Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/127fb3-7d87-468b-94d2-2f9059c4f3a5/1/RqDjTULio7HkucdqWVIGBKTqd0Y.roa
File: RqDjTULio7HkucdqWVIGBKTqd0Y.roa (raw, json)
Hash identifier: PcWewLEjusrfHJnBpktJ+OmKEcChBIByu4RElEeoGKI=
Subject key identifier: 46:A0:E3:4D:42:E2:A3:B1:E4:B9:C7:6A:59:52:06:04:A4:EA:77:46
Certificate issuer: /CN=edbe73ab2730f34e94f120e9bfc55af4405369f6
Certificate serial: 01942144475DCE3E485F32828D577EEC7689
Authority key identifier: ED:BE:73:AB:27:30:F3:4E:94:F1:20:E9:BF:C5:5A:F4:40:53:69:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7b5zqycw806U8SDpv8Va9EBTafY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/127fb3-7d87-468b-94d2-2f9059c4f3a5/1/RqDjTULio7HkucdqWVIGBKTqd0Y.roa
Signing time: Wed 01 Jan 2025 09:48:30 +0000
ROA not before: Wed 01 Jan 2025 09:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 2001:67c:d34::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:47:5d:ce:3e:48:5f:32:82:8d:57:7e:ec:76:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edbe73ab2730f34e94f120e9bfc55af4405369f6
Validity
Not Before: Jan 1 09:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46a0e34d42e2a3b1e4b9c76a59520604a4ea7746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c4:22:e5:1a:5a:91:73:e0:c6:c9:bd:d3:85:
95:de:37:ec:a4:65:9d:78:ec:3a:98:27:7e:e3:7f:
3d:0f:ed:74:ef:32:49:0c:bc:20:7c:c1:31:72:43:
f7:c6:fb:bd:74:1c:ce:88:74:8d:58:a1:90:7a:c1:
25:86:11:bd:bb:0a:ff:ca:43:6c:6b:2b:d7:fc:7e:
04:4a:1d:c1:77:0d:42:ed:cf:fb:49:72:7d:33:03:
7c:28:1c:2c:3f:09:d2:0e:14:d1:31:d8:ee:54:af:
b7:67:70:6b:5a:47:d4:3b:25:65:86:fd:70:49:b2:
90:71:55:f4:21:20:26:65:95:a0:2b:60:7e:1e:11:
f0:0f:fe:13:25:f4:e4:4c:41:b7:48:49:c3:21:7c:
17:2c:05:33:de:e8:e2:9d:6b:e5:25:d6:1f:00:c1:
7a:88:6f:d7:6c:19:40:f9:c6:22:21:a7:c7:d9:09:
d9:80:6b:98:21:10:15:f4:d2:d4:9e:ee:f4:d7:cb:
2d:da:07:51:79:41:58:37:d9:71:f2:10:66:2e:92:
94:c4:ab:80:37:ff:fb:5f:3f:96:79:79:4a:73:b2:
30:00:c9:e9:ca:5d:3a:b9:ff:6b:e0:f5:2a:6d:04:
a9:89:a9:1e:fd:13:8b:3b:48:7d:7f:46:25:e9:ad:
08:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A0:E3:4D:42:E2:A3:B1:E4:B9:C7:6A:59:52:06:04:A4:EA:77:46
X509v3 Authority Key Identifier:
keyid:ED:BE:73:AB:27:30:F3:4E:94:F1:20:E9:BF:C5:5A:F4:40:53:69:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b5zqycw806U8SDpv8Va9EBTafY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/127fb3-7d87-468b-94d2-2f9059c4f3a5/1/RqDjTULio7HkucdqWVIGBKTqd0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/127fb3-7d87-468b-94d2-2f9059c4f3a5/1/7b5zqycw806U8SDpv8Va9EBTafY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d34::/48
