Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/CLpkAB9SkASnLi0bcVjlvibT8q0.roa
File: CLpkAB9SkASnLi0bcVjlvibT8q0.roa (raw, json)
Hash identifier: h9ZbpSD1UKLYDhyFqL5vdv53fTWYJR5sayvIQP/wamo=
Subject key identifier: 08:BA:64:00:1F:52:90:04:A7:2E:2D:1B:71:58:E5:BE:26:D3:F2:AD
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 01941F8C72A10108E6BC0A052617C8EA8F40
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/CLpkAB9SkASnLi0bcVjlvibT8q0.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214512
IP address blocks: 2a14:67c1:10::/44 maxlen: 48
2a14:67c1:2000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:72:a1:01:08:e6:bc:0a:05:26:17:c8:ea:8f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08ba64001f529004a72e2d1b7158e5be26d3f2ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:08:8c:fc:83:be:69:34:c9:25:8d:e5:96:3a:
d1:6d:fe:e9:b6:00:e3:e0:50:08:d6:87:8f:73:5c:
40:18:db:5b:73:1b:01:7e:85:d8:cb:ca:62:87:19:
2f:3a:05:78:35:92:58:9a:c9:d4:fc:a4:4e:d6:78:
22:d8:72:0f:78:a4:62:89:80:ee:5e:93:b0:63:db:
ba:45:8d:5b:89:43:22:e4:c9:7d:c6:b6:f3:63:00:
a1:d4:e5:e4:4a:d4:37:f7:0a:16:c9:a0:ad:7e:a5:
21:f2:4d:92:17:9e:7c:0e:1d:91:f3:24:1c:48:3d:
c1:a7:81:cc:25:2b:f0:fd:0f:4b:c6:61:d5:37:f2:
5c:e1:49:76:f9:6c:98:e3:05:a3:64:ab:37:de:41:
af:f8:65:bb:72:73:2a:34:61:de:37:de:a7:d8:9f:
fa:a3:f9:94:2d:f4:16:c2:a6:86:54:a3:56:e9:d0:
1a:c6:18:8d:a7:5f:90:6e:06:0a:f6:d9:fc:07:db:
09:4e:8e:20:ba:46:06:30:4d:45:42:de:9d:98:84:
36:0d:db:64:92:a7:b9:94:8c:4e:79:ba:01:4a:e6:
65:9e:e5:2b:d1:3e:00:1b:4a:ec:c4:f1:be:1b:96:
3f:02:c8:2c:e1:c2:e1:94:15:af:7b:20:2d:0b:df:
25:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BA:64:00:1F:52:90:04:A7:2E:2D:1B:71:58:E5:BE:26:D3:F2:AD
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/CLpkAB9SkASnLi0bcVjlvibT8q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:10::/44
2a14:67c1:2000::/36
Signature Algorithm: sha256WithRSAEncryption
b8:d7:21:7a:58:8f:60:89:ac:e1:35:52:40:3f:90:66:92:93:
80:02:52:df:99:26:24:f9:7b:aa:b9:65:d9:5f:6f:e3:b2:35:
62:b4:4c:a9:19:02:39:3f:41:73:71:c8:30:8d:6e:74:9b:e2:
0e:6c:ae:4f:a1:20:e7:b0:fa:14:4c:b3:85:73:01:a9:bc:e0:
c3:d4:54:26:40:b2:3b:f0:df:77:f5:11:72:46:57:2b:5f:59:
c8:18:23:f6:0d:3b:30:9b:a3:a9:7b:21:5a:9e:a7:90:5b:22:
e5:db:fd:59:15:e3:ea:93:d7:c2:82:02:fe:fe:fb:9d:2c:03:
4b:a7:a2:7e:c9:29:88:84:07:9e:e2:2b:31:d9:a5:1a:85:9b:
e1:9c:b7:0a:de:10:7e:d0:09:d5:d2:01:c9:e5:1c:b5:c4:1a:
81:4b:f8:6e:6c:b9:aa:81:87:c9:47:dd:96:ae:3e:db:7a:8e:
ff:82:49:f2:fc:4d:eb:99:5f:bc:dd:43:ad:e2:71:95:2e:36:
72:5f:2d:0f:e7:20:13:d2:f5:d3:b0:eb:19:f0:ae:09:b2:62:
a3:ed:bb:12:49:ed:56:85:2c:1a:c6:80:28:19:d3:87:fc:01:
52:c5:3d:a1:df:7a:ce:0b:18:c2:18:b1:e5:80:dd:06:58:e5:
53:d7:88:94
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZQfjHKhAQjmvAoFJhfI6o9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJhNjQwMDFmNTI5MDA0YTcyZTJkMWI3MTU4ZTViZTI2ZDNmMmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAiM/IO+aTTJJY3lljrRbf7ptgDj
4FAI1oePc1xAGNtbcxsBfoXYy8pihxkvOgV4NZJYmsnU/KRO1ngi2HIPeKRiiYDu
XpOwY9u6RY1biUMi5Ml9xrbzYwCh1OXkStQ39woWyaCtfqUh8k2SF558Dh2R8yQc
SD3Bp4HMJSvw/Q9LxmHVN/Jc4Ul2+WyY4wWjZKs33kGv+GW7cnMqNGHeN96n2J/6
o/mULfQWwqaGVKNW6dAaxhiNp1+QbgYK9tn8B9sJTo4gukYGME1FQt6dmIQ2Ddtk
kqe5lIxOeboBSuZlnuUr0T4AG0rsxPG+G5Y/Asgs4cLhlBWveyAtC98lHwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFAi6ZAAfUpAEpy4tG3FY5b4m0/KtMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvQ0xwa0FCOVNrQVNuTGkwYmNWamx2aWJUOHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKhRnwQAQ
AwYEKhRnwSAwDQYJKoZIhvcNAQELBQADggEBALjXIXpYj2CJrOE1UkA/kGaSk4AC
Ut+ZJiT5e6q5Zdlfb+OyNWK0TKkZAjk/QXNxyDCNbnSb4g5srk+hIOew+hRMs4Vz
Aam84MPUVCZAsjvw33f1EXJGVytfWcgYI/YNOzCbo6l7IVqep5BbIuXb/VkV4+qT
18KCAv7++50sA0unon7JKYiEB57iKzHZpRqFm+GctwreEH7QCdXSAcnlHLXEGoFL
+G5suaqBh8lH3ZauPtt6jv+CSfL8TeuZX7zdQ63icZUuNnJfLQ/nIBPS9dOw6xnw
rgmyYqPtuxJJ7VaFLBrGgCgZ04f8AVLFPaHfes4LGMIYseWA3QZY5VPXiJQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:58 2025 by rpki-client