Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/edybjTyXMEOIpo8OrCMTV-YbDa0.roa
File: edybjTyXMEOIpo8OrCMTV-YbDa0.roa (raw, json)
Hash identifier: kEaTmQltRi9fx7k84ywpPj0U4xM+95NVEaQ/gywd2oc=
Subject key identifier: 79:DC:9B:8D:3C:97:30:43:88:A6:8F:0E:AC:23:13:57:E6:1B:0D:AD
Certificate issuer: /CN=b3fddf701dd74ba99ac1f47b6767ef44f1a81077
Certificate serial: 019421B2564D76CCC5B01EDF7E4564466B21
Authority key identifier: B3:FD:DF:70:1D:D7:4B:A9:9A:C1:F4:7B:67:67:EF:44:F1:A8:10:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s_3fcB3XS6mawfR7Z2fvRPGoEHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/edybjTyXMEOIpo8OrCMTV-YbDa0.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207341
IP address blocks: 2001:678:c64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:56:4d:76:cc:c5:b0:1e:df:7e:45:64:46:6b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3fddf701dd74ba99ac1f47b6767ef44f1a81077
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=79dc9b8d3c97304388a68f0eac231357e61b0dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:ae:a1:1b:7d:b5:b5:fe:06:43:39:20:56:
36:e7:ff:a4:7e:ec:98:6e:5f:e8:2b:da:fd:e1:ba:
c9:3c:2c:0c:b9:09:36:52:11:b9:79:4c:63:95:90:
0d:fa:d9:9d:9b:fe:20:42:3b:68:ce:e1:41:b9:81:
5b:6a:33:4e:6c:27:65:6d:a0:e4:6c:c1:5f:a3:6f:
b7:42:c8:bb:fc:05:73:68:5b:15:47:9c:88:3f:f9:
00:c9:fd:c7:90:e2:35:6e:ca:52:36:be:e4:2c:1e:
4f:13:a5:90:94:be:91:19:fd:56:96:9c:b6:a1:d5:
8b:f1:d6:21:a9:57:eb:a5:dc:b4:06:cf:38:c1:ac:
81:7f:5a:00:0e:50:40:26:0d:d4:46:93:50:f2:22:
3d:0f:71:d3:bc:7a:d7:13:23:1c:04:e9:3c:e8:55:
89:0d:35:da:9e:df:ff:21:9c:00:8e:2d:9b:41:ac:
3c:ac:66:ff:36:0b:e6:cb:0b:da:81:91:dd:f9:64:
4c:c7:00:cf:b5:5d:5f:0a:d4:71:06:8a:04:27:02:
9c:fd:c3:3d:16:00:2e:4d:8a:3d:12:31:11:66:88:
88:eb:64:4e:cb:fb:88:42:75:1c:4e:d3:b7:f3:08:
01:76:fe:c1:75:63:68:cb:cb:1d:cb:09:dc:61:4b:
96:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:DC:9B:8D:3C:97:30:43:88:A6:8F:0E:AC:23:13:57:E6:1B:0D:AD
X509v3 Authority Key Identifier:
keyid:B3:FD:DF:70:1D:D7:4B:A9:9A:C1:F4:7B:67:67:EF:44:F1:A8:10:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_3fcB3XS6mawfR7Z2fvRPGoEHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/edybjTyXMEOIpo8OrCMTV-YbDa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/s_3fcB3XS6mawfR7Z2fvRPGoEHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:b1:9e:f0:bd:dc:26:fd:4f:36:07:3c:6d:97:ba:91:31:4f:
f9:ca:47:98:f3:3c:cb:d8:e0:3b:ca:f6:38:41:10:db:a5:4f:
5f:3c:cd:cd:c5:5f:f2:e6:9d:dd:9f:fa:2c:e2:94:a4:25:45:
3f:f5:6d:65:9e:b1:72:aa:15:1d:98:eb:a9:7f:8a:1c:34:38:
51:c9:f7:45:47:eb:00:a0:1e:2c:53:e6:8b:03:f7:5a:8f:7e:
98:57:4d:8d:03:29:6b:92:d0:a7:92:fc:da:01:59:14:53:60:
84:d7:d8:68:65:b3:a2:aa:b8:12:bb:46:89:6c:c1:ba:b5:b5:
e9:a0:81:e9:15:3b:bb:3c:ab:ed:f1:0f:68:41:42:14:34:3b:
94:e0:33:56:e4:33:93:de:50:d8:3c:b0:6a:b0:7f:a7:74:9f:
42:54:a0:30:20:c8:aa:fe:31:bd:70:bb:58:35:cd:37:07:38:
3b:22:26:50:ff:d0:2e:c1:9d:b2:b8:60:fb:86:96:40:52:7b:
f4:78:a3:17:a6:9f:65:5a:46:97:a2:a2:26:f5:b3:be:4d:fd:
b1:29:f2:32:40:f4:e4:9d:a1:2c:89:1e:7a:a6:f8:94:8e:8d:
1a:49:48:85:54:14:a5:98:38:69:04:fc:37:1f:95:91:85:44:
23:8f:92:e7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhslZNdszFsB7ffkVkRmshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmRkZjcwMWRkNzRiYTk5YWMxZjQ3YjY3NjdlZjQ0ZjFh
ODEwNzcwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWRjOWI4ZDNjOTczMDQzODhhNjhmMGVhYzIzMTM1N2U2MWIwZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkuuoRt9tbX+BkM5IFY25/+kfuyY
bl/oK9r94brJPCwMuQk2UhG5eUxjlZAN+tmdm/4gQjtozuFBuYFbajNObCdlbaDk
bMFfo2+3Qsi7/AVzaFsVR5yIP/kAyf3HkOI1bspSNr7kLB5PE6WQlL6RGf1Wlpy2
odWL8dYhqVfrpdy0Bs84wayBf1oADlBAJg3URpNQ8iI9D3HTvHrXEyMcBOk86FWJ
DTXant//IZwAji2bQaw8rGb/NgvmywvagZHd+WRMxwDPtV1fCtRxBooEJwKc/cM9
FgAuTYo9EjERZoiI62ROy/uIQnUcTtO38wgBdv7BdWNoy8sdywncYUuWAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHncm408lzBDiKaPDqwjE1fmGw2tMB8GA1UdIwQY
MBaAFLP933Ad10upmsH0e2dn70TxqBB3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc18zZmNCM1hTNm1hd2ZSN1oyZnZSUEdvRUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83MzRmNDgtNjc1NS00ZmVlLWJkNDYt
Mzc2NGJlZWFhMWIyLzEvZWR5YmpUeVhNRU9JcG84T3JDTVRWLVliRGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83MzRmNDgtNjc1NS00ZmVlLWJkNDYtMzc2NGJlZWFhMWIy
LzEvc18zZmNCM1hTNm1hd2ZSN1oyZnZSUEdvRUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAxk
MA0GCSqGSIb3DQEBCwUAA4IBAQCnsZ7wvdwm/U82Bzxtl7qRMU/5ykeY8zzL2OA7
yvY4QRDbpU9fPM3NxV/y5p3dn/os4pSkJUU/9W1lnrFyqhUdmOupf4ocNDhRyfdF
R+sAoB4sU+aLA/daj36YV02NAylrktCnkvzaAVkUU2CE19hoZbOiqrgSu0aJbMG6
tbXpoIHpFTu7PKvt8Q9oQUIUNDuU4DNW5DOT3lDYPLBqsH+ndJ9CVKAwIMiq/jG9
cLtYNc03Bzg7IiZQ/9AuwZ2yuGD7hpZAUnv0eKMXpp9lWkaXoqIm9bO+Tf2xKfIy
QPTknaEsiR56pviUjo0aSUiFVBSlmDhpBPw3H5WRhUQjj5Ln
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:55:37 2025 by rpki-client