Signature Algorithm: sha256WithRSAEncryption
79:a3:57:ee:68:f9:a3:f7:0a:9e:56:19:5a:e7:08:db:a8:6d:
7c:2d:83:57:06:54:72:3c:70:36:c0:f5:d4:27:c0:47:cf:14:
ab:f9:62:44:64:e3:62:e8:aa:74:eb:1f:06:34:59:54:50:6c:
e1:a0:fb:c3:f5:09:d4:4a:ad:2d:9f:81:fa:6d:69:bf:12:10:
62:4f:5b:fc:9c:b4:27:a4:86:b4:62:1e:45:3e:31:82:05:40:
a0:11:c2:14:9d:00:0a:4b:49:c9:a9:d7:ed:c6:a0:5d:57:35:
f4:54:bb:48:86:c9:ce:38:19:1f:c3:3b:90:38:68:71:3e:6e:
30:52:94:aa:70:93:21:a5:49:c2:31:cf:2a:65:60:a3:c9:d2:
36:3e:41:70:ad:fd:d9:49:6e:cf:0f:97:41:92:a9:d9:2c:7b:
b3:cb:aa:77:69:05:a1:e5:e5:ec:ec:a1:f0:bc:2c:36:c6:11:
07:ba:50:71:f5:27:18:c2:e5:b9:1e:6a:1a:f0:de:ab:00:48:
53:ab:11:9e:6e:05:77:1f:a7:ce:05:69:45:c5:e6:43:5f:52:
c0:16:fb:80:4d:7e:51:8b:fe:c1:db:ab:1b:d1:01:1f:f5:61:
10:ee:a6:13:ed:b0:80:02:4e:42:b3:21:d7:a6:8c:48:c7:0c:
31:a6:d8:6e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhREddzj5IXzKCjVd+7HaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYmU3M2FiMjczMGYzNGU5NGYxMjBlOWJmYzU1YWY0NDA1
MzY5ZjYwHhcNMjUwMTAxMDk0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmEwZTM0ZDQyZTJhM2IxZTRiOWM3NmE1OTUyMDYwNGE0ZWE3NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMQi5RpakXPgxsm904WV3jfspGWd
eOw6mCd+4389D+107zJJDLwgfMExckP3xvu9dBzOiHSNWKGQesElhhG9uwr/ykNs
ayvX/H4ESh3Bdw1C7c/7SXJ9MwN8KBwsPwnSDhTRMdjuVK+3Z3BrWkfUOyVlhv1w
SbKQcVX0ISAmZZWgK2B+HhHwD/4TJfTkTEG3SEnDIXwXLAUz3ujinWvlJdYfAMF6
iG/XbBlA+cYiIafH2QnZgGuYIRAV9NLUnu7018st2gdReUFYN9lx8hBmLpKUxKuA
N//7Xz+WeXlKc7IwAMnpyl06uf9r4PUqbQSpiake/ROLO0h9f0Yl6a0InQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEag401C4qOx5LnHallSBgSk6ndGMB8GA1UdIwQY
MBaAFO2+c6snMPNOlPEg6b/FWvRAU2n2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2I1enF5Y3c4MDZVOFNEcHY4VmE5RUJUYWZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8xMjdmYjMtN2Q4Ny00NjhiLTk0ZDIt
MmY5MDU5YzRmM2E1LzEvUnFEalRVTGlvN0hrdWNkcVdWSUdCS1RxZDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8xMjdmYjMtN2Q4Ny00NjhiLTk0ZDItMmY5MDU5YzRmM2E1
LzEvN2I1enF5Y3c4MDZVOFNEcHY4VmE5RUJUYWZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA00
MA0GCSqGSIb3DQEBCwUAA4IBAQB5o1fuaPmj9wqeVhla5wjbqG18LYNXBlRyPHA2
wPXUJ8BHzxSr+WJEZONi6Kp06x8GNFlUUGzhoPvD9QnUSq0tn4H6bWm/EhBiT1v8
nLQnpIa0Yh5FPjGCBUCgEcIUnQAKS0nJqdftxqBdVzX0VLtIhsnOOBkfwzuQOGhx
Pm4wUpSqcJMhpUnCMc8qZWCjydI2PkFwrf3ZSW7PD5dBkqnZLHuzy6p3aQWh5eXs
7KHwvCw2xhEHulBx9ScYwuW5Hmoa8N6rAEhTqxGebgV3H6fOBWlFxeZDX1LAFvuA
TX5Ri/7B26sb0QEf9WEQ7qYT7bCAAk5CsyHXpoxIxwwxpthu
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:18:42 2025 by rpki-client