Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/m2dhrf3Rclq5VPUz6FGr9fO5zWk.roa
File: m2dhrf3Rclq5VPUz6FGr9fO5zWk.roa (raw, json)
Hash identifier: b/cL3poLQxW2fwOOaKBCRvOjqF9MFsyDwqLJ1W2ENaI=
Subject key identifier: 9B:67:61:AD:FD:D1:72:5A:B9:54:F5:33:E8:51:AB:F5:F3:B9:CD:69
Certificate issuer: /CN=b3fddf701dd74ba99ac1f47b6767ef44f1a81077
Certificate serial: 018CAD903501A392283CEE943ACA42C4C4F0
Authority key identifier: B3:FD:DF:70:1D:D7:4B:A9:9A:C1:F4:7B:67:67:EF:44:F1:A8:10:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s_3fcB3XS6mawfR7Z2fvRPGoEHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/m2dhrf3Rclq5VPUz6FGr9fO5zWk.roa
Signing time: Wed 27 Dec 2023 23:15:58 +0000
ROA not before: Wed 27 Dec 2023 23:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212123
IP address blocks: 2001:678:c64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ad:90:35:01:a3:92:28:3c:ee:94:3a:ca:42:c4:c4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3fddf701dd74ba99ac1f47b6767ef44f1a81077
Validity
Not Before: Dec 27 23:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b6761adfdd1725ab954f533e851abf5f3b9cd69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c9:35:87:ec:97:78:e3:ad:9e:91:72:d8:06:
a1:1b:62:91:9f:61:44:25:74:24:f5:9a:fe:59:6a:
5e:72:b5:43:9a:e0:ce:02:c3:c2:53:0f:16:6c:fa:
81:6c:b6:e0:39:e4:26:59:e6:60:a2:83:95:64:77:
97:8f:5b:c7:79:e8:b9:c9:64:20:aa:7b:9f:4a:6d:
c5:7a:13:a6:94:80:34:9c:1d:44:15:19:5c:5a:69:
84:fd:c4:e3:54:8f:45:b2:1f:aa:6d:a4:f7:6b:fe:
30:a5:db:bb:1b:b3:51:da:c4:04:ff:3e:58:38:dc:
17:a6:50:86:57:6b:6b:3c:30:93:88:7d:6c:6c:e9:
60:29:11:74:88:34:e0:f8:42:bb:3b:68:e2:22:4c:
96:75:81:2f:ec:ea:d0:1f:a9:5f:45:0f:44:60:13:
07:17:ae:49:4e:87:92:8c:73:86:89:73:bf:8b:f3:
4d:e5:81:e0:eb:83:11:f3:c3:cf:79:24:7c:d3:0d:
24:9b:20:4c:c9:14:fc:23:a9:eb:9a:13:a3:76:a2:
aa:4c:a4:3b:62:76:9c:9f:56:8e:90:b1:db:62:94:
fe:f1:7a:5d:7f:8f:de:33:da:99:90:e1:84:bc:4f:
da:4e:82:bc:ee:8e:87:ed:33:3c:32:67:5e:e6:13:
84:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:67:61:AD:FD:D1:72:5A:B9:54:F5:33:E8:51:AB:F5:F3:B9:CD:69
X509v3 Authority Key Identifier:
keyid:B3:FD:DF:70:1D:D7:4B:A9:9A:C1:F4:7B:67:67:EF:44:F1:A8:10:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_3fcB3XS6mawfR7Z2fvRPGoEHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/m2dhrf3Rclq5VPUz6FGr9fO5zWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/734f48-6755-4fee-bd46-3764beeaa1b2/1/s_3fcB3XS6mawfR7Z2fvRPGoEHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:77:ad:3a:6d:ef:a2:fa:73:57:25:f6:2c:35:6a:be:bf:39:
