Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/rhg0m5TQoZx8ukpxPs6B_OGSfP4.roa
File: rhg0m5TQoZx8ukpxPs6B_OGSfP4.roa (raw, json)
Hash identifier: MBQcZRbmqaZyE17cVqxXA3L5aucn3oF+oVOWkl+2m88=
Subject key identifier: AE:18:34:9B:94:D0:A1:9C:7C:BA:4A:71:3E:CE:81:FC:E1:92:7C:FE
Certificate issuer: /CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3
Certificate serial: 01942143898CF80BFB07164628DA96C073BD
Authority key identifier: 6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/rhg0m5TQoZx8ukpxPs6B_OGSfP4.roa
Signing time: Wed 01 Jan 2025 09:47:41 +0000
ROA not before: Wed 01 Jan 2025 09:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49745
IP address blocks: 2001:678:2b8::/48 maxlen: 48
2001:678:2b9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:89:8c:f8:0b:fb:07:16:46:28:da:96:c0:73:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f2c0c66b6b4612c8949800f09291cafa3865fd3
Validity
Not Before: Jan 1 09:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae18349b94d0a19c7cba4a713ece81fce1927cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8b:d8:b6:ca:b6:cf:17:97:4a:be:fe:13:48:
37:11:48:c7:a4:82:a7:76:56:f3:e2:de:78:b8:4d:
da:22:a9:51:5d:66:1c:37:82:f5:c1:21:5d:cb:98:
0c:ba:95:c2:5d:ec:55:3f:0f:c6:ab:25:03:c5:23:
56:c6:7f:6a:f1:40:c6:37:11:91:b6:14:90:55:8a:
cf:eb:e4:db:10:a4:36:06:07:19:f6:e1:d9:19:2d:
3e:ac:2e:50:68:e7:89:7a:a4:e0:0b:d6:cc:60:99:
e2:87:6b:08:98:ad:ff:68:95:da:12:38:00:28:a3:
e9:be:a0:12:57:cc:ee:e1:db:45:fb:96:b6:c4:49:
fc:c0:77:8c:61:8e:df:bb:b0:11:58:07:89:4a:69:
35:26:27:78:bb:e4:85:75:e5:c3:d8:26:92:0f:07:
d6:05:7f:28:35:38:fd:9d:9c:45:f1:a4:a6:76:52:
99:a2:71:86:eb:96:ef:f4:b2:73:10:34:e7:d5:eb:
48:d3:ff:4b:db:ca:10:a8:f5:96:49:35:eb:dd:f7:
3d:cb:63:bf:17:5e:31:f4:28:35:c9:e7:4a:8f:d1:
e3:b7:cc:69:ea:dd:08:f0:21:c5:66:f0:5a:92:68:
50:8b:92:1a:73:96:e4:ea:f9:89:1e:ee:e0:4a:62:
30:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:18:34:9B:94:D0:A1:9C:7C:BA:4A:71:3E:CE:81:FC:E1:92:7C:FE
X509v3 Authority Key Identifier:
keyid:6F:2C:0C:66:B6:B4:61:2C:89:49:80:0F:09:29:1C:AF:A3:86:5F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bywMZra0YSyJSYAPCSkcr6OGX9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/rhg0m5TQoZx8ukpxPs6B_OGSfP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4d8a74-60b8-410e-aa35-392a752464b1/1/bywMZra0YSyJSYAPCSkcr6OGX9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:2b8::/47
Signature Algorithm: sha256WithRSAEncryption
