:65:6f:56:20:b7:e7:b4:20:46:33:7e:0f:
df:85:59:81:b6:80:a8:f2:24:b7:a9:64:54:6a:3f:
2f:b9:9c:ab:04:44:fb:b9:42:88:cd:15:ab:12:bf:
48:ac:54:1d:82:bb:92:26:07:f5:d3:45:d0:23:25:
c9:d1:f0:f4:f1:6e:3f:1d:ae:70:61:cd:76:15:e3:
d4:b1:12:82:b0:3d:d8:71:8b:0c:79:3a:f4:06:85:
32:48:2a:37:df:c0:ef:75:6f:af:38:c4:46:6c:21:
fb:d4:29:2c:51:af:b9:7d:a0:af:7b:3a:cc:58:33:
f0:2c:8c:93:46:04:9f:2f:53:68:bf:50:bd:94:04:
dc:a1:66:2c:0a:8c:12:11:b3:b0:ba:d7:8e:a6:51:
23:15:04:28:9e:eb:fe:9a:40:a3:e2:67:2b:6d:9a:
83:b7:98:f6:7e:60:af:34:87:a5:08:9c:70:8d:e7:
70:63:75:3f:72:0a:ac:fd:30:b9:9a:6d:9e:74:da:
11:41:b9:d1:83:14:78:66:23:6b:90:ca:0c:1f:91:
cd:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CD:10:9C:D1:06:B8:5D:64:2E:2F:70:DD:E8:0B:B0:18:44:2F:A6
X509v3 Authority Key Identifier:
keyid:D1:16:83:5D:03:77:86:62:0A:9E:9F:7A:0E:36:04:98:BB:65:41:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0RaDXQN3hmIKnp96DjYEmLtlQSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/nc0QnNEGuF1kLi9w3egLsBhEL6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/f507cb-7371-4ad1-b7e3-16a7d60d5bea/1/0RaDXQN3hmIKnp96DjYEmLtlQSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:274::/48
Signature Algorithm: sha256WithRSAEncryption
6c:44:c3:d7:b1:b7:3d:3a:1a:f2:61:fe:d4:89:49:87:9b:32:
c4:0c:c6:82:ab:c8:90:a1:c0:12:35:17:fd:f3:35:75:d5:23:
fb:22:82:7a:01:48:ef:7d:cb:37:7f:8c:a6:69:c4:e7:4e:14:
49:86:5e:5e:33:dc:42:95:a2:dc:c4:2f:f4:07:85:e8:f6:07:
55:49:84:36:9a:4b:ac:ce:19:cc:8b:09:9b:e5:e8:ea:56:5f:
47:6a:00:39:84:dc:61:99:e5:ea:bc:23:40:e1:08:25:95:ea:
49:6e:8f:b7:56:e5:fe:ee:2a:23:1f:de:d6:2b:7a:d2:1d:0b:
23:c9:4f:5b:ec:c9:37:38:20:7d:54:60:99:18:19:b6:32:fc:
6b:e6:33:3d:07:ba:99:e3:86:70:00:47:8d:3f:ef:b1:a5:3d:
b3:30:ba:9e:6e:15:89:bd:ae:38:b8:e7:81:b7:20:dc:a7:5c:
e5:de:c9:32:f7:43:48:d8:23:56:b5:b1:51:ee:08:bc:b3:c6:
01:49:2c:77:d5:ce:c9:45:02:40:e9:b0:44:8e:0a:c9:fa:a8:
dc:bf:ac:48:24:b3:2e:86:0c:47:69:74:ec:a9:18:e3:d3:cf:
00:f2:61:97:cb:ca:8d:47:6e:e2:b0:7d:c8:90:09:de:05:07:
1c:de:77:f1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIbnbxOpip+ie9jmFiF7rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMTY4MzVkMDM3Nzg2NjIwYTllOWY3YTBlMzYwNDk4YmI2
NTQxMjcwHhcNMjUwMTAyMDM0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNkMTA5Y2QxMDZiODVkNjQyZTJmNzBkZGU4MGJiMDE4NDQyZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4z+y1qiC3587Sl/UQu4N6RgXNeC0
7baT+XpEHpBvqn4KZwvyrEIEydwMGhTUaEJlb1Ygt+e0IEYzfg/fhVmBtoCo8iS3
qWRUaj8vuZyrBET7uUKIzRWrEr9IrFQdgruSJgf100XQIyXJ0fD08W4/Ha5wYc12
FePUsRKCsD3YcYsMeTr0BoUySCo338DvdW+vOMRGbCH71CksUa+5faCvezrMWDPw
LIyTRgSfL1Nov1C9lATcoWYsCowSEbOwuteOplEjFQQonuv+mkCj4mcrbZqDt5j2
fmCvNIelCJxwjedwY3U/cgqs/TC5mm2edNoRQbnRgxR4ZiNrkMoMH5HNoQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ3NEJzRBrhdZC4vcN3oC7AYRC+mMB8GA1UdIwQY
MBaAFNEWg10Dd4ZiCp6feg42BJi7ZUEnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFJhRFhRTjNobUlLbnA5NkRqWUVtTHRsUVNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9mNTA3Y2ItNzM3MS00YWQxLWI3ZTMt
MTZhN2Q2MGQ1YmVhLzEvbmMwUW5ORUd1RjFrTGk5dzNlZ0xzQmhFTDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9mNTA3Y2ItNzM3MS00YWQxLWI3ZTMtMTZhN2Q2MGQ1YmVh
LzEvMFJhRFhRTjNobUlLbnA5NkRqWUVtTHRsUVNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAJ0
MA0GCSqGSIb3DQEBCwUAA4IBAQBsRMPXsbc9OhryYf7UiUmHmzLEDMaCq8iQocAS
NRf98zV11SP7IoJ6AUjvfcs3f4ymacTnThRJhl5eM9xClaLcxC/0B4Xo9gdVSYQ2
mkuszhnMiwmb5ejqVl9HagA5hNxhmeXqvCNA4QgllepJbo+3VuX+7iojH97WK3rS
HQsjyU9b7Mk3OCB9VGCZGBm2Mvxr5jM9B7qZ44ZwAEeNP++xpT2zMLqebhWJva44
uOeBtyDcp1zl3sky90NI2CNWtbFR7gi8s8YBSSx31c7JRQJA6bBEjgrJ+qjcv6xI
JLMuhgxHaXTsqRjj088A8mGXy8qNR27isH3IkAneBQcc3nfx
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:40:39 2025 by rpki-client