67:f6:af:8d:dd:6e:d1:fe:f4:e6:1e:45:09:6d:44:77:0e:7d:
1a:2f:2b:2d:59:28:63:ee:d8:d5:0b:d0:47:ea:bf:d3:29:ef:
fc:2c:33:7a:11:0c:85:54:c4:74:9b:c5:49:46:89:86:f6:16:
1b:7e:3c:62:de:40:ba:a6:a0:92:f8:a0:a9:66:1d:f0:b3:10:
a7:c8:c0:8f:dd:89:ef:d3:dc:14:25:8d:24:09:b5:3e:f4:bd:
17:5d:9d:27:72:76:04:00:21:86:35:5c:f8:25:15:3a:d1:7e:
23:3a:2c:13:fb:dc:10:9a:52:44:3a:90:29:8b:f1:f4:b2:3d:
2c:f4:bc:50:2c:1d:31:48:23:a1:7a:e7:b9:2b:7a:12:e0:28:
60:85:11:dd:ae:bd:a1:f6:6c:28:20:2c:df:ae:78:90:d6:3c:
a3:45:9d:25:e7:14:6b:3c:b4:92:da:aa:67:55:00:86:e9:32:
cb:1a:ab:d4:c4:52:2a:42:80:d7:a3:ac:f8:44:e8:58:f1:a4:
db:a4:10:29:d6:8c:a8:e8:61:7e:b2:f1:48:11:f9:dd:de:8b:
d4:4f:aa:48:9d:5c:cc:42:56:83:9e:54:00:46:a8:98:94:a2:
97:b3:22:f6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYytkDUBo5IoPO6UOspCxMTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmRkZjcwMWRkNzRiYTk5YWMxZjQ3YjY3NjdlZjQ0ZjFh
ODEwNzcwHhcNMjMxMjI3MjMxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjY3NjFhZGZkZDE3MjVhYjk1NGY1MzNlODUxYWJmNWYzYjljZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMk1h+yXeOOtnpFy2AahG2KRn2FE
JXQk9Zr+WWpecrVDmuDOAsPCUw8WbPqBbLbgOeQmWeZgooOVZHeXj1vHeei5yWQg
qnufSm3FehOmlIA0nB1EFRlcWmmE/cTjVI9Fsh+qbaT3a/4wpdu7G7NR2sQE/z5Y
ONwXplCGV2trPDCTiH1sbOlgKRF0iDTg+EK7O2jiIkyWdYEv7OrQH6lfRQ9EYBMH
F65JToeSjHOGiXO/i/NN5YHg64MR88PPeSR80w0kmyBMyRT8I6nrmhOjdqKqTKQ7
Ynacn1aOkLHbYpT+8Xpdf4/eM9qZkOGEvE/aToK87o6H7TM8Mmde5hOEZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJtnYa390XJauVT1M+hRq/Xzuc1pMB8GA1UdIwQY
MBaAFLP933Ad10upmsH0e2dn70TxqBB3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc18zZmNCM1hTNm1hd2ZSN1oyZnZSUEdvRUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83MzRmNDgtNjc1NS00ZmVlLWJkNDYt
Mzc2NGJlZWFhMWIyLzEvbTJkaHJmM1JjbHE1VlBVejZGR3I5Zk81eldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83MzRmNDgtNjc1NS00ZmVlLWJkNDYtMzc2NGJlZWFhMWIy
LzEvc18zZmNCM1hTNm1hd2ZSN1oyZnZSUEdvRUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAxk
MA0GCSqGSIb3DQEBCwUAA4IBAQCad606be+i+nNXJfYsNWq+vzln9q+N3W7R/vTm
HkUJbUR3Dn0aLystWShj7tjVC9BH6r/TKe/8LDN6EQyFVMR0m8VJRomG9hYbfjxi
3kC6pqCS+KCpZh3wsxCnyMCP3Ynv09wUJY0kCbU+9L0XXZ0ncnYEACGGNVz4JRU6
0X4jOiwT+9wQmlJEOpApi/H0sj0s9LxQLB0xSCOheue5K3oS4ChghRHdrr2h9mwo
ICzfrniQ1jyjRZ0l5xRrPLSS2qpnVQCG6TLLGqvUxFIqQoDXo6z4ROhY8aTbpBAp
1oyo6GF+svFIEfnd3ovUT6pInVzMQlaDnlQARqiYlKKXsyL2
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:50:23 2025 by rpki-client