Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/89688c-e094-4316-8130-aa2f8a2b0e88/1/MDg3SGQivd4Gkhmi2ar9KtkbxPw.roa
File: MDg3SGQivd4Gkhmi2ar9KtkbxPw.roa (raw, json)
Hash identifier: kp0L4LourZESQv5PNyUfmc/3RRGNdSH3s5Vl6lYig18=
Subject key identifier: 30:38:37:48:64:22:BD:DE:06:92:19:A2:D9:AA:FD:2A:D9:1B:C4:FC
Certificate issuer: /CN=f7ff3e7d8659e8ae9f6f4f31d3f24fdb3c6df527
Certificate serial: 0194F5017B80FE8A80967E859862EF29E445
Authority key identifier: F7:FF:3E:7D:86:59:E8:AE:9F:6F:4F:31:D3:F2:4F:DB:3C:6D:F5:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9_8-fYZZ6K6fb08x0_JP2zxt9Sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/89688c-e094-4316-8130-aa2f8a2b0e88/1/MDg3SGQivd4Gkhmi2ar9KtkbxPw.roa
Signing time: Tue 11 Feb 2025 12:35:02 +0000
ROA not before: Tue 11 Feb 2025 12:35:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213467
IP address blocks: 2001:678:102c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f5:01:7b:80:fe:8a:80:96:7e:85:98:62:ef:29:e4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7ff3e7d8659e8ae9f6f4f31d3f24fdb3c6df527
Validity
Not Before: Feb 11 12:35:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=303837486422bdde069219a2d9aafd2ad91bc4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:db:33:c7:fc:b1:24:62:ba:be:85:74:47:e5:
90:68:a4:d7:cb:4b:0e:ef:e5:81:52:d7:fe:27:15:
e3:d5:20:a5:4c:51:61:d7:80:70:cf:5e:07:db:ee:
d1:4d:40:3a:16:59:a9:37:20:86:58:21:c9:65:1a:
c5:2b:ab:a9:cd:c4:6a:09:dc:16:49:38:38:ec:99:
86:3d:b0:cb:ff:f3:cc:01:49:85:96:30:6f:eb:9e:
c5:b0:bf:ab:35:12:cb:5a:42:d7:79:14:9b:93:13:
e7:8d:6f:fd:fa:8f:c4:18:09:83:34:1b:4c:e4:ad:
4f:b0:75:04:d6:d8:e4:3a:ef:44:6b:e1:30:c7:19:
96:63:04:01:d7:6a:a8:e8:70:8d:73:01:86:34:5c:
04:39:fe:10:20:0b:d6:ca:b3:40:70:bb:35:95:46:
8b:f5:21:e1:1b:06:bf:34:e2:45:87:d6:57:96:ab:
20:44:bf:5d:32:a7:bf:09:a5:ce:16:40:f0:51:59:
1d:35:c3:61:43:f2:7a:83:bc:80:d4:bd:22:6c:00:
ce:ac:ff:ac:e3:a3:76:0b:46:ef:5c:ea:a2:e4:f7:
db:24:24:52:55:53:2d:6f:f3:67:68:25:ca:dc:93:
cd:6d:07:03:42:69:85:53:c9:3a:66:a9:74:bc:da:
f0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:38:37:48:64:22:BD:DE:06:92:19:A2:D9:AA:FD:2A:D9:1B:C4:FC
X509v3 Authority Key Identifier:
keyid:F7:FF:3E:7D:86:59:E8:AE:9F:6F:4F:31:D3:F2:4F:DB:3C:6D:F5:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9_8-fYZZ6K6fb08x0_JP2zxt9Sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/89688c-e094-4316-8130-aa2f8a2b0e88/1/MDg3SGQivd4Gkhmi2ar9KtkbxPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/89688c-e094-4316-8130-aa2f8a2b0e88/1/9_8-fYZZ6K6fb08x0_JP2zxt9Sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:102c::/48
