Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/8GtdV5vXVwAD_7uzLpWTP9X8Eis.roa
File: 8GtdV5vXVwAD_7uzLpWTP9X8Eis.roa (raw, json)
Hash identifier: va61wvJzxODdeX2y1RUDtdwQklO+DI+rxflcf0q3NHg=
Subject key identifier: F0:6B:5D:57:9B:D7:57:00:03:FF:BB:B3:2E:95:93:3F:D5:FC:12:2B
Certificate issuer: /CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd
Certificate serial: 019422FC2723572BD88EF72C39BFED457B9F
Authority key identifier: 89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/8GtdV5vXVwAD_7uzLpWTP9X8Eis.roa
Signing time: Wed 01 Jan 2025 17:48:57 +0000
ROA not before: Wed 01 Jan 2025 17:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2001:678:f64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:27:23:57:2b:d8:8e:f7:2c:39:bf:ed:45:7b:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89bd54e7d69c147d6b56f8c6a209d3deaea277dd
Validity
Not Before: Jan 1 17:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f06b5d579bd7570003ffbbb32e95933fd5fc122b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:16:4c:d1:7f:9b:a1:c7:cf:fb:82:fa:65:
ae:35:96:2e:98:8d:68:8e:8d:d3:db:5c:bf:e5:96:
46:d2:50:9f:d8:80:de:f9:6c:f9:3b:dd:55:cb:ec:
dc:16:52:30:3f:72:7e:2d:c7:d4:c1:d4:9f:90:14:
e1:38:41:57:0e:db:74:97:b8:13:4e:8c:2b:c3:35:
e9:06:20:29:9e:65:c3:99:bd:bc:74:4f:1d:1b:ff:
5c:e2:69:52:48:b6:4f:45:4c:64:95:c4:2d:f3:e6:
c5:91:f9:98:df:a1:bd:20:ec:4e:21:f2:cc:dd:28:
5e:be:a1:1e:bf:bd:5b:8c:d6:9d:e6:07:67:e2:ee:
f0:d8:05:d5:5e:4a:9c:36:38:17:81:2d:48:1f:31:
37:8c:d1:d4:76:26:c7:dd:a7:7c:81:f1:24:3f:76:
f5:e0:40:45:0d:0c:9e:98:e4:ae:57:85:03:01:7e:
37:93:b0:8b:c2:f3:39:8c:93:07:63:53:21:1c:91:
5a:8f:f7:a0:ac:1f:aa:86:11:43:15:65:a4:d3:25:
16:84:04:79:0a:1a:cc:62:ec:88:1f:d1:7b:92:3f:
99:9a:81:a8:2e:09:64:d7:b1:4a:82:c8:34:53:1e:
50:65:f5:63:9f:24:96:bc:1f:95:26:c6:b8:ca:9c:
8c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6B:5D:57:9B:D7:57:00:03:FF:BB:B3:2E:95:93:3F:D5:FC:12:2B
X509v3 Authority Key Identifier:
keyid:89:BD:54:E7:D6:9C:14:7D:6B:56:F8:C6:A2:09:D3:DE:AE:A2:77:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ib1U59acFH1rVvjGognT3q6id90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/8GtdV5vXVwAD_7uzLpWTP9X8Eis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d800be-4acf-49f2-969d-db227c496804/1/ib1U59acFH1rVvjGognT3q6id90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:e0:e9:6a:77:a1:ae:f9:06:0f:79:51:40:c1:2b:3c:91:74:
e0:8f:a3:77:e8:9c:23:61:32:5e:49:da:47:cf:d0:c1:42:71:
35:be:b2:0e:61:48:75:33:80:2c:bc:e5:6a:fa:ee:23:88:1c:
0b:02:86:be:b7:60:46:22:19:aa:18:93:bf:ff:a5:d2:01:d1:
2c:95:f0:45:32:93:cd:ee:7b:69:b3:05:32:dd:99:ce:23:ed:
fd:c1:61:36:4f:a5:ae:f7:d0:b5:cf:df:cb:f2:27:84:30:8c:
74:86:60:e7:58:88:f3:2b:89:23:47:f8:52:6b:49:8e:4f:38:
d4:f7:95:3e:78:33:cc:28:94:8b:7f:7d:3f:39:8a:e3:8a:1c:
e0:61:d9:64:4b:00:69:1b:96:a9:b6:ca:e1:59:1d:00:7e:ce:
46:ca:15:18:fa:e3:de:86:37:c1:a6:c5:e0:3e:b9:d2:81:2f:
c7:d0:d2:9a:45:a9:ee:44:07:0f:5b:5e:54:29:04:35:54:3a:
5b:27:81:b0:1f:0c:04:03:8c:9a:46:b3:45:67:f9:da:39:60:
c2:54:3e:e7:f1:ab:e8:cd:11:ea:6c:58:58:18:aa:62:5f:0e:
7e:b5:71:27:2a:ee:6e:35:50:52:af:ad:23:e3:5e:a0:39:ef:
90:14:6e:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi/CcjVyvYjvcsOb/tRXufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YmQ1NGU3ZDY5YzE0N2Q2YjU2ZjhjNmEyMDlkM2RlYWVh
Mjc3ZGQwHhcNMjUwMTAxMTc0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZiNWQ1NzliZDc1NzAwMDNmZmJiYjMyZTk1OTMzZmQ1ZmMxMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7YWTNF/m6HHz/uC+mWuNZYumI1o
jo3T21y/5ZZG0lCf2IDe+Wz5O91Vy+zcFlIwP3J+LcfUwdSfkBThOEFXDtt0l7gT
TowrwzXpBiApnmXDmb28dE8dG/9c4mlSSLZPRUxklcQt8+bFkfmY36G9IOxOIfLM
3ShevqEev71bjNad5gdn4u7w2AXVXkqcNjgXgS1IHzE3jNHUdibH3ad8gfEkP3b1
4EBFDQyemOSuV4UDAX43k7CLwvM5jJMHY1MhHJFaj/egrB+qhhFDFWWk0yUWhAR5
ChrMYuyIH9F7kj+ZmoGoLglk17FKgsg0Ux5QZfVjnySWvB+VJsa4ypyMGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPBrXVeb11cAA/+7sy6Vkz/V/BIrMB8GA1UdIwQY
MBaAFIm9VOfWnBR9a1b4xqIJ096uonfdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQt
ZGIyMjdjNDk2ODA0LzEvOEd0ZFY1dlhWd0FEXzd1ekxwV1RQOVg4RWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kODAwYmUtNGFjZi00OWYyLTk2OWQtZGIyMjdjNDk2ODA0
LzEvaWIxVTU5YWNGSDFyVnZqR29nblQzcTZpZDkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9k
MA0GCSqGSIb3DQEBCwUAA4IBAQAM4Olqd6Gu+QYPeVFAwSs8kXTgj6N36JwjYTJe
SdpHz9DBQnE1vrIOYUh1M4AsvOVq+u4jiBwLAoa+t2BGIhmqGJO//6XSAdEslfBF
MpPN7ntpswUy3ZnOI+39wWE2T6Wu99C1z9/L8ieEMIx0hmDnWIjzK4kjR/hSa0mO
TzjU95U+eDPMKJSLf30/OYrjihzgYdlkSwBpG5aptsrhWR0Afs5GyhUY+uPehjfB
psXgPrnSgS/H0NKaRanuRAcPW15UKQQ1VDpbJ4GwHwwEA4yaRrNFZ/naOWDCVD7n
8avozRHqbFhYGKpiXw5+tXEnKu5uNVBSr60j416gOe+QFG4o
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:21:35 2025 by rpki-client