Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/So5T8XfWerZCWM7PbH4nnckXOmg.roa
File: So5T8XfWerZCWM7PbH4nnckXOmg.roa (raw, json)
Hash identifier: lcsWzssnfCVcXKwTBWx0dd95V9iVdcS5bEcL7GmfB/g=
Subject key identifier: 4A:8E:53:F1:77:D6:7A:B6:42:58:CE:CF:6C:7E:27:9D:C9:17:3A:68
Certificate issuer: /CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Certificate serial: 01856E5D751FA184C18480D4BB7CFEE61373
Authority key identifier: DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/So5T8XfWerZCWM7PbH4nnckXOmg.roa
Signing time: Sun 01 Jan 2023 17:24:56 +0000
ROA not before: Sun 01 Jan 2023 17:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2a0e:1c80:3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:75:1f:a1:84:c1:84:80:d4:bb:7c:fe:e6:13:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Validity
Not Before: Jan 1 17:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4a8e53f177d67ab64258cecf6c7e279dc9173a68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6b:56:7e:58:6a:2d:14:57:43:e2:d1:d3:4a:
06:34:17:b8:3a:3d:37:9e:fe:32:4c:94:80:35:2b:
4c:47:8a:cb:c1:e2:d3:be:f6:a1:4c:40:23:70:92:
ff:71:45:b1:34:54:86:2e:14:84:f7:18:60:67:6a:
6a:ed:fc:dc:b1:9d:68:f5:cd:0c:ff:c5:68:5f:54:
6f:a1:3a:a5:ac:7a:83:0b:5a:6f:ef:ea:c8:1f:53:
8e:97:da:09:a1:ff:c7:2b:4b:1a:34:ff:1a:0d:a2:
e3:1f:eb:b4:1b:97:8d:fc:1c:a1:a0:44:16:da:dd:
67:02:2d:75:01:b1:16:10:70:89:e4:00:82:ec:b5:
81:0d:65:79:ab:88:db:b0:b9:f0:31:5c:54:ab:f5:
30:6c:e2:3f:25:e3:35:ed:61:40:08:96:09:4f:08:
cc:ed:a5:84:28:61:58:86:1f:42:49:90:22:20:dd:
30:fb:df:bc:8c:2f:3d:b8:74:f7:32:f9:86:7d:ab:
f5:ce:96:41:cb:c6:91:41:5e:29:65:b4:36:18:a4:
48:44:e9:0e:60:c2:92:47:6e:ee:d5:2b:c3:fa:1d:
70:22:c2:37:9c:88:e0:14:49:ca:a3:7f:fa:48:20:
58:e8:71:75:fe:5b:e1:9f:00:22:5d:e6:ea:41:0b:
3e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8E:53:F1:77:D6:7A:B6:42:58:CE:CF:6C:7E:27:9D:C9:17:3A:68
X509v3 Authority Key Identifier:
keyid:DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/So5T8XfWerZCWM7PbH4nnckXOmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/39cDtgrGhzJW5rSCa6J6ne7KLwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:3::/48
Signature Algorithm: sha256WithRSAEncryption
97:28:16:ee:9a:c0:4d:23:a4:fc:1a:86:c8:7a:7a:95:cc:dc:
f8:ff:ab:a1:f0:2f:1f:26:8f:82:bb:37:cb:51:83:6b:14:31:
65:06:b0:b8:1e:58:b5:ed:5e:15:44:ca:c2:73:72:65:a0:0e:
57:8e:51:e3:af:0a:bc:ad:7f:22:72:d7:62:8d:1b:95:22:68:
47:70:f3:e1:fe:1b:aa:c0:fc:9b:82:93:ac:a2:37:4d:54:2b:
f2:7c:2c:98:88:00:29:59:e0:ac:0a:4e:8d:60:7e:97:81:c2:
65:9b:2d:a7:46:f0:e8:6a:30:5b:c2:75:a2:23:f6:c4:46:f3:
02:fb:f1:3b:b5:e3:62:7b:0a:2c:48:c7:2a:3c:b1:99:56:f2:
49:b9:48:7a:03:32:ff:a7:41:3d:98:f9:26:1d:b7:6c:db:71:
71:eb:36:e4:5c:91:82:93:a7:d3:6b:ae:03:e2:34:a3:59:a3:
1b:aa:e4:96:ce:70:17:7e:47:bc:be:20:86:44:7d:36:f1:c0:
08:3d:5b:2d:09:33:6d:ab:41:af:34:11:7d:25:00:fd:f4:93:
11:4c:05:2f:d1:53:3b:19:1b:dd:b0:be:9d:7b:4c:51:34:80:
8d:53:a3:d3:b0:58:62:74:bb:21:c4:61:65:ad:67:0b:32:e6:
68:58:67:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVuXXUfoYTBhIDUu3z+5hNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDcwM2I2MGFjNjg3MzI1NmU2YjQ4MjZiYTI3YTlkZWVj
YTJmMGEwHhcNMjMwMTAxMTcyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YThlNTNmMTc3ZDY3YWI2NDI1OGNlY2Y2YzdlMjc5ZGM5MTczYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmtWflhqLRRXQ+LR00oGNBe4Oj03
nv4yTJSANStMR4rLweLTvvahTEAjcJL/cUWxNFSGLhSE9xhgZ2pq7fzcsZ1o9c0M
/8VoX1RvoTqlrHqDC1pv7+rIH1OOl9oJof/HK0saNP8aDaLjH+u0G5eN/ByhoEQW
2t1nAi11AbEWEHCJ5ACC7LWBDWV5q4jbsLnwMVxUq/UwbOI/JeM17WFACJYJTwjM
7aWEKGFYhh9CSZAiIN0w+9+8jC89uHT3MvmGfav1zpZBy8aRQV4pZbQ2GKRIROkO
YMKSR27u1SvD+h1wIsI3nIjgFEnKo3/6SCBY6HF1/lvhnwAiXebqQQs+zwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEqOU/F31nq2QljOz2x+J53JFzpoMB8GA1UdIwQY
MBaAFN/XA7YKxocyVua0gmuiep3uyi8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDct
NTNmMDc4OGUxYTFiLzEvU281VDhYZldlclpDV003UGJING5uY2tYT21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDctNTNmMDc4OGUxYTFi
LzEvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cgAAD
MA0GCSqGSIb3DQEBCwUAA4IBAQCXKBbumsBNI6T8GobIenqVzNz4/6uh8C8fJo+C
uzfLUYNrFDFlBrC4Hli17V4VRMrCc3JloA5XjlHjrwq8rX8ictdijRuVImhHcPPh
/huqwