Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/873889-e950-4449-88b3-3b35087e418c/1/2k5CZEQJhGlIrwXhYCLsedLR31o.roa
File: 2k5CZEQJhGlIrwXhYCLsedLR31o.roa (raw, json)
Hash identifier: 4iupUZee2uWg3c4WVpMApI66kkRnZMo9wRAy59HqjVA=
Subject key identifier: DA:4E:42:64:44:09:84:69:48:AF:05:E1:60:22:EC:79:D2:D1:DF:5A
Certificate issuer: /CN=cbf4ce8ccac9963b55af4fbc33332d595861c752
Certificate serial: 018E60FEF3CABF0A8A1A8DCABB8AFF899461
Authority key identifier: CB:F4:CE:8C:CA:C9:96:3B:55:AF:4F:BC:33:33:2D:59:58:61:C7:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y_TOjMrJljtVr0-8MzMtWVhhx1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/873889-e950-4449-88b3-3b35087e418c/1/2k5CZEQJhGlIrwXhYCLsedLR31o.roa
Signing time: Thu 21 Mar 2024 12:31:44 +0000
ROA not before: Thu 21 Mar 2024 12:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215605
IP address blocks: 2001:67c:e44::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:fe:f3:ca:bf:0a:8a:1a:8d:ca:bb:8a:ff:89:94:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbf4ce8ccac9963b55af4fbc33332d595861c752
Validity
Not Before: Mar 21 12:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da4e42644409846948af05e16022ec79d2d1df5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:69:e0:93:cd:87:c1:15:a5:c5:13:1d:b6:42:
0f:17:48:23:4a:92:59:7f:a3:6c:fa:af:ce:2a:2a:
f7:9e:89:74:18:b2:cd:07:7d:b6:e4:84:a2:36:bf:
08:1a:86:9b:7f:4e:01:b6:78:c6:a7:61:f7:c1:8f:
ef:8e:af:cb:c0:8d:d8:8f:8d:3b:ae:4d:fc:83:b2:
a0:38:3a:31:93:13:45:f6:47:5f:0c:a0:66:18:29:
19:3d:dc:b0:e4:2a:8a:73:d0:b9:6d:06:c7:5f:e6:
a8:db:c5:08:10:45:50:81:c1:49:b3:1f:e7:26:d1:
a5:c7:ba:16:8f:38:f0:53:8a:52:91:41:a3:fd:96:
4e:43:a7:73:3d:b9:34:55:ce:da:af:06:ec:d3:79:
d0:c6:5c:d3:8f:1e:e7:1c:55:bf:f4:47:60:a6:0f:
1f:00:6b:2a:52:8b:9f:27:26:67:18:56:ba:5f:ef:
2b:31:f9:4e:39:09:29:ee:dd:80:08:e2:03:06:6b:
53:55:2e:68:9c:c3:9f:09:4b:54:d3:0d:ef:9a:cd:
25:7d:10:b1:62:be:e9:9a:07:eb:e9:d6:68:2f:12:
cc:b5:1d:5b:cf:d0:81:53:40:db:7a:0a:3f:c2:1b:
c9:95:0d:75:c5:42:82:cb:21:76:4f:61:1f:45:8c:
ab:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:4E:42:64:44:09:84:69:48:AF:05:E1:60:22:EC:79:D2:D1:DF:5A
X509v3 Authority Key Identifier:
keyid:CB:F4:CE:8C:CA:C9:96:3B:55:AF:4F:BC:33:33:2D:59:58:61:C7:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y_TOjMrJljtVr0-8MzMtWVhhx1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/873889-e950-4449-88b3-3b35087e418c/1/2k5CZEQJhGlIrwXhYCLsedLR31o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/873889-e950-4449-88b3-3b35087e418c/1/y_TOjMrJljtVr0-8MzMtWVhhx1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e44::/48
