Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/960ydd6N5IVjJ8SKw0-cCFu0l5A.roa
File: 960ydd6N5IVjJ8SKw0-cCFu0l5A.roa (raw, json)
Hash identifier: vdzIyqJL7Fj4rd7R5SOUV3BY5/WQ96AWM5L49KfXiUE=
Subject key identifier: F7:AD:32:75:DE:8D:E4:85:63:27:C4:8A:C3:4F:9C:08:5B:B4:97:90
Certificate issuer: /CN=8e0f683867ef769a0a22ade17118ed06fa57b81f
Certificate serial: 019426D96C7AF90E2BBCEF4F3E7F459B6664
Authority key identifier: 8E:0F:68:38:67:EF:76:9A:0A:22:AD:E1:71:18:ED:06:FA:57:B8:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jg9oOGfvdpoKIq3hcRjtBvpXuB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/960ydd6N5IVjJ8SKw0-cCFu0l5A.roa
Signing time: Thu 02 Jan 2025 11:49:30 +0000
ROA not before: Thu 02 Jan 2025 11:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215387
IP address blocks: 2001:67c:e24::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:6c:7a:f9:0e:2b:bc:ef:4f:3e:7f:45:9b:66:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e0f683867ef769a0a22ade17118ed06fa57b81f
Validity
Not Before: Jan 2 11:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7ad3275de8de4856327c48ac34f9c085bb49790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:91:d8:f3:36:e2:36:88:c8:1a:40:4a:a8:07:
3d:5b:b1:44:ca:d3:ae:17:97:e9:0c:bd:1a:59:94:
97:08:af:41:b7:fe:84:1c:82:85:bb:66:5f:b2:d0:
05:2f:b4:ed:65:94:e4:98:0f:ed:f9:12:bf:21:c7:
21:de:86:0e:be:78:29:45:4f:9c:06:a3:a4:4a:5d:
d2:2d:d7:80:6d:a8:10:b0:70:d6:0a:95:a9:bd:02:
a3:69:fa:72:f2:16:f6:cc:3a:a2:05:6e:b0:77:24:
66:10:90:8c:c2:fc:f0:99:59:a2:08:4e:9b:9e:d6:
30:6d:6d:a5:b4:b0:c4:f3:f9:c2:04:66:36:74:2a:
bd:db:dd:ea:c8:a0:bf:1a:1b:5f:1f:af:79:47:9e:
97:4a:3a:70:64:e4:47:93:73:03:bd:d2:68:d9:3a:
67:dd:aa:dc:c0:c0:3c:36:9e:07:30:57:ab:e2:97:
a3:d0:35:ba:09:a9:0f:4d:66:bd:7d:20:9a:bd:f3:
65:2f:80:9f:82:92:4a:24:c0:6d:de:49:12:77:b4:
5d:de:a6:f2:f0:71:6b:e1:10:4d:4d:04:a9:a2:80:
14:07:79:ab:9e:5c:b3:4b:a6:10:68:b9:86:c8:ac:
0f:be:a9:c7:a6:c5:e6:a8:de:18:ad:da:82:9d:70:
40:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AD:32:75:DE:8D:E4:85:63:27:C4:8A:C3:4F:9C:08:5B:B4:97:90
X509v3 Authority Key Identifier:
keyid:8E:0F:68:38:67:EF:76:9A:0A:22:AD:E1:71:18:ED:06:FA:57:B8:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jg9oOGfvdpoKIq3hcRjtBvpXuB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/960ydd6N5IVjJ8SKw0-cCFu0l5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/86c002-758b-495a-b9cd-7b0dc00a8c20/1/jg9oOGfvdpoKIq3hcRjtBvpXuB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e24::/48