36:86:7f:23:d5:1a:ca:33:4b:fe:b9:6f:f8:5f:fd:78:9f:6a:
f8:03:a0:0d:fc:dc:a4:79:f2:da:d1:22:a0:71:2f:c5:ff:4c:
03:93:36:28:3a:99:dd:29:de:df:20:23:7e:c1:b4:ac:9e:31:
eb:c1:92:a5:3b:37:55:78:28:0a:be:32:0c:42:c4:e0:4a:f2:
5d:75:d6:9b:9c:44:21:61:f5:fb:63:52:27:cd:36:91:51:93:
50:22:e1:6d:5b:5a:2c:01:31:01:48:b8:a1:3d:c2:3d:b9:64:
e8:a2:76:e9:cf:13:b2:fe:24:b0:54:92:fe:12:b5:55:3e:3f:
00:cd:e3:44:08:56:dc:e9:0f:23:a0:7c:19:03:98:ae:a0:bb:
ee:28:cf:9d:8b:54:ce:99:03:7e:e2:a7:c9:ac:e0:87:2e:60:
20:88:71:5a:ca:6c:f5:d4:f7:18:a1:14:a7:df:91:d1:59:df:
0a:56:79:c6:45:57:79:94:41:5d:81:b8:c6:9d:1d:98:e9:44:
ef:46:63:9a:93:af:c1:3c:e2:f7:af:92:ed:55:69:29:0e:f1:
fe:f5:ec:1a:83:d0:eb:40:9e:da:b8:0b:81:57:dd:2b:bc:9f:
f8:34:c4:79:dd:d2:fb:2e:bf:b5:00:ba:25:33:39:53:89:08:
d6:b2:2a:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ4mM+Av7BxZGKNqWwHO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMmMwYzY2YjZiNDYxMmM4OTQ5ODAwZjA5MjkxY2FmYTM4
NjVmZDMwHhcNMjUwMTAxMDk0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE4MzQ5Yjk0ZDBhMTljN2NiYTRhNzEzZWNlODFmY2UxOTI3Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YvYtsq2zxeXSr7+E0g3EUjHpIKn
dlbz4t54uE3aIqlRXWYcN4L1wSFdy5gMupXCXexVPw/GqyUDxSNWxn9q8UDGNxGR
thSQVYrP6+TbEKQ2BgcZ9uHZGS0+rC5QaOeJeqTgC9bMYJnih2sImK3/aJXaEjgA
KKPpvqASV8zu4dtF+5a2xEn8wHeMYY7fu7ARWAeJSmk1Jid4u+SFdeXD2CaSDwfW
BX8oNTj9nZxF8aSmdlKZonGG65bv9LJzEDTn1etI0/9L28oQqPWWSTXr3fc9y2O/
F14x9Cg1yedKj9Hjt8xp6t0I8CHFZvBakmhQi5Iac5bk6vmJHu7gSmIw1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK4YNJuU0KGcfLpKcT7Ogfzhknz+MB8GA1UdIwQY
MBaAFG8sDGa2tGEsiUmADwkpHK+jhl/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnl3TVpyYTBZU3lKU1lBUENTa2NyNk9HWDlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80ZDhhNzQtNjBiOC00MTBlLWFhMzUt
MzkyYTc1MjQ2NGIxLzEvcmhnMG01VFFvWng4dWtweFBzNkJfT0dTZlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80ZDhhNzQtNjBiOC00MTBlLWFhMzUtMzkyYTc1MjQ2NGIx
LzEvYnl3TVpyYTBZU3lKU1lBUENTa2NyNk9HWDlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBIAEGeAK4
MA0GCSqGSIb3DQEBCwUAA4IBAQA2hn8j1RrKM0v+uW/4X/14n2r4A6AN/NykefLa
0SKgcS/F/0wDkzYoOpndKd7fICN+wbSsnjHrwZKlOzdVeCgKvjIMQsTgSvJdddab
nEQhYfX7Y1InzTaRUZNQIuFtW1osATEBSLihPcI9uWToonbpzxOy/iSwVJL+ErVV
Pj8AzeNECFbc6Q8joHwZA5iuoLvuKM+di1TOmQN+4qfJrOCHLmAgiHFaymz11PcY
oRSn35HRWd8KVnnGRVd5lEFdgbjGnR2Y6UTvRmOak6/BPOL3r5LtVWkpDvH+9ewa
g9DrQJ7auAuBV90rvJ/4NMR53dL7Lr+1ALolMzlTiQjWsip9
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:48:37 2025 by rpki-client