Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/FwjOhi182_59p8dwQga5XgkbJ0s.roa
File: FwjOhi182_59p8dwQga5XgkbJ0s.roa (raw, json)
Hash identifier: Mc8kDGGDUHY1tIZcCKRSsVLGZ6kIEWbGczkswWitHog=
Subject key identifier: 17:08:CE:86:2D:7C:DB:FE:7D:A7:C7:70:42:06:B9:5E:09:1B:27:4B
Certificate issuer: /CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Certificate serial: 01942746D0E5E40C40C64DBA15B713E57BC5
Authority key identifier: F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/FwjOhi182_59p8dwQga5XgkbJ0s.roa
Signing time: Thu 02 Jan 2025 13:48:59 +0000
ROA not before: Thu 02 Jan 2025 13:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3223
IP address blocks: 2001:67c:b30::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:d0:e5:e4:0c:40:c6:4d:ba:15:b7:13:e5:7b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0d9cbbefde612e61e0cd0ff0b871961cbf797e3
Validity
Not Before: Jan 2 13:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1708ce862d7cdbfe7da7c7704206b95e091b274b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ea:2b:91:78:0f:dd:41:17:aa:f7:22:a8:4d:
ee:10:db:8c:18:15:72:c5:5e:b5:b7:a1:7d:38:fe:
f6:72:79:88:09:5d:66:58:5a:12:9d:d1:01:a6:46:
86:70:45:3e:56:99:e4:aa:93:03:de:f5:94:ed:76:
d4:e9:41:ab:3e:80:59:83:7e:69:ca:a9:9f:bb:58:
1f:d5:4a:b5:f7:ac:a8:2a:77:b2:72:ed:bb:ed:e6:
f8:bc:f9:39:e0:45:ea:84:f5:93:86:6d:30:a7:19:
4f:53:2c:33:0c:e1:51:25:00:b4:0e:7a:07:40:1b:
ad:84:08:2c:ff:30:ce:18:f1:93:32:0f:5f:b5:b6:
8f:83:9d:81:f2:b2:6a:05:18:b6:48:fd:91:b7:d7:
be:b7:8d:e6:d8:25:fd:3d:e2:d9:94:aa:29:84:24:
14:3a:1e:a1:1b:87:f4:86:07:b4:14:af:c9:f5:f3:
c0:b7:5f:60:bf:3f:d0:b4:7a:62:c0:fc:2b:71:63:
8c:b6:e7:84:ab:7c:17:d4:6f:87:c7:67:36:c9:de:
b6:cb:6b:30:14:c9:3c:a2:be:4f:94:66:88:50:f0:
13:21:9d:aa:ec:cc:21:3f:d2:54:aa:7a:bc:fe:f5:
09:35:fd:3c:c4:2f:b9:2a:10:a4:be:ae:1d:5c:0c:
3c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:08:CE:86:2D:7C:DB:FE:7D:A7:C7:70:42:06:B9:5E:09:1B:27:4B
X509v3 Authority Key Identifier:
keyid:F0:D9:CB:BE:FD:E6:12:E6:1E:0C:D0:FF:0B:87:19:61:CB:F7:97:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8NnLvv3mEuYeDND_C4cZYcv3l-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/FwjOhi182_59p8dwQga5XgkbJ0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/49969e-546c-43e5-8dbd-f92915a968bc/1/8NnLvv3mEuYeDND_C4cZYcv3l-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b30::/48