Signature Algorithm: sha256WithRSAEncryption
54:5c:6d:10:21:e2:57:7a:29:58:20:8f:5a:9f:2d:3e:50:57:
27:35:b3:25:4c:50:51:47:18:0e:a8:a9:d7:57:7b:b6:da:ba:
1e:15:ac:4a:f8:8d:82:c0:b4:fe:77:e1:e5:7b:5f:7c:b6:94:
ff:61:06:d3:01:ae:41:a3:44:b4:1a:cd:7c:c3:13:2d:b7:77:
10:47:5a:d5:fe:44:cf:c5:ea:a5:ad:7a:c3:58:cf:5c:d5:89:
b7:85:7f:d8:84:da:6e:c9:a3:db:72:44:79:2c:7d:24:ca:4a:
83:28:93:e7:26:d7:d9:26:a3:3a:70:f1:bb:e8:0a:69:ba:3e:
e8:82:68:68:ef:b4:b2:3c:93:46:ce:92:a7:dc:6e:c3:ff:30:
50:a5:98:23:a6:3b:dc:68:44:4e:73:3c:f4:be:2a:34:b5:6b:
07:77:ab:a0:3a:1c:c7:0f:4b:ff:41:c8:bf:a4:f3:64:a7:4b:
eb:c1:f6:25:4d:52:0e:57:7a:f2:10:73:78:1a:fa:8e:46:57:
e8:83:2f:6f:1f:7a:ca:da:9d:79:cf:86:93:63:d4:82:3e:2f:
7a:1b:62:a3:e8:0a:8e:1e:a7:c4:39:89:fe:db:30:fb:94:c4:
26:df:6c:1c:6c:c7:06:03:71:a7:33:3f:62:ae:f9:ae:e1:3f:
c5:6e:56:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY5g/vPKvwqKGo3Ku4r/iZRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZjRjZThjY2FjOTk2M2I1NWFmNGZiYzMzMzMyZDU5NTg2
MWM3NTIwHhcNMjQwMzIxMTIzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRlNDI2NDQ0MDk4NDY5NDhhZjA1ZTE2MDIyZWM3OWQyZDFkZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2ngk82HwRWlxRMdtkIPF0gjSpJZ
f6Ns+q/OKir3nol0GLLNB3225ISiNr8IGoabf04BtnjGp2H3wY/vjq/LwI3Yj407
rk38g7KgODoxkxNF9kdfDKBmGCkZPdyw5CqKc9C5bQbHX+ao28UIEEVQgcFJsx/n
JtGlx7oWjzjwU4pSkUGj/ZZOQ6dzPbk0Vc7arwbs03nQxlzTjx7nHFW/9Edgpg8f
AGsqUoufJyZnGFa6X+8rMflOOQkp7t2ACOIDBmtTVS5onMOfCUtU0w3vms0lfRCx
Yr7pmgfr6dZoLxLMtR1bz9CBU0Dbego/whvJlQ11xUKCyyF2T2EfRYyruwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNpOQmRECYRpSK8F4WAi7HnS0d9aMB8GA1UdIwQY
MBaAFMv0zozKyZY7Va9PvDMzLVlYYcdSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveV9UT2pNckpsanRWcjAtOE16TXRXVmhoeDFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84NzM4ODktZTk1MC00NDQ5LTg4YjMt
M2IzNTA4N2U0MThjLzEvMms1Q1pFUUpoR2xJcndYaFlDTHNlZExSMzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84NzM4ODktZTk1MC00NDQ5LTg4YjMtM2IzNTA4N2U0MThj
LzEveV9UT2pNckpsanRWcjAtOE16TXRXVmhoeDFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA5E
MA0GCSqGSIb3DQEBCwUAA4IBAQBUXG0QIeJXeilYII9any0+UFcnNbMlTFBRRxgO
qKnXV3u22roeFaxK+I2CwLT+d+Hle198tpT/YQbTAa5Bo0S0Gs18wxMtt3cQR1rV
/kTPxeqlrXrDWM9c1Ym3hX/YhNpuyaPbckR5LH0kykqDKJPnJtfZJqM6cPG76App
uj7ogmho77SyPJNGzpKn3G7D/zBQpZgjpjvcaEROczz0vio0tWsHd6ugOhzHD0v/
Qci/pPNkp0vrwfYlTVIOV3ryEHN4GvqORlfogy9vH3rK2p15z4aTY9SCPi96G2Kj
6AqOHqfEOYn+2zD7lMQm32wcbMcGA3GnMz9irvmu4T/FblZ/
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:09:19 2025 by rpki-client