Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/2I3jn_6COo4MLJCtwDEUz0msXUQ.roa
File: 2I3jn_6COo4MLJCtwDEUz0msXUQ.roa (raw, json)
Hash identifier: QqU2GXejMbK5sJK9pJbBOUENZC/s+18cLi4W30ClRxo=
Subject key identifier: D8:8D:E3:9F:FE:82:3A:8E:0C:2C:90:AD:C0:31:14:CF:49:AC:5D:44
Certificate issuer: /CN=727309f110347cc61b8c27bbfbf10a6bfb408358
Certificate serial: 01942444FC8F1AC548E7621CFA5B7AD38A2B
Authority key identifier: 72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/2I3jn_6COo4MLJCtwDEUz0msXUQ.roa
Signing time: Wed 01 Jan 2025 23:48:08 +0000
ROA not before: Wed 01 Jan 2025 23:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199351
IP address blocks: 2001:67c:1394::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:fc:8f:1a:c5:48:e7:62:1c:fa:5b:7a:d3:8a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=727309f110347cc61b8c27bbfbf10a6bfb408358
Validity
Not Before: Jan 1 23:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d88de39ffe823a8e0c2c90adc03114cf49ac5d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:4c:9b:26:6f:98:9f:04:f1:aa:3b:9d:6d:
ae:05:8d:52:97:b5:7d:59:0d:f5:4e:79:eb:21:39:
a9:f2:cb:35:12:0f:0a:ae:25:79:31:e7:fa:e2:4e:
80:45:0c:8c:30:5b:1d:af:a7:85:b8:35:4d:18:c5:
9c:e9:1a:52:a5:df:57:b3:2d:a9:d7:0f:fc:af:c5:
db:22:77:e4:81:75:5c:7a:75:25:de:7e:e4:b4:d8:
1c:eb:d1:33:1e:bc:6e:0a:42:43:cb:9c:b6:d8:7f:
bb:19:32:e2:f6:27:e3:d9:51:36:d9:86:ec:6c:96:
ff:de:db:76:a8:89:0e:10:46:a8:8d:9c:6b:cb:f7:
b2:2c:e5:da:25:a2:70:72:d3:2b:20:ac:6c:2d:e1:
b2:11:c9:a4:a7:93:6d:d7:03:f5:04:2c:1e:a4:8c:
fb:ef:9e:b8:6c:a2:6d:b1:2d:76:1b:8c:1a:03:09:
3d:fe:9a:0a:27:6d:c0:0d:2a:0e:b6:25:50:72:ea:
94:aa:94:51:45:89:f4:f3:2f:61:6c:66:7e:51:a6:
85:01:7f:43:26:3a:51:8d:54:23:b3:2f:8e:7d:f5:
26:74:0f:55:f8:84:24:30:b7:47:81:e5:7c:fd:b0:
19:56:b6:79:95:48:49:09:b5:f5:14:5c:1a:5d:87:
1f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8D:E3:9F:FE:82:3A:8E:0C:2C:90:AD:C0:31:14:CF:49:AC:5D:44
X509v3 Authority Key Identifier:
keyid:72:73:09:F1:10:34:7C:C6:1B:8C:27:BB:FB:F1:0A:6B:FB:40:83:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/2I3jn_6COo4MLJCtwDEUz0msXUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/008909-72ea-4791-a5bf-f23346bcc217/1/cnMJ8RA0fMYbjCe7-_EKa_tAg1g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1394::/48
Signature Algorithm: sha256WithRSAEncryption
6a:3a:89:2c:02:49:6d:31:bb:f5:98:ff:4c:51:64:3c:40:7d:
