Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/LfrSVtlH9do-60_TEx27lHKNfrQ.roa
File: LfrSVtlH9do-60_TEx27lHKNfrQ.roa (raw, json)
Hash identifier: TpFdLJ2bXCpVRx0+Pt6yo0AUPtighW1Vwfu+RYNR6uM=
Subject key identifier: 2D:FA:D2:56:D9:47:F5:DA:3E:EB:4F:D3:13:1D:BB:94:72:8D:7E:B4
Certificate issuer: /CN=77e8bbf8643abd62ff3f42bec4c0b2db977596d7
Certificate serial: 019425218AF6A4B236838B013399CA127882
Authority key identifier: 77:E8:BB:F8:64:3A:BD:62:FF:3F:42:BE:C4:C0:B2:DB:97:75:96:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-i7-GQ6vWL_P0K-xMCy25d1ltc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/LfrSVtlH9do-60_TEx27lHKNfrQ.roa
Signing time: Thu 02 Jan 2025 03:49:02 +0000
ROA not before: Thu 02 Jan 2025 03:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56595
IP address blocks: 2001:67c:74c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8a:f6:a4:b2:36:83:8b:01:33:99:ca:12:78:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77e8bbf8643abd62ff3f42bec4c0b2db977596d7
Validity
Not Before: Jan 2 03:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dfad256d947f5da3eeb4fd3131dbb94728d7eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:eb:fb:e5:65:d6:8b:d4:17:73:67:dd:25:18:
24:e1:3e:ce:22:5a:b9:6f:fd:74:47:3a:c9:7a:77:
29:c3:33:0e:c7:d4:68:32:da:92:0c:50:81:cb:9e:
e2:5a:31:d5:b2:9c:e1:47:07:bc:84:61:a6:04:35:
5a:74:69:2e:95:39:03:37:af:3b:8c:e3:ae:53:7e:
ba:8c:03:1a:6e:a5:12:26:62:a5:8d:42:a5:f6:ef:
d7:f9:8a:20:5f:53:8a:e0:ac:27:52:30:b9:2f:9c:
7b:05:0a:5c:1f:40:7f:14:82:2f:fc:d3:38:ae:85:
ef:45:ba:a1:74:70:44:1e:dc:d9:6c:48:60:26:f6:
08:a5:ea:aa:05:58:01:90:4a:28:2b:0a:ec:19:2f:
12:c6:c3:e8:1e:a6:77:8e:e1:3e:40:fc:af:80:ce:
55:2c:a4:4d:50:fa:a5:c3:6c:3b:32:ca:4f:8f:a3:
68:22:cd:34:dc:a5:ef:5b:90:fa:d2:bd:c7:ee:4f:
49:01:ac:4a:c8:bd:87:83:da:e5:2d:f0:b5:62:d8:
96:bf:e6:4d:5f:58:90:a9:fc:c5:89:21:bb:f6:f5:
94:cf:85:a3:46:d1:d1:72:15:bd:4e:9d:1c:7f:7f:
26:9d:61:b0:19:a2:44:36:70:00:11:03:1f:48:09:
b4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FA:D2:56:D9:47:F5:DA:3E:EB:4F:D3:13:1D:BB:94:72:8D:7E:B4
X509v3 Authority Key Identifier:
keyid:77:E8:BB:F8:64:3A:BD:62:FF:3F:42:BE:C4:C0:B2:DB:97:75:96:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-i7-GQ6vWL_P0K-xMCy25d1ltc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/LfrSVtlH9do-60_TEx27lHKNfrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b870e7-7f1e-49ce-b1f9-44ccd1b51f10/1/d-i7-GQ6vWL_P0K-xMCy25d1ltc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:74c::/48
Signature Algorithm: sha256WithRSAEncryption
5c:5f:c7:e8:3e:2f:11:c3:a6:22:a4:69:98:d5:e7:59:d2:a2:
83:84:59:85:d6:a9:83:bf:77:76:4b:6d:a0:08:dd:3a:a7:46:
9f:7d:7c:d8:4a:af:10:93:35:66:f9:5e:32:1b:c1:18:f4:02:
d8:57:d9:87:fa:59:dc:19:76:5a:b9:13:c5:b8:ac:82:f1:58:
d4:6c:bc:46:db:77:be:52:8c:f9:76:77:cf:41:8a:c9:2a:e4:
32:c8:db:52:d6:24:04:3b:fc:d6:56:55:7f:77:44:66:97:fa:
37:c6:63:6b:42:bd:b1:0b:d9:11:45:da:89:ca:8e:7e:71:ce:
8f:8c:5f:c1:95:93:34:2f:51:64:ea:f8:41:ac:45:26:07:16:
84:c8:50:3a:b8:8c:c2:46:3a:cd:4c:01:c7:17:56:83:e4:76:
e7:f6:09:62:19:bb:a2:64:ae:1d:aa:cf:6a:6b:f5:81:c1:66:
47:5c:ea:99:5f:76:fb:8f:43:bf:c3:bf:a5:21:23:6e:b2:ec:
7d:83:0d:a7:ea:a7:0d:24:64:67:fd:04:65:d9:91:0b:3a:9c:
1d:d3:cb:d6:71:5b:b2:4b:2f:5f:0c:7a:19:4b:e4:63:05:f3:
43:3a:47:8a:28:79:6e:80:2b:8b:c2:68:fb:8a:c1:20:66:3b:
93:8d:f9:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIYr2pLI2g4sBM5nKEniCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZThiYmY4NjQzYWJkNjJmZjNmNDJiZWM0YzBiMmRiOTc3
NTk2ZDcwHhcNMjUwMTAyMDM0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZhZDI1NmQ5NDdmNWRhM2VlYjRmZDMxMzFkYmI5NDcyOGQ3ZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+v75WXWi9QXc2fdJRgk4T7OIlq5
b/10RzrJencpwzMOx9RoMtqSDFCBy57iWjHVspzhRwe8hGGmBDVadGkulTkDN687
jOOuU366jAMabqUSJmKljUKl9u/X+YogX1OK4KwnUjC5L5x7BQpcH0B/FIIv/NM4
roXvRbqhdHBEHtzZbEhgJvYIpeqqBVgBkEooKwrsGS8SxsPoHqZ3juE+QPyvgM5V
LKRNUPqlw2w7MspPj6NoIs003KXvW5D60r3H7k9JAaxKyL2Hg9rlLfC1YtiWv+ZN
X1iQqfzFiSG79vWUz4WjRtHRchW9Tp0cf38mnWGwGaJENnAAEQMfSAm0gwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC360lbZR/XaPutP0xMdu5RyjX60MB8GA1UdIwQY
MBaAFHfou/hkOr1i/z9CvsTAstuXdZbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1pNy1HUTZ2V0xfUDBLLXhNQ3kyNWQxbHRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iODcwZTctN2YxZS00OWNlLWIxZjkt
NDRjY2QxYjUxZjEwLzEvTGZyU1Z0bEg5ZG8tNjBfVEV4MjdsSEtOZnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iODcwZTctN2YxZS00OWNlLWIxZjktNDRjY2QxYjUxZjEw
LzEvZC1pNy1HUTZ2V0xfUDBLLXhNQ3kyNWQxbHRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAdM
MA0GCSqGSIb3DQEBCwUAA4IBAQBcX8foPi8Rw6YipGmY1edZ0qKDhFmF1qmDv3d2
S22gCN06p0affXzYSq8QkzVm+V4yG8EY9ALYV9mH+lncGXZauRPFuKyC8VjUbLxG
23e+Uoz5dnfPQYrJKuQyyNtS1iQEO/zWVlV/d0Rml/o3xmNrQr2xC9kRRdqJyo5+
cc6PjF/BlZM0L1Fk6vhBrEUmBxaEyFA6uIzCRjrNTAHHF1aD5Hbn9gliGbuiZK4d
qs9qa/WBwWZHXOqZX3b7j0O/w7+lISNusux9gw2n6qcNJGRn/QRl2ZELOpwd08vW
cVuySy9fDHoZS+RjBfNDOkeKKHlugCuLwmj7isEgZjuTjfll
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:17:13 2025 by rpki-client