Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/DxvyOvX_B_53rxJwdrCQhrTrP1k.roa
File: DxvyOvX_B_53rxJwdrCQhrTrP1k.roa (raw, json)
Hash identifier: /QHPX7klgOVDwnIhNfRb5Qr8g1eXkb5fViTBEEXKy/Q=
Subject key identifier: 0F:1B:F2:3A:F5:FF:07:FE:77:AF:12:70:76:B0:90:86:B4:EB:3F:59
Certificate issuer: /CN=82dc3bf507d71e021b74cc563e71d9dd0b42b79e
Certificate serial: 018CC2DB32405B98E48E5A54AE6E16E21644
Authority key identifier: 82:DC:3B:F5:07:D7:1E:02:1B:74:CC:56:3E:71:D9:DD:0B:42:B7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gtw79QfXHgIbdMxWPnHZ3QtCt54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/DxvyOvX_B_53rxJwdrCQhrTrP1k.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215956
IP address blocks: 2001:67c:688::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:32:40:5b:98:e4:8e:5a:54:ae:6e:16:e2:16:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82dc3bf507d71e021b74cc563e71d9dd0b42b79e
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f1bf23af5ff07fe77af127076b09086b4eb3f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f2:40:9d:5d:a5:67:72:23:3c:43:f1:0c:c9:
45:78:11:f0:ce:52:a9:93:7c:1d:7d:9e:74:d0:d0:
c2:17:86:5e:74:f2:3c:6a:bb:e1:a5:c0:c8:bc:34:
fc:57:24:7c:97:8a:ba:40:da:a8:e3:11:4d:70:f8:
0c:9e:93:49:42:73:b7:0d:66:6e:8f:e9:53:50:ab:
07:b3:45:06:2b:16:23:9d:c7:f9:32:61:0a:a3:31:
8e:7b:29:86:b5:d0:54:5a:a0:82:be:f5:7e:a9:6d:
8c:18:fc:22:9f:26:0b:98:b1:23:62:bf:b5:1d:58:
46:af:40:b0:b0:63:a6:0e:f0:c7:a9:37:f5:a1:82:
a5:45:f5:d8:a8:e8:0c:d0:6b:99:9f:3c:b4:3b:4c:
c2:92:4e:01:a6:04:3b:20:af:9f:b8:62:0c:67:59:
bc:bc:b2:b9:de:5d:31:d3:19:07:84:60:7d:db:dd:
8a:f5:51:6a:01:96:43:ab:2b:6d:97:9b:60:d9:13:
af:c2:cd:2f:6d:e4:a5:ea:04:5c:f7:0f:3d:e0:5b:
cf:7a:2a:ca:22:b2:e3:6c:73:8d:fc:6f:99:77:de:
9c:09:4a:34:ec:1a:9e:69:a3:fa:a8:2f:58:35:2f:
ec:c0:13:7a:e9:bc:cf:3d:66:5a:05:45:56:e1:e0:
f6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1B:F2:3A:F5:FF:07:FE:77:AF:12:70:76:B0:90:86:B4:EB:3F:59
X509v3 Authority Key Identifier:
keyid:82:DC:3B:F5:07:D7:1E:02:1B:74:CC:56:3E:71:D9:DD:0B:42:B7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gtw79QfXHgIbdMxWPnHZ3QtCt54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/DxvyOvX_B_53rxJwdrCQhrTrP1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/385866-a4c5-4a0a-8238-79f94b50ab2f/1/gtw79QfXHgIbdMxWPnHZ3QtCt54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:688::/48
Signature Algorithm: sha256WithRSAEncryption
