Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/cef6d0-f488-4d25-86b5-26aef882f94f/1/Rh0IEx7nLGjWZjM91m5L9ROERFI.roa
File: Rh0IEx7nLGjWZjM91m5L9ROERFI.roa (raw, json)
Hash identifier: ueZbxYCJshLwHxcAfnLZtqfa1hKKEGpxZF9hNshflTs=
Subject key identifier: 46:1D:08:13:1E:E7:2C:68:D6:66:33:3D:D6:6E:4B:F5:13:84:44:52
Certificate issuer: /CN=20105484f187f2087d120cad971d682db3159965
Certificate serial: 01953A9251D257B94D47ACA4FCF35C9A9D2C
Authority key identifier: 20:10:54:84:F1:87:F2:08:7D:12:0C:AD:97:1D:68:2D:B3:15:99:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IBBUhPGH8gh9Egytlx1oLbMVmWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/cef6d0-f488-4d25-86b5-26aef882f94f/1/Rh0IEx7nLGjWZjM91m5L9ROERFI.roa
Signing time: Tue 25 Feb 2025 00:47:02 +0000
ROA not before: Tue 25 Feb 2025 00:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200372
IP address blocks: 2001:67c:b40::/48 maxlen: 48
2a14:8b80::/32 maxlen: 48
2a14:8b81::/32 maxlen: 48
2a14:8b82::/32 maxlen: 48
2a14:8b83::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3a:92:51:d2:57:b9:4d:47:ac:a4:fc:f3:5c:9a:9d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20105484f187f2087d120cad971d682db3159965
Validity
Not Before: Feb 25 00:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=461d08131ee72c68d666333dd66e4bf513844452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ee:16:3f:81:fb:56:44:20:10:20:9f:a1:30:
8a:12:fd:4a:dd:53:92:5b:9d:10:af:a0:57:4f:68:
b1:c6:f8:48:b2:25:79:c1:47:cf:22:95:af:d5:3c:
6a:10:a3:33:93:cd:d7:7f:28:fa:84:d6:23:bd:1e:
de:6f:67:0e:8c:a5:06:bf:64:e4:1c:1e:b2:2e:9a:
bc:45:c2:f4:50:f8:3c:74:b5:c3:1e:b4:99:8c:07:
a3:f7:2d:60:75:17:c9:8b:0d:0a:71:db:74:39:18:
9c:f6:a6:e1:39:f5:c4:b3:5f:f8:02:f1:14:96:a8:
cd:0a:79:a3:a6:e4:a6:64:f2:07:9c:c0:2d:4c:4b:
08:b3:45:63:ef:9c:b0:f8:2c:8a:80:57:86:f2:d4:
a7:de:c2:a4:dc:91:7f:3c:06:29:63:30:d1:1b:9c:
bb:8d:39:62:94:90:1d:c4:75:f3:9f:e7:a9:ea:19:
a1:24:f6:e3:e6:1c:ab:61:36:8d:ba:30:a0:35:5a:
06:40:d7:57:2c:93:af:30:87:3c:65:42:65:ca:69:
34:a0:d7:23:10:9e:87:75:2b:2b:be:a7:9f:7b:0c:
3f:4a:c6:85:23:0d:72:c8:cb:02:ee:11:2c:ba:44:
ff:45:d6:a1:ac:3b:df:8b:bc:83:65:f8:5f:e7:13:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1D:08:13:1E:E7:2C:68:D6:66:33:3D:D6:6E:4B:F5:13:84:44:52
X509v3 Authority Key Identifier:
keyid:20:10:54:84:F1:87:F2:08:7D:12:0C:AD:97:1D:68:2D:B3:15:99:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IBBUhPGH8gh9Egytlx1oLbMVmWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/cef6d0-f488-4d25-86b5-26aef882f94f/1/Rh0IEx7nLGjWZjM91m5L9ROERFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/cef6d0-f488-4d25-86b5-26aef882f94f/1/IBBUhPGH8gh9Egytlx1oLbMVmWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b40::/48
