Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/vHQRV0jRUXExLLAYBdY2ODpzWoo.roa
File: vHQRV0jRUXExLLAYBdY2ODpzWoo.roa (raw, json)
Hash identifier: 7UhAMCr3OjHllJdnfdmjdJInrKVauXU3M4e5nn0fWuA=
Subject key identifier: BC:74:11:57:48:D1:51:71:31:2C:B0:18:05:D6:36:38:3A:73:5A:8A
Certificate issuer: /CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Certificate serial: 01941F8C1DC0EAF07C60F015D062477730F6
Authority key identifier: CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/vHQRV0jRUXExLLAYBdY2ODpzWoo.roa
Signing time: Wed 01 Jan 2025 01:47:43 +0000
ROA not before: Wed 01 Jan 2025 01:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 2001:678:d4c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1d:c0:ea:f0:7c:60:f0:15:d0:62:47:77:30:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Validity
Not Before: Jan 1 01:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc74115748d15171312cb01805d636383a735a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:96:53:f5:b7:13:88:e8:b1:39:b2:a0:d2:dd:
91:94:d8:c8:39:d5:d3:3c:eb:48:d6:4c:31:53:c0:
c8:a6:75:2e:57:15:74:4c:9b:93:6c:01:75:c1:23:
94:58:43:db:48:46:25:d4:4c:46:b7:f5:05:e5:d3:
1f:e1:e1:4c:38:fb:f0:15:13:66:ee:99:22:38:01:
04:e4:f3:ea:65:aa:ce:e9:66:48:8e:ca:d2:8a:1d:
fc:76:e2:a3:60:10:c0:32:79:8c:24:42:b0:4e:fe:
ce:d1:a5:74:c0:22:b4:cf:0a:8e:63:6e:62:96:ec:
d9:2f:b0:44:87:ef:63:a1:11:c9:63:37:69:74:79:
b9:62:99:04:43:f4:f9:88:0a:25:7c:9c:c4:55:17:
8f:b5:fb:8e:11:85:e4:4e:2e:f2:b5:d9:0a:81:6d:
ce:f7:63:f3:e9:9b:be:e1:d7:47:ca:1f:9d:fe:8e:
3e:f8:ef:8d:48:b4:a7:c8:22:ad:27:df:1e:7e:10:
bf:29:fb:4f:f2:b2:7c:83:be:c8:2d:bd:42:f9:73:
43:4c:94:95:4d:cb:6e:a2:73:da:66:10:34:9f:a4:
ad:6d:7e:1f:91:d7:f4:2f:22:e7:e7:78:b7:14:7a:
c9:22:44:3e:99:87:ea:60:90:27:dd:9c:74:d0:27:
32:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:74:11:57:48:D1:51:71:31:2C:B0:18:05:D6:36:38:3A:73:5A:8A
X509v3 Authority Key Identifier:
keyid:CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/vHQRV0jRUXExLLAYBdY2ODpzWoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d4c::/48
Signature Algorithm: sha256WithRSAEncryption
8d:da:61:7c:90:9b:19:f8:78:fc:23:52:e8:61:39:fa:a1:a1:
f5:fe:f3:8f:42:bf:51:35:9a:78:ef:b8:94:39:cf:67:81:3b:
67:bc:e6:c6:e1:ba:bc:6c:79:c1:62:2a:db:19:e4:4f:3c:5e:
e3:a5:e5:05:57:43:2f:76:82:d1:7a:8a:e3:59:27:b0:90:de:
49:cd:17:61:2b:07:f0:e5:b8:c1:88:2b:88:f2:ef:e1:4a:4a:
61:4b:2a:6a:13:fa:e0:f6:63:4a:97:ad:10:ed:68:69:23:d2:
8b:31:74:99:e6:30:42:d6:4f:5e:c0:68:4f:e9:f2:cd:cc:58:
21:00:a8:ce:fc:62:07:0c:74:aa:9c:31:4e:8a:e8:61:f8:00:
02:57:fa:cb:b5:c8:cf:be:d0:f7:93:d4:b5:43:31:27:a9:72:
e0:b5:5c:30:39:73:5b:2e:32:e1:04:1f:39:5d:0b:ed:d4:f6:
31:05:e3:99:75:8b:b9:df:ea:61:62:cb:c7:0b:0d:36:fc:0e:
a8:bd:aa:38:16:15:cd:e3:ab:83:53:0a:d4:ea:12:2a:e2:a8:
d9:40:dc:c2:60:9b:6c:59:cc:10:70:28:38:62:89:b4:a0:38:
82:c1:41:0a:83:ff:c7:8c:9f:d1:4e:be:78:72:8e:f8:c6:f3:
61:9d:2b:88
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjB3A6vB8YPAV0GJHdzD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTQzNjkwMjMwYTQ0MGE2OGI3YThhYTk4Mjc5ZjJmNjVk
ZmVlMjgwHhcNMjUwMTAxMDE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc0MTE1NzQ4ZDE1MTcxMzEyY2IwMTgwNWQ2MzYzODNhNzM1YThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZZT9bcTiOixObKg0t2RlNjIOdXT
POtI1kwxU8DIpnUuVxV0TJuTbAF1wSOUWEPbSEYl1ExGt/UF5dMf4eFMOPvwFRNm
7pkiOAEE5PPqZarO6WZIjsrSih38duKjYBDAMnmMJEKwTv7O0aV0wCK0zwqOY25i
luzZL7BEh+9joRHJYzdpdHm5YpkEQ/T5iAolfJzEVRePtfuOEYXkTi7ytdkKgW3O
92Pz6Zu+4ddHyh+d/o4++O+NSLSnyCKtJ98efhC/KftP8rJ8g77ILb1C+XNDTJSV
TctuonPaZhA0n6StbX4fkdf0LyLn53i3FHrJIkQ+mYfqYJAn3Zx00CcyEwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLx0EVdI0VFxMSywGAXWNjg6c1qKMB8GA1UdIwQY
MBaAFM0UNpAjCkQKaLeoqpgnny9l3+4oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAt
OGVlM2Q5OGNhZDViLzEvdkhRUlYwalJVWEV4TExBWUJkWTJPRHB6V29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAtOGVlM2Q5OGNhZDVi
LzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA1M
MA0GCSqGSIb3DQEBCwUAA4IBAQCN2mF8kJsZ+Hj8I1LoYTn6oaH1/vOPQr9RNZp4
77iUOc9ngTtnvObG4bq8bHnBYirbGeRPPF7jpeUFV0MvdoLReorjWSewkN5JzRdh
Kwfw5bjBiCuI8u/hSkphSypqE/rg9mNKl60Q7WhpI9KLMXSZ5jBC1k9ewGhP6fLN
zFghAKjO/GIHDHSqnDFOiuhh+AACV/rLtcjPvtD3k9S1QzEnqXLgtVwwOXNbLjLh
BB85XQvt1PYxBeOZdYu53+phYsvHCw02/A6ovao4FhXN46uDUwrU6hIq4qjZQNzC
YJtsWcwQcCg4Yom0oDiCwUEKg//HjJ/RTr54co74xvNhnSuI
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:34:03 2025 by rpki-client