Signature Algorithm: sha256WithRSAEncryption
3c:67:27:68:3d:be:d2:67:4a:ab:47:b0:ef:91:dd:55:fb:d0:
e6:74:af:94:50:cb:44:d8:fe:2b:62:ea:ef:ec:18:02:32:85:
23:53:47:77:a6:a2:82:4f:15:72:f2:a7:84:a0:1d:0d:75:d5:
52:a0:ae:34:a9:f4:5b:a7:e2:41:eb:4b:02:e7:f3:a5:20:2b:
86:f0:4a:4a:b7:d8:66:c6:de:66:55:47:04:78:cd:93:04:4a:
a8:56:2e:2e:f2:49:62:82:c7:ae:c0:bd:ab:9a:ad:f6:97:20:
9c:68:32:70:5b:e6:58:4f:7b:46:cd:2d:64:8e:39:b8:fa:fa:
38:c6:f6:02:1c:59:c2:b4:39:85:57:75:00:8f:c6:4f:cd:38:
17:ec:40:bc:9a:74:80:63:ae:55:6f:31:ba:33:35:6c:80:7d:
b0:d6:d6:72:ff:88:92:1b:6e:94:79:26:21:13:d1:09:ac:3d:
c3:0a:af:4c:7a:ed:bf:81:6f:6d:94:07:c1:b5:53:e4:14:a6:
c8:fc:20:c5:0a:64:84:16:c4:85:c9:27:b6:a3:45:b4:82:eb:
6d:27:0d:50:a6:c5:37:ff:d2:07:05:23:5e:30:5e:87:19:56:
1d:77:75:d4:ba:31:99:ac:95:e6:04:5c:7f:fe:85:5c:77:6e:
7e:79:ae:ba
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZT1AXuA/oqAln6FmGLvKeRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZmYzZTdkODY1OWU4YWU5ZjZmNGYzMWQzZjI0ZmRiM2M2
ZGY1MjcwHhcNMjUwMjExMTIzNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDM4Mzc0ODY0MjJiZGRlMDY5MjE5YTJkOWFhZmQyYWQ5MWJjNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdszx/yxJGK6voV0R+WQaKTXy0sO
7+WBUtf+JxXj1SClTFFh14Bwz14H2+7RTUA6FlmpNyCGWCHJZRrFK6upzcRqCdwW
STg47JmGPbDL//PMAUmFljBv657FsL+rNRLLWkLXeRSbkxPnjW/9+o/EGAmDNBtM
5K1PsHUE1tjkOu9Ea+EwxxmWYwQB12qo6HCNcwGGNFwEOf4QIAvWyrNAcLs1lUaL
9SHhGwa/NOJFh9ZXlqsgRL9dMqe/CaXOFkDwUVkdNcNhQ/J6g7yA1L0ibADOrP+s
46N2C0bvXOqi5PfbJCRSVVMtb/NnaCXK3JPNbQcDQmmFU8k6Zql0vNrwVQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDA4N0hkIr3eBpIZotmq/SrZG8T8MB8GA1UdIwQY
MBaAFPf/Pn2GWeiun29PMdPyT9s8bfUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOV84LWZZWlo2SzZmYjA4eDBfSlAyenh0OVNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC84OTY4OGMtZTA5NC00MzE2LTgxMzAt
YWEyZjhhMmIwZTg4LzEvTURnM1NHUWl2ZDRHa2htaTJhcjlLdGtieFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC84OTY4OGMtZTA5NC00MzE2LTgxMzAtYWEyZjhhMmIwZTg4
LzEvOV84LWZZWlo2SzZmYjA4eDBfSlAyenh0OVNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeBAs
MA0GCSqGSIb3DQEBCwUAA4IBAQA8ZydoPb7SZ0qrR7Dvkd1V+9DmdK+UUMtE2P4r
Yurv7BgCMoUjU0d3pqKCTxVy8qeEoB0NddVSoK40qfRbp+JB60sC5/OlICuG8EpK
t9hmxt5mVUcEeM2TBEqoVi4u8kligseuwL2rmq32lyCcaDJwW+ZYT3tGzS1kjjm4
+vo4xvYCHFnCtDmFV3UAj8ZPzTgX7EC8mnSAY65VbzG6MzVsgH2w1tZy/4iSG26U
eSYhE9EJrD3DCq9Meu2/gW9tlAfBtVPkFKbI/CDFCmSEFsSFySe2o0W0guttJw1Q
psU3/9IHBSNeMF6HGVYdd3XUujGZrJXmBFx//oVcd25+ea66
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:15:41 2025 by rpki-client