Signature Algorithm: sha256WithRSAEncryption
b7:a6:f5:fc:5a:46:18:8c:61:cb:5e:5d:65:e0:7e:8e:95:90:
74:91:8c:29:93:0d:75:1e:2f:17:ef:ea:2d:42:75:6a:78:9e:
96:ab:1f:32:f7:77:93:5b:68:a5:5a:65:38:70:f3:5e:e6:32:
fd:08:a9:53:3c:c2:12:5a:d2:5a:60:67:ee:fa:bd:b0:a3:2d:
a9:ec:e4:21:11:12:51:c0:53:14:ba:30:95:84:2f:2e:5c:0c:
2a:76:fd:6c:70:0d:17:ee:58:c8:bf:91:83:43:ae:bf:66:08:
c6:f8:a6:c9:01:0c:c9:26:eb:58:9d:ea:dc:4a:8c:39:34:28:
73:75:6e:09:1c:f8:37:b6:68:ae:d4:da:19:8a:69:3c:3f:c8:
07:4b:92:1f:a4:60:2e:fe:5e:22:7e:4b:9a:24:c1:62:4f:95:
df:c7:bb:d3:84:61:e0:df:2a:45:8b:d6:1e:03:7a:a3:33:d8:
0f:d0:fe:0c:16:1d:52:b9:26:c7:62:b2:f0:0c:04:fb:d3:fd:
ed:e9:3c:17:d1:5c:9b:1e:ec:c3:24:7c:56:46:6c:2c:9f:ce:
fd:34:2e:02:59:23:f6:f1:5d:65:f7:52:0b:1c:95:91:4d:a2:
b8:4d:1b:9b:6c:2a:da:d4:0d:c4:b9:8b:3c:1e:f4:48:8e:68:
54:b4:e6:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2Wx6+Q4rvO9PPn9Fm2ZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMGY2ODM4NjdlZjc2OWEwYTIyYWRlMTcxMThlZDA2ZmE1
N2I4MWYwHhcNMjUwMTAyMTE0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FkMzI3NWRlOGRlNDg1NjMyN2M0OGFjMzRmOWMwODViYjQ5NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJHY8zbiNojIGkBKqAc9W7FEytOu
F5fpDL0aWZSXCK9Bt/6EHIKFu2ZfstAFL7TtZZTkmA/t+RK/Icch3oYOvngpRU+c
BqOkSl3SLdeAbagQsHDWCpWpvQKjafpy8hb2zDqiBW6wdyRmEJCMwvzwmVmiCE6b
ntYwbW2ltLDE8/nCBGY2dCq9293qyKC/GhtfH695R56XSjpwZORHk3MDvdJo2Tpn
3arcwMA8Np4HMFer4pej0DW6CakPTWa9fSCavfNlL4CfgpJKJMBt3kkSd7Rd3qby
8HFr4RBNTQSpooAUB3mrnlyzS6YQaLmGyKwPvqnHpsXmqN4YrdqCnXBA9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPetMnXejeSFYyfEisNPnAhbtJeQMB8GA1UdIwQY
MBaAFI4PaDhn73aaCiKt4XEY7Qb6V7gfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamc5b09HZnZkcG9LSXEzaGNSanRCdnBYdUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84NmMwMDItNzU4Yi00OTVhLWI5Y2Qt
N2IwZGMwMGE4YzIwLzEvOTYweWRkNk41SVZqSjhTS3cwLWNDRnUwbDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84NmMwMDItNzU4Yi00OTVhLWI5Y2QtN2IwZGMwMGE4YzIw
LzEvamc5b09HZnZkcG9LSXEzaGNSanRCdnBYdUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA4k
MA0GCSqGSIb3DQEBCwUAA4IBAQC3pvX8WkYYjGHLXl1l4H6OlZB0kYwpkw11Hi8X
7+otQnVqeJ6Wqx8y93eTW2ilWmU4cPNe5jL9CKlTPMISWtJaYGfu+r2woy2p7OQh
ERJRwFMUujCVhC8uXAwqdv1scA0X7ljIv5GDQ66/ZgjG+KbJAQzJJutYnercSow5
NChzdW4JHPg3tmiu1NoZimk8P8gHS5IfpGAu/l4ifkuaJMFiT5Xfx7vThGHg3ypF
i9YeA3qjM9gP0P4MFh1SuSbHYrLwDAT70/3t6TwX0VybHuzDJHxWRmwsn879NC4C
WSP28V1l91ILHJWRTaK4TRubbCra1A3EuYs8HvRIjmhUtOYv
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:02 2025 by rpki-client