Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/aRJc7_o9XgAW9PPEgC1zuufULQk.roa
File: aRJc7_o9XgAW9PPEgC1zuufULQk.roa (raw, json)
Hash identifier: aNwMxPIgMebl0KXeBZmaqOEDWlNAdOizWVRuMjJ0OEY=
Subject key identifier: 69:12:5C:EF:FA:3D:5E:00:16:F4:F3:C4:80:2D:73:BA:E7:D4:2D:09
Certificate issuer: /CN=1db93b83bafad7bfd94f676c021baab5187007f0
Certificate serial: 019421B1A08FE460D9428EBA78DCC6BE3FC4
Authority key identifier: 1D:B9:3B:83:BA:FA:D7:BF:D9:4F:67:6C:02:1B:AA:B5:18:70:07:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hbk7g7r617_ZT2dsAhuqtRhwB_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/aRJc7_o9XgAW9PPEgC1zuufULQk.roa
Signing time: Wed 01 Jan 2025 11:47:56 +0000
ROA not before: Wed 01 Jan 2025 11:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29014
IP address blocks: 2001:678:df0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a0:8f:e4:60:d9:42:8e:ba:78:dc:c6:be:3f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1db93b83bafad7bfd94f676c021baab5187007f0
Validity
Not Before: Jan 1 11:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69125ceffa3d5e0016f4f3c4802d73bae7d42d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ea:19:97:84:83:fc:19:c2:2f:6e:09:a5:f3:
40:a4:87:99:dd:de:28:40:57:53:3a:79:ed:e0:96:
d8:4d:e7:65:44:c1:4d:a9:8e:31:f0:5c:09:78:2a:
d1:dd:6d:73:f4:88:c2:0d:19:70:cf:51:a8:44:54:
02:19:ea:0c:9c:1e:15:72:b3:a7:cf:74:c0:74:b6:
40:d9:52:b5:5a:dc:62:e4:f5:36:86:22:58:54:1e:
2c:00:2a:b2:cf:29:83:6b:c2:0a:d9:b1:8b:a9:b5:
30:34:fb:0c:78:81:ef:3f:e1:da:57:e3:fe:d7:27:
cb:d2:0d:8e:55:9e:c6:bc:99:17:39:fe:72:b6:d9:
8d:6d:34:7c:2f:72:39:89:36:f1:a0:a4:aa:bb:61:
22:31:fc:ac:04:c7:1a:9b:a6:21:df:fd:0c:cb:0a:
ff:3d:94:9d:4f:1a:01:71:69:88:2d:b2:45:b0:63:
09:0c:ca:25:6c:dd:b9:e2:14:0b:dd:e8:43:35:2b:
c0:db:e6:91:55:cb:16:32:55:9d:d8:93:98:da:e5:
47:90:f4:ba:b0:9d:d1:7d:ad:cd:51:78:f7:f0:f9:
20:b4:1f:ae:b0:ad:89:86:f4:e1:1c:af:50:77:da:
58:f5:03:da:11:cf:b9:c1:be:fd:1d:f5:ac:49:1a:
c1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:12:5C:EF:FA:3D:5E:00:16:F4:F3:C4:80:2D:73:BA:E7:D4:2D:09
X509v3 Authority Key Identifier:
keyid:1D:B9:3B:83:BA:FA:D7:BF:D9:4F:67:6C:02:1B:AA:B5:18:70:07:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hbk7g7r617_ZT2dsAhuqtRhwB_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/aRJc7_o9XgAW9PPEgC1zuufULQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a3009-8f2e-420c-9bdf-be74908186f0/1/Hbk7g7r617_ZT2dsAhuqtRhwB_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:df0::/48
