Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/tQlk1mJ3Q57dUylH0cWwEXNsNO4.roa
File: tQlk1mJ3Q57dUylH0cWwEXNsNO4.roa (raw, json)
Hash identifier: 88L8h3QT3LZj5nAWKf1psRrxbrTm+VcpE0c7xWTV8YA=
Subject key identifier: B5:09:64:D6:62:77:43:9E:DD:53:29:47:D1:C5:B0:11:73:6C:34:EE
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 01941F8C72488CB6B24E74D16675C7D7AAF0
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/tQlk1mJ3Q57dUylH0cWwEXNsNO4.roa
Signing time: Wed 01 Jan 2025 01:48:05 +0000
ROA not before: Wed 01 Jan 2025 01:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213878
IP address blocks: 2a14:67c1:20::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:72:48:8c:b6:b2:4e:74:d1:66:75:c7:d7:aa:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Jan 1 01:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b50964d66277439edd532947d1c5b011736c34ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:8c:96:6c:71:bb:53:62:f3:e7:61:87:4c:
b4:a0:66:53:51:58:f6:17:68:e6:3f:d5:bc:38:9a:
64:e6:ca:1d:af:70:95:27:bc:5d:77:34:c5:8d:43:
5f:38:1f:76:b8:5e:2c:8a:30:a8:cb:c5:10:82:36:
b5:72:36:d1:0e:0b:23:f7:08:a4:45:92:78:1f:22:
fb:37:c8:e3:d9:7d:7d:28:b2:f4:f2:7a:66:14:e1:
b5:dc:f8:6d:e4:9d:04:04:ca:03:9a:82:02:b9:62:
44:5f:ac:c9:ad:d2:2b:10:8b:54:d0:af:31:e8:10:
8a:48:62:62:13:3c:57:bf:6a:48:de:b9:ef:74:72:
6b:a7:51:e0:6c:a8:9c:fd:20:e8:f5:ba:d9:81:ec:
42:64:ab:c5:39:50:24:a9:3c:e0:4e:ad:04:24:36:
23:af:ae:5a:19:2e:61:2a:e5:da:b6:16:51:9e:cd:
65:33:7b:dc:3e:b5:1c:8b:4b:00:16:7a:7d:4f:eb:
49:5c:b9:a8:e6:fb:09:b1:b2:c2:c2:36:36:a5:76:
6f:d8:50:bd:72:80:2e:79:a5:cb:00:23:d5:e1:ec:
a1:a9:6f:aa:30:ec:bf:2b:a7:db:8e:b8:67:fd:85:
7a:71:fa:86:e2:81:6d:a8:79:a6:d8:7a:d2:22:e0:
2d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:09:64:D6:62:77:43:9E:DD:53:29:47:D1:C5:B0:11:73:6C:34:EE
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/tQlk1mJ3Q57dUylH0cWwEXNsNO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:20::/44
Signature Algorithm: sha256WithRSAEncryption
23:f6:fc:e9:6d:92:89:69:6a:0f:9c:33:c8:fa:ff:42:d2:92:
fe:ed:29:0c:1c:47:12:cf:8c:10:c4:72:01:78:79:e7:39:ed:
f1:58:b3:49:17:ce:7e:4c:70:ee:14:eb:bf:91:0c:3d:fc:14:
d5:2c:ff:f7:2d:44:14:5a:fc:76:cd:8c:80:f7:77:cb:04:3d:
bd:fd:df:82:74:24:e4:19:26:06:51:48:c5:9b:28:c9:16:7b:
4a:51:55:52:33:cf:80:0e:40:db:11:53:4a:43:52:41:d1:4f:
ed:57:4a:45:e3:1a:32:e8:da:23:17:2e:43:3d:8c:61:6d:bd:
3a:51:0b:b8:ac:a3:57:ca:c7:61:fb:a9:0a:bc:e9:d8:a3:9d:
b1:2c:88:fe:aa:9e:3f:fe:6b:26:ce:11:62:46:71:7e:5f:d9:
de:10:51:8c:92:37:dc:2b:60:fb:56:44:56:66:45:e1:bd:20:
95:e2:e9:49:8c:30:e6:45:ee:10:8f:6f:80:0f:f2:28:a4:16:
8c:38:29:61:09:92:04:a9:17:ac:6e:aa:6e:57:04:1c:95:36:
95:0d:9a:87:95:97:7e:d1:72:ed:4b:be:e4:c5:32:c3:3a:bf:
8b:40:78:13:44:29:27:6e:8e:84:3b:b3:1f:38:4e:1c:11:80:
d5:8b:48:24
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjHJIjLayTnTRZnXH16rwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMTAxMDE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTA5NjRkNjYyNzc0MzllZGQ1MzI5NDdkMWM1YjAxMTczNmMzNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1aMlmxxu1Ni8+dhh0y0oGZTUVj2
F2jmP9W8OJpk5sodr3CVJ7xddzTFjUNfOB92uF4sijCoy8UQgja1cjbRDgsj9wik
RZJ4HyL7N8jj2X19KLL08npmFOG13Pht5J0EBMoDmoICuWJEX6zJrdIrEItU0K8x
6BCKSGJiEzxXv2pI3rnvdHJrp1HgbKic/SDo9brZgexCZKvFOVAkqTzgTq0EJDYj
r65aGS5hKuXathZRns1lM3vcPrUci0sAFnp9T+tJXLmo5vsJsbLCwjY2pXZv2FC9
coAueaXLACPV4eyhqW+qMOy/K6fbjrhn/YV6cfqG4oFtqHmm2HrSIuAtDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLUJZNZid0Oe3VMpR9HFsBFzbDTuMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvdFFsazFtSjNRNTdkVXlsSDBjV3dFWE5zTk80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhRnwQAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAj9vzpbZKJaWoPnDPI+v9C0pL+7SkMHEcSz4wQ
xHIBeHnnOe3xWLNJF85+THDuFOu/kQw9/BTVLP/3LUQUWvx2zYyA93fLBD29/d+C
dCTkGSYGUUjFmyjJFntKUVVSM8+ADkDbEVNKQ1JB0U/tV0pF4xoy6NojFy5DPYxh
bb06UQu4rKNXysdh+6kKvOnYo52xLIj+qp4//msmzhFiRnF+X9neEFGMkjfcK2D7
VkRWZkXhvSCV4ulJjDDmRe4Qj2+AD/IopBaMOClhCZIEqResbqpuVwQclTaVDZqH
lZd+0XLtS77kxTLDOr+LQHgTRCknbo6EO7MfOE4cEYDVi0gk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:45 2025 by rpki-client