0e:d5:4d:a1:20:f0:09:ad:73:c4:db:74:c2:75:b7:d8:70:e2:
48:aa:ca:be:0e:a3:54:61:1d:43:7c:3f:d8:6f:c8:7b:34:dc:
a7:be:ed:a5:29:ba:e5:26:49:05:d8:dd:1c:94:d2:ae:d2:92:
92:c4:e3:96:56:24:bd:b3:02:85:86:9d:eb:b6:a2:af:1e:2e:
3b:f3:ed:af:85:6a:c3:07:e2:c3:47:9f:e6:46:fb:ef:bd:84:
94:3b:81:0c:0e:c2:9a:60:c0:de:72:68:8e:a5:e4:d5:0d:88:
32:dc:5f:b9:7d:19:d6:b3:b5:df:e0:6b:cc:b0:0d:96:e2:01:
b7:96:ff:fe:15:fb:c3:bb:46:00:5e:43:43:08:68:8b:41:65:
a6:4d:21:fe:9e:e8:8f:2f:42:22:2e:25:70:03:9d:69:bd:9c:
c7:ec:7b:4a:87:19:46:4a:bd:93:80:14:62:fa:c8:bd:0b:e8:
45:ee:13:ac:80:7a:2a:0d:af:f7:0c:53:a5:e5:e5:ff:97:df:
13:a3:e0:2d:d3:ed:36:93:77:54:91:08:29:9a:73:53:de:0b:
e2:39:db:31:16:36:45:68:3d:a4:88:fc:7f:35:5f:bc:3b:d9:
0f:3c:68:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQkRPyPGsVI52Ic+lt604orMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzMwOWYxMTAzNDdjYzYxYjhjMjdiYmZiZjEwYTZiZmI0
MDgzNTgwHhcNMjUwMTAxMjM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODhkZTM5ZmZlODIzYThlMGMyYzkwYWRjMDMxMTRjZjQ5YWM1ZDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC5MmyZvmJ8E8ao7nW2uBY1Sl7V9
WQ31TnnrITmp8ss1Eg8KriV5Mef64k6ARQyMMFsdr6eFuDVNGMWc6RpSpd9Xsy2p
1w/8r8XbInfkgXVcenUl3n7ktNgc69EzHrxuCkJDy5y22H+7GTLi9ifj2VE22Ybs
bJb/3tt2qIkOEEaojZxry/eyLOXaJaJwctMrIKxsLeGyEcmkp5Nt1wP1BCwepIz7
7564bKJtsS12G4waAwk9/poKJ23ADSoOtiVQcuqUqpRRRYn08y9hbGZ+UaaFAX9D
JjpRjVQjsy+OffUmdA9V+IQkMLdHgeV8/bAZVrZ5lUhJCbX1FFwaXYcfCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNiN45/+gjqODCyQrcAxFM9JrF1EMB8GA1UdIwQY
MBaAFHJzCfEQNHzGG4wnu/vxCmv7QINYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25NSjhSQTBmTVliakNlNy1fRUthX3RBZzFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wMDg5MDktNzJlYS00NzkxLWE1YmYt
ZjIzMzQ2YmNjMjE3LzEvMkkzam5fNkNPbzRNTEpDdHdERVV6MG1zWFVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wMDg5MDktNzJlYS00NzkxLWE1YmYtZjIzMzQ2YmNjMjE3
LzEvY25NSjhSQTBmTVliakNlNy1fRUthX3RBZzFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBOU
MA0GCSqGSIb3DQEBCwUAA4IBAQBqOoksAkltMbv1mP9MUWQ8QH0O1U2hIPAJrXPE
23TCdbfYcOJIqsq+DqNUYR1DfD/Yb8h7NNynvu2lKbrlJkkF2N0clNKu0pKSxOOW
ViS9swKFhp3rtqKvHi478+2vhWrDB+LDR5/mRvvvvYSUO4EMDsKaYMDecmiOpeTV
DYgy3F+5fRnWs7Xf4GvMsA2W4gG3lv/+FfvDu0YAXkNDCGiLQWWmTSH+nuiPL0Ii
LiVwA51pvZzH7HtKhxlGSr2TgBRi+si9C+hF7hOsgHoqDa/3DFOl5eX/l98To+At
0+02k3dUkQgpmnNT3gviOdsxFjZFaD2kiPx/NV+8O9kPPGgh
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:21:17 2025 by rpki-client