Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/ff87ea-d9a1-49d3-84a9-6751c8cf99b5/1/fstfu6phDhwQGmRedP8QLMgwkW4.roa
File: fstfu6phDhwQGmRedP8QLMgwkW4.roa (raw, json)
Hash identifier: o4BMth9P/zmkYVuKIhNXDYZW/O+//zDRauMsJcIP1iQ=
Subject key identifier: 7E:CB:5F:BB:AA:61:0E:1C:10:1A:64:5E:74:FF:10:2C:C8:30:91:6E
Certificate issuer: /CN=da658f7760556b029df5a2959337d56bd5e0c7f9
Certificate serial: 0189895884B05E9A29A5BFA78602118AE760
Authority key identifier: DA:65:8F:77:60:55:6B:02:9D:F5:A2:95:93:37:D5:6B:D5:E0:C7:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2mWPd2BVawKd9aKVkzfVa9Xgx_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/ff87ea-d9a1-49d3-84a9-6751c8cf99b5/1/fstfu6phDhwQGmRedP8QLMgwkW4.roa
Signing time: Mon 24 Jul 2023 19:20:26 +0000
ROA not before: Mon 24 Jul 2023 19:20:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197657
IP address blocks: 2001:67c:cc8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:89:58:84:b0:5e:9a:29:a5:bf:a7:86:02:11:8a:e7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da658f7760556b029df5a2959337d56bd5e0c7f9
Validity
Not Before: Jul 24 19:20:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ecb5fbbaa610e1c101a645e74ff102cc830916e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:47:14:b9:71:4b:9e:a8:e8:f8:f9:ad:40:27:
90:ac:5d:9d:e2:eb:36:4c:49:ff:fe:07:b5:bb:17:
fa:ff:41:1d:85:0c:81:be:13:64:70:58:4a:9d:16:
69:a7:73:21:13:0d:72:c8:71:d9:53:b2:01:c0:8d:
5a:43:0e:1d:df:8b:82:04:a9:45:85:2d:87:c6:b9:
86:6e:e7:28:ee:b7:99:fb:72:ec:51:12:71:9c:a9:
45:2a:fe:e2:ae:42:af:be:ea:76:16:b4:03:ba:69:
41:7b:94:6d:8e:72:aa:66:7e:95:f6:97:4c:ca:91:
9e:c0:8d:d0:c0:0d:7c:60:84:b1:52:57:88:2b:e3:
78:40:df:d8:9e:96:07:45:41:3f:4c:26:d8:ed:c2:
0f:ee:cb:13:59:e8:38:c3:14:96:6c:56:29:18:c3:
23:df:11:20:b3:7f:79:ee:47:3a:35:ed:f2:d9:2d:
07:2f:b2:86:20:19:60:83:2c:e8:9f:f5:33:f0:56:
b0:f9:78:d0:c2:f7:94:6e:ad:9f:12:f5:bb:d3:a4:
fe:f4:18:35:6e:3a:1e:e1:9d:09:6e:58:e6:5b:1b:
23:83:48:d0:d7:ff:62:ee:d7:eb:c2:5d:40:b8:e0:
ac:3d:8e:c4:30:8a:f4:ef:d3:cd:ae:0e:9d:b9:3d:
c8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:CB:5F:BB:AA:61:0E:1C:10:1A:64:5E:74:FF:10:2C:C8:30:91:6E
X509v3 Authority Key Identifier:
keyid:DA:65:8F:77:60:55:6B:02:9D:F5:A2:95:93:37:D5:6B:D5:E0:C7:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2mWPd2BVawKd9aKVkzfVa9Xgx_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ff87ea-d9a1-49d3-84a9-6751c8cf99b5/1/fstfu6phDhwQGmRedP8QLMgwkW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/ff87ea-d9a1-49d3-84a9-6751c8cf99b5/1/2mWPd2BVawKd9aKVkzfVa9Xgx_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:cc8::/48
Signature Algorithm: sha256WithRSAEncryption
04:e6:a7:05:ca:18:8e:c8:d6:da:22:c5:33:88:bd:80:23:25:
51:f8:f2:ba:87:88:a3:cd:b8:e2:d8:a4:9d:c6:c0:c5:97:aa:
a3:6f:72:80:5a:38:43:95:65:70:1e:a9:6f:f7:28:72:a0:a3:
fc:e4:7b:3d:fb:b1:69:32:a5:3f:60:bf:77:fb:49:8f:59:33:
d0:a7:4b:2b:fe:12:6a:d1:e8:31:23:b7:be:eb:14:dd:ea:24:
07:1d:84:e0:65:da:b8:c2:55:ce:e6:83:b9:15:f2:4d:ec:7a:
c9:92:03:89:ea:8c:09:0a:a0:03:8b:b8:fc:5c:7a:63:ba:06:
10:e5:9e:6e:e6:96:80:41:ba:ea:cf:10:7d:18:65:72:66:38:
32:4e:81:be:57:b6:ba:20:91:e7:1f:79:00:67:a9:bc:f2:06:
c6:e6:19:22:46:cb:96:d7:7f:3b:aa:95:8d:8e:39:c8:a5:08:
bf:cd:2d:3e:d4:86:45:4d:c0:fc:8d:d3:5d:00:36:c8:04:e3:
c4:d6:a1:e2:f4:2e:2d:7b:f0:75:d4:8a:11:b1:c1:46:97:a9:
b6:ca:ed:90:17:f6:df:e3:28:1d:78:33:d5:4d:6e:8d:1f:23:
c3:3b:b7:16:e6:84:02:f7:dd:dd:8d:38:f9:e6:d7:b6:74:39:
ee:0a:0a:00
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYmJWISwXpoppb+nhgIRiudgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNjU4Zjc3NjA1NTZiMDI5ZGY1YTI5NTkzMzdkNTZiZDVl
MGM3ZjkwHhcNMjMwNzI0MTkyMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWNiNWZiYmFhNjEwZTFjMTAxYTY0NWU3NGZmMTAyY2M4MzA5MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUcUuXFLnqjo+PmtQCeQrF2d4us2
TEn//ge1uxf6/0EdhQyBvhNkcFhKnRZpp3MhEw1yyHHZU7IBwI1aQw4d34uCBKlF
hS2HxrmGbuco7reZ+3LsURJxnKlFKv7irkKvvup2FrQDumlBe5RtjnKqZn6V9pdM
ypGewI3QwA18YISxUleIK+N4QN/YnpYHRUE/TCbY7cIP7ssTWeg4wxSWbFYpGMMj
3xEgs3957kc6Ne3y2S0HL7KGIBlggyzon/Uz8Faw+XjQwveUbq2fEvW706T+9Bg1
bjoe4Z0JbljmWxsjg0jQ1/9i7tfrwl1AuOCsPY7EMIr079PNrg6duT3IkwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH7LX7uqYQ4cEBpkXnT/ECzIMJFuMB8GA1UdIwQY
MBaAFNplj3dgVWsCnfWilZM31WvV4Mf5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm1XUGQyQlZhd0tkOWFLVmt6ZlZhOVhneF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mZjg3ZWEtZDlhMS00OWQzLTg0YTkt
Njc1MWM4Y2Y5OWI1LzEvZnN0ZnU2cGhEaHdRR21SZWRQOFFMTWd3a1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mZjg3ZWEtZDlhMS00OWQzLTg0YTktNjc1MWM4Y2Y5OWI1
LzEvMm1XUGQyQlZhd0tkOWFLVmt6ZlZhOVhneF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAzI
MA0GCSqGSIb3DQEBCwUAA4IBAQAE5qcFyhiOyNbaIsUziL2AIyVR+PK6h4ijzbji
2KSdxsDFl6qjb3KAWjhDlWVwHqlv9yhyoKP85Hs9+7FpMqU/YL93+0mPWTPQp0sr
/hJq0egxI7e+6xTd6iQHHYTgZdq4wlXO5oO5FfJN7HrJkgOJ6owJCqADi7j8XHpj
ugYQ5Z5u5paAQbrqzxB9GGVyZjgyToG+V7a6IJHnH3kAZ6m88gbG5hkiRsuW1387
qpWNjjnIpQi/zS0+1IZFTcD8jdNdADbIBOPE1qHi9C4te/B11IoRscFGl6m2yu2Q
F/bf4ygdeDPVTW6NHyPDO7cW5oQC993djTj55te2dDnuCgoA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:02 2025 by rpki-client