58:a6:ab:80:df:5f:fc:cd:62:74:bd:04:83:3c:e4:ac:23:d7:
06:ce:bc:36:86:11:4b:ff:74:77:f6:d1:71:49:c9:fd:99:2e:
3e:5d:f6:29:c3:06:f2:3d:b0:3b:b8:50:61:0c:06:1e:32:5d:
db:a0:49:32:b0:1e:df:c8:e6:2f:26:9f:2c:3e:16:05:10:77:
93:59:4b:6e:ff:d6:be:5a:dc:70:65:cf:7e:b1:26:ff:93:2d:
b0:f1:17:c0:da:d5:02:f6:93:43:66:f5:a7:26:11:3f:ae:7a:
cf:8f:d6:66:a0:ff:8d:52:91:fc:22:4f:02:97:78:4b:56:ce:
7d:32:64:33:7d:a9:03:49:7c:b9:13:7b:20:d1:d9:bc:9b:73:
0b:48:29:4e:88:9f:35:87:f2:7a:f3:32:61:fd:8b:85:4d:54:
4a:c5:4b:4a:b0:5c:9a:53:79:f6:68:ae:68:87:c2:56:a3:66:
48:86:e3:a9:e5:8b:0c:f2:41:eb:86:61:43:6b:c2:40:a9:12:
21:0e:b4:17:60:85:14:fd:91:96:bf:d3:e6:d7:fa:74:a8:0f:
36:75:7e:a3:0e:8f:b8:b7:d7:f4:1e:0f:9a:76:5e:f4:28:38:
71:77:95:9d:8e:b5:43:6c:85:1c:75:8b:68:6f:24:f2:83:72:
16:a4:9f:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzC2zJAW5jkjlpUrm4W4hZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZGMzYmY1MDdkNzFlMDIxYjc0Y2M1NjNlNzFkOWRkMGI0
MmI3OWUwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjFiZjIzYWY1ZmYwN2ZlNzdhZjEyNzA3NmIwOTA4NmI0ZWIzZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvJAnV2lZ3IjPEPxDMlFeBHwzlKp
k3wdfZ500NDCF4ZedPI8arvhpcDIvDT8VyR8l4q6QNqo4xFNcPgMnpNJQnO3DWZu
j+lTUKsHs0UGKxYjncf5MmEKozGOeymGtdBUWqCCvvV+qW2MGPwinyYLmLEjYr+1
HVhGr0CwsGOmDvDHqTf1oYKlRfXYqOgM0GuZnzy0O0zCkk4BpgQ7IK+fuGIMZ1m8
vLK53l0x0xkHhGB9292K9VFqAZZDqyttl5tg2ROvws0vbeSl6gRc9w894FvPeirK
IrLjbHON/G+Zd96cCUo07BqeaaP6qC9YNS/swBN66bzPPWZaBUVW4eD2DQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA8b8jr1/wf+d68ScHawkIa06z9ZMB8GA1UdIwQY
MBaAFILcO/UH1x4CG3TMVj5x2d0LQreeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3R3NzlRZlhIZ0liZE14V1BuSFozUXRDdDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zODU4NjYtYTRjNS00YTBhLTgyMzgt
NzlmOTRiNTBhYjJmLzEvRHh2eU92WF9CXzUzcnhKd2RyQ1FoclRyUDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zODU4NjYtYTRjNS00YTBhLTgyMzgtNzlmOTRiNTBhYjJm
LzEvZ3R3NzlRZlhIZ0liZE14V1BuSFozUXRDdDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAaI
MA0GCSqGSIb3DQEBCwUAA4IBAQBYpquA31/8zWJ0vQSDPOSsI9cGzrw2hhFL/3R3
9tFxScn9mS4+XfYpwwbyPbA7uFBhDAYeMl3boEkysB7fyOYvJp8sPhYFEHeTWUtu
/9a+WtxwZc9+sSb/ky2w8RfA2tUC9pNDZvWnJhE/rnrPj9ZmoP+NUpH8Ik8Cl3hL
Vs59MmQzfakDSXy5E3sg0dm8m3MLSClOiJ81h/J68zJh/YuFTVRKxUtKsFyaU3n2
aK5oh8JWo2ZIhuOp5YsM8kHrhmFDa8JAqRIhDrQXYIUU/ZGWv9Pm1/p0qA82dX6j
Do+4t9f0Hg+adl70KDhxd5WdjrVDbIUcdYtobyTyg3IWpJ8x
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:57 2025 by rpki-client