Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/iSE8VzIXYTA3-dooaxmYWKpS0qo.roa
File: iSE8VzIXYTA3-dooaxmYWKpS0qo.roa (raw, json)
Hash identifier: IeDZRrl6CgL8vBwDH71W6sMJaMN7Vdw8hCmmUYyI5IA=
Subject key identifier: 89:21:3C:57:32:17:61:30:37:F9:DA:28:6B:19:98:58:AA:52:D2:AA
Certificate issuer: /CN=c68c65e699b576ab113a79be8828948f1e6cc260
Certificate serial: 0194266C2960112914C84C1EB7B6825F5319
Authority key identifier: C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/iSE8VzIXYTA3-dooaxmYWKpS0qo.roa
Signing time: Thu 02 Jan 2025 09:50:10 +0000
ROA not before: Thu 02 Jan 2025 09:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50395
IP address blocks: 2001:67c:1b0::/48 maxlen: 48
2a0d:2d45::/32 maxlen: 32
2a0e:c6c6::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:29:60:11:29:14:c8:4c:1e:b7:b6:82:5f:53:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c68c65e699b576ab113a79be8828948f1e6cc260
Validity
Not Before: Jan 2 09:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89213c573217613037f9da286b199858aa52d2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b8:68:d8:41:97:bc:04:7a:55:50:cc:67:cf:
35:73:bd:59:79:3c:a5:01:61:b4:2a:d6:cd:53:ac:
fc:b1:98:7b:30:59:4d:7c:3e:95:2d:4d:38:6b:06:
03:ee:82:b9:32:fa:3b:58:1a:50:b0:a8:c5:94:fd:
8e:37:b4:a0:e5:63:a9:c6:6c:0b:02:99:72:53:bc:
42:5d:5d:29:c4:a0:3d:c9:50:86:a8:a1:2d:33:95:
c7:bb:c6:b4:25:19:ea:25:03:6f:e1:f1:31:ba:e5:
9f:39:61:d1:15:c9:3e:1a:7b:c1:1e:d7:36:2b:6d:
ae:2d:6a:90:19:7a:48:85:71:a7:b1:f9:0b:97:fb:
9e:eb:69:e6:1e:15:76:1a:4f:eb:1d:d6:08:78:d2:
24:95:c6:bc:8b:4d:71:0b:db:80:3f:6d:68:8a:1f:
bb:70:20:22:9d:04:36:f9:ba:e7:d9:6f:19:b6:ca:
b8:01:1d:d1:a6:8c:23:dd:5d:6f:cf:10:59:35:fb:
7b:a5:cb:ef:fc:cf:19:62:15:ab:98:54:84:3c:b5:
a9:39:fa:59:61:b3:15:35:63:fe:cc:5b:df:b1:ab:
04:33:92:de:92:8c:56:f6:ec:cb:ef:5d:62:79:2a:
d2:ad:94:34:a0:b4:2c:6b:0a:86:e5:d5:ec:f0:88:
13:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:21:3C:57:32:17:61:30:37:F9:DA:28:6B:19:98:58:AA:52:D2:AA
X509v3 Authority Key Identifier:
keyid:C6:8C:65:E6:99:B5:76:AB:11:3A:79:BE:88:28:94:8F:1E:6C:C2:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xoxl5pm1dqsROnm-iCiUjx5swmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/iSE8VzIXYTA3-dooaxmYWKpS0qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/340c73-79ee-4926-8e4f-607d4f37f59f/1/xoxl5pm1dqsROnm-iCiUjx5swmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1b0::/48
2a0d:2d45::/32