Signature Algorithm: sha256WithRSAEncryption
68:26:47:c2:58:54:a8:a3:89:16:6f:2a:cd:30:9b:3c:f5:11:
fc:ca:f2:e4:3f:30:39:7d:51:a3:4c:d6:50:42:ad:78:20:d1:
16:0c:79:c9:e6:ad:06:8c:47:88:67:b5:c7:db:65:ad:1b:87:
d1:79:3f:b2:92:cc:46:3f:b5:a8:3e:5d:32:88:a2:23:c6:4b:
8e:c5:a9:53:1a:70:9b:cf:27:a1:52:bd:32:b3:0a:46:13:fd:
62:87:4a:29:54:fa:05:60:6a:99:8f:d0:e2:af:75:0d:9f:46:
37:a6:19:a3:15:af:75:3c:b1:de:2a:56:7d:42:7a:d5:9f:d5:
00:18:a9:43:ba:ee:2f:83:ba:4e:ca:9a:41:b6:1c:dd:2a:7d:
2d:dc:ac:da:33:3c:fd:6a:f2:e3:81:ed:da:99:6c:16:a2:29:
d9:70:50:d7:40:66:ff:3e:5d:ba:59:e2:97:33:50:4a:a5:18:
cb:c8:f3:1e:dd:e7:13:0a:f8:0c:0f:d1:bc:2d:17:4c:45:33:
cc:92:32:25:92:cc:cd:7c:58:21:3a:45:2c:87:dd:d7:10:18:
43:bd:00:05:9f:81:c6:45:f3:f4:e2:fb:14:07:b3:cf:d8:63:
e4:66:82:e9:98:1b:31:1d:62:c7:b1:47:e8:de:e0:d3:55:c1:
83:62:4d:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRtDl5AxAxk26FbcT5XvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZDljYmJlZmRlNjEyZTYxZTBjZDBmZjBiODcxOTYxY2Jm
Nzk3ZTMwHhcNMjUwMTAyMTM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzA4Y2U4NjJkN2NkYmZlN2RhN2M3NzA0MjA2Yjk1ZTA5MWIyNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+orkXgP3UEXqvciqE3uENuMGBVy
xV61t6F9OP72cnmICV1mWFoSndEBpkaGcEU+VpnkqpMD3vWU7XbU6UGrPoBZg35p
yqmfu1gf1Uq196yoKneycu277eb4vPk54EXqhPWThm0wpxlPUywzDOFRJQC0DnoH
QButhAgs/zDOGPGTMg9ftbaPg52B8rJqBRi2SP2Rt9e+t43m2CX9PeLZlKophCQU
Oh6hG4f0hge0FK/J9fPAt19gvz/QtHpiwPwrcWOMtueEq3wX1G+Hx2c2yd62y2sw
FMk8or5PlGaIUPATIZ2q7MwhP9JUqnq8/vUJNf08xC+5KhCkvq4dXAw88QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFBcIzoYtfNv+fafHcEIGuV4JGydLMB8GA1UdIwQY
MBaAFPDZy7795hLmHgzQ/wuHGWHL95fjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQt
ZjkyOTE1YTk2OGJjLzEvRndqT2hpMTgyXzU5cDhkd1FnYTVYZ2tiSjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC80OTk2OWUtNTQ2Yy00M2U1LThkYmQtZjkyOTE1YTk2OGJj
LzEvOE5uTHZ2M21FdVllRE5EX0M0Y1pZY3YzbC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAsw
MA0GCSqGSIb3DQEBCwUAA4IBAQBoJkfCWFSoo4kWbyrNMJs89RH8yvLkPzA5fVGj
TNZQQq14INEWDHnJ5q0GjEeIZ7XH22WtG4fReT+yksxGP7WoPl0yiKIjxkuOxalT
GnCbzyehUr0yswpGE/1ih0opVPoFYGqZj9Dir3UNn0Y3phmjFa91PLHeKlZ9QnrV
n9UAGKlDuu4vg7pOyppBthzdKn0t3KzaMzz9avLjge3amWwWoinZcFDXQGb/Pl26
WeKXM1BKpRjLyPMe3ecTCvgMD9G8LRdMRTPMkjIlkszNfFghOkUsh93XEBhDvQAF
n4HGRfP04vsUB7PP2GPkZoLpmBsxHWLHsUfo3uDTVcGDYk17
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:35:38 2025 by rpki-client