Signature Algorithm: sha256WithRSAEncryption
8d:ba:29:58:27:c3:92:92:3c:f5:ee:69:c1:53:ae:ce:ca:ad:
14:be:08:8a:cd:4b:66:46:43:1e:c6:c6:e8:68:9d:eb:b0:9b:
3d:54:7d:ec:42:57:f9:1e:58:3f:3f:10:14:4c:21:a8:4f:d6:
bb:65:e2:06:a1:0f:69:55:7b:f2:26:24:bb:d1:a5:a7:c0:04:
e0:1f:ec:d7:ff:94:d0:e0:49:51:83:86:6c:dc:e5:dd:e6:43:
a9:b8:e9:82:7a:9d:41:07:39:f0:44:67:b0:30:b8:ed:15:c5:
0f:de:12:5a:87:c7:34:f6:c3:3f:99:2a:88:0f:1c:16:09:0c:
c4:f9:a6:53:c2:0b:da:05:50:e9:ef:db:d5:c1:39:af:18:3c:
fd:2d:da:d5:4d:9c:3d:82:a4:30:0c:87:c1:77:38:9b:0e:d9:
bc:5d:4e:15:a9:63:5d:ce:98:e8:eb:41:9a:38:b9:18:1e:39:
e8:4f:28:4c:8b:47:55:db:3a:6a:50:6a:04:11:0d:29:c8:34:
4a:9b:cf:41:8f:b6:44:8a:91:e8:53:b7:df:4f:54:c5:d9:84:
8f:a8:6f:ac:4a:b4:c6:98:78:32:11:31:3c:99:25:8c:05:49:
53:7c:ef:ea:48:17:91:b0:f1:c2:77:b4:b1:5f:13:d4:fb:bb:
f5:3d:49:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhsaCP5GDZQo66eNzGvj/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYjkzYjgzYmFmYWQ3YmZkOTRmNjc2YzAyMWJhYWI1MTg3
MDA3ZjAwHhcNMjUwMTAxMTE0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTEyNWNlZmZhM2Q1ZTAwMTZmNGYzYzQ4MDJkNzNiYWU3ZDQyZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseoZl4SD/BnCL24JpfNApIeZ3d4o
QFdTOnnt4JbYTedlRMFNqY4x8FwJeCrR3W1z9IjCDRlwz1GoRFQCGeoMnB4VcrOn
z3TAdLZA2VK1Wtxi5PU2hiJYVB4sACqyzymDa8IK2bGLqbUwNPsMeIHvP+HaV+P+
1yfL0g2OVZ7GvJkXOf5yttmNbTR8L3I5iTbxoKSqu2EiMfysBMcam6Yh3/0Mywr/
PZSdTxoBcWmILbJFsGMJDMolbN254hQL3ehDNSvA2+aRVcsWMlWd2JOY2uVHkPS6
sJ3Rfa3NUXj38PkgtB+usK2JhvThHK9Qd9pY9QPaEc+5wb79HfWsSRrBMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGkSXO/6PV4AFvTzxIAtc7rn1C0JMB8GA1UdIwQY
MBaAFB25O4O6+te/2U9nbAIbqrUYcAfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGJrN2c3cjYxN19aVDJkc0FodXF0Umh3Ql9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTMwMDktOGYyZS00MjBjLTliZGYt
YmU3NDkwODE4NmYwLzEvYVJKYzdfbzlYZ0FXOVBQRWdDMXp1dWZVTFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTMwMDktOGYyZS00MjBjLTliZGYtYmU3NDkwODE4NmYw
LzEvSGJrN2c3cjYxN19aVDJkc0FodXF0Umh3Ql9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA3w
MA0GCSqGSIb3DQEBCwUAA4IBAQCNuilYJ8OSkjz17mnBU67Oyq0UvgiKzUtmRkMe
xsboaJ3rsJs9VH3sQlf5Hlg/PxAUTCGoT9a7ZeIGoQ9pVXvyJiS70aWnwATgH+zX
/5TQ4ElRg4Zs3OXd5kOpuOmCep1BBznwRGewMLjtFcUP3hJah8c09sM/mSqIDxwW
CQzE+aZTwgvaBVDp79vVwTmvGDz9LdrVTZw9gqQwDIfBdzibDtm8XU4VqWNdzpjo
60GaOLkYHjnoTyhMi0dV2zpqUGoEEQ0pyDRKm89Bj7ZEipHoU7ffT1TF2YSPqG+s
SrTGmHgyETE8mSWMBUlTfO/qSBeRsPHCd7SxXxPU+7v1PUkD
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:19:16 2025 by rpki-client