2a0e:c6c6::/32
Signature Algorithm: sha256WithRSAEncryption
11:22:47:12:fd:a1:b0:5d:7b:9b:3e:74:2e:41:52:15:0a:df:
f1:9d:78:d0:fb:f1:c7:3f:28:3e:8c:05:7e:52:a3:71:0b:59:
39:e6:4e:d6:56:29:37:1f:79:03:5f:b2:8b:2b:4b:e4:4d:95:
56:84:95:fe:fb:44:cc:43:5c:a0:1c:9d:90:eb:81:d2:32:bd:
d8:24:ad:cd:d3:f4:c1:d1:3e:58:0f:b4:2f:9a:d2:9e:d7:7e:
53:ae:8c:5c:54:30:b6:95:d4:c6:90:cc:44:00:07:1e:95:4b:
ac:04:94:47:65:bb:26:bd:db:08:64:d9:38:2b:b2:0b:51:54:
46:4f:a6:2e:45:e0:ac:e2:67:c8:b2:58:4d:f7:68:19:33:0b:
82:4c:8d:48:2a:1a:14:d5:a6:be:d4:cc:e1:d3:d3:93:89:08:
8a:ff:04:fc:f7:14:b1:24:0c:8b:f6:75:58:3c:93:87:74:7c:
99:f8:13:a4:c1:94:e4:32:10:37:e8:21:0d:73:f6:72:5f:b8:
7d:10:dd:61:4e:98:ab:bf:e5:e9:85:f4:c8:db:70:ac:21:5e:
e5:b4:b9:7f:f6:32:cb:59:da:bf:25:02:0a:87:d5:35:96:da:
74:e2:c9:0a:ea:4d:06:f7:da:bd:c2:d1:57:f0:b7:79:6f:78:
48:85:ae:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQmbClgESkUyEwet7aCX1MZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2OGM2NWU2OTliNTc2YWIxMTNhNzliZTg4Mjg5NDhmMWU2
Y2MyNjAwHhcNMjUwMTAyMDk1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTIxM2M1NzMyMTc2MTMwMzdmOWRhMjg2YjE5OTg1OGFhNTJkMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLho2EGXvAR6VVDMZ881c71ZeTyl
AWG0KtbNU6z8sZh7MFlNfD6VLU04awYD7oK5Mvo7WBpQsKjFlP2ON7Sg5WOpxmwL
AplyU7xCXV0pxKA9yVCGqKEtM5XHu8a0JRnqJQNv4fExuuWfOWHRFck+GnvBHtc2
K22uLWqQGXpIhXGnsfkLl/ue62nmHhV2Gk/rHdYIeNIklca8i01xC9uAP21oih+7
cCAinQQ2+brn2W8Ztsq4AR3Rpowj3V1vzxBZNft7pcvv/M8ZYhWrmFSEPLWpOfpZ
YbMVNWP+zFvfsasEM5LekoxW9uzL711ieSrSrZQ0oLQsawqG5dXs8IgT/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIkhPFcyF2EwN/naKGsZmFiqUtKqMB8GA1UdIwQY
MBaAFMaMZeaZtXarETp5vogolI8ebMJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYt
NjA3ZDRmMzdmNTlmLzEvaVNFOFZ6SVhZVEEzLWRvb2F4bVlXS3BTMHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zNDBjNzMtNzllZS00OTI2LThlNGYtNjA3ZDRmMzdmNTlm
LzEveG94bDVwbTFkcXNST25tLWlDaVVqeDVzd21BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwcAIAEGfAGw
AwUAKg0tRQMFACoOxsYwDQYJKoZIhvcNAQELBQADggEBABEiRxL9obBde5s+dC5B
UhUK3/GdeND78cc/KD6MBX5So3ELWTnmTtZWKTcfeQNfsosrS+RNlVaElf77RMxD
XKAcnZDrgdIyvdgkrc3T9MHRPlgPtC+a0p7XflOujFxUMLaV1MaQzEQABx6VS6wE
lEdluya92whk2TgrsgtRVEZPpi5F4KziZ8iyWE33aBkzC4JMjUgqGhTVpr7UzOHT
05OJCIr/BPz3FLEkDIv2dVg8k4d0fJn4E6TBlOQyEDfoIQ1z9nJfuH0Q3WFOmKu/
5emF9MjbcKwhXuW0uX/2MstZ2r8lAgqH1TWW2nTiyQrqTQb32r3C0Vfwt3lveEiF
rtE=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:23:55 2025 by rpki-client