2a14:8b80::/30
Signature Algorithm: sha256WithRSAEncryption
40:32:32:82:02:36:0b:35:ba:c3:8f:0f:28:f5:27:0f:ef:73:
03:4c:5f:9f:aa:a1:39:38:1d:49:e9:82:08:e0:5a:89:3b:ae:
59:54:cd:b1:ea:22:35:3f:94:3b:d2:92:72:e4:5c:f8:40:b2:
7d:55:86:90:2a:ab:2e:67:df:4d:f3:14:5f:3f:99:e3:08:1b:
0b:51:2c:49:b0:66:ec:e4:b5:58:ec:5c:ec:87:1c:bc:60:84:
1c:2d:1e:04:00:ce:e5:6e:08:95:fc:e9:b5:76:f5:a2:59:27:
d6:29:45:b5:d1:c8:0c:87:e6:ff:ea:9d:cd:71:bb:24:ce:95:
12:de:9e:d9:45:f1:76:ee:b0:5c:a8:1b:2a:23:56:28:27:fc:
86:cd:9c:be:5a:e5:f4:37:02:7f:7f:03:12:84:26:40:d9:b7:
30:8f:22:e9:26:a5:6d:4b:7d:46:dd:a7:a8:42:4e:cb:e9:5e:
83:e3:6c:e9:24:c1:d0:0e:f4:6d:ee:94:4d:12:02:45:2e:19:
c2:18:9a:e6:8b:67:c9:d2:6b:7e:1d:29:30:8b:f2:3d:65:7e:
d8:bb:97:02:c5:fa:f1:4e:23:62:0f:78:b4:bf:62:95:e0:d1:
2e:f4:e7:52:ac:ef:83:57:17:f9:39:76:49:7f:c3:ed:99:6e:
69:7e:9a:ec
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZU6klHSV7lNR6yk/PNcmp0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMTA1NDg0ZjE4N2YyMDg3ZDEyMGNhZDk3MWQ2ODJkYjMx
NTk5NjUwHhcNMjUwMjI1MDA0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjFkMDgxMzFlZTcyYzY4ZDY2NjMzM2RkNjZlNGJmNTEzODQ0NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO4WP4H7VkQgECCfoTCKEv1K3VOS
W50Qr6BXT2ixxvhIsiV5wUfPIpWv1TxqEKMzk83Xfyj6hNYjvR7eb2cOjKUGv2Tk
HB6yLpq8RcL0UPg8dLXDHrSZjAej9y1gdRfJiw0Kcdt0ORic9qbhOfXEs1/4AvEU
lqjNCnmjpuSmZPIHnMAtTEsIs0Vj75yw+CyKgFeG8tSn3sKk3JF/PAYpYzDRG5y7
jTlilJAdxHXzn+ep6hmhJPbj5hyrYTaNujCgNVoGQNdXLJOvMIc8ZUJlymk0oNcj
EJ6HdSsrvqefeww/SsaFIw1yyMsC7hEsukT/RdahrDvfi7yDZfhf5xM0xwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFEYdCBMe5yxo1mYzPdZuS/UThERSMB8GA1UdIwQY
MBaAFCAQVITxh/IIfRIMrZcdaC2zFZllMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJCVWhQR0g4Z2g5RWd5dGx4MW9MYk1WbVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9jZWY2ZDAtZjQ4OC00ZDI1LTg2YjUt
MjZhZWY4ODJmOTRmLzEvUmgwSUV4N25MR2pXWmpNOTFtNUw5Uk9FUkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9jZWY2ZDAtZjQ4OC00ZDI1LTg2YjUtMjZhZWY4ODJmOTRm
LzEvSUJCVWhQR0g4Z2g5RWd5dGx4MW9MYk1WbVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwcAIAEGfAtA
AwUCKhSLgDANBgkqhkiG9w0BAQsFAAOCAQEAQDIyggI2CzW6w48PKPUnD+9zA0xf
n6qhOTgdSemCCOBaiTuuWVTNseoiNT+UO9KScuRc+ECyfVWGkCqrLmffTfMUXz+Z
4wgbC1EsSbBm7OS1WOxc7IccvGCEHC0eBADO5W4IlfzptXb1olkn1ilFtdHIDIfm
/+qdzXG7JM6VEt6e2UXxdu6wXKgbKiNWKCf8hs2cvlrl9DcCf38DEoQmQNm3MI8i
6SalbUt9Rt2nqEJOy+leg+Ns6STB0A70be6UTRICRS4Zwhia5otnydJrfh0pMIvy
PWV+2LuXAsX68U4jYg94tL9ileDRLvTnUqzvg1cX+Tl2SX/D7ZluaX6a7A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:43:41 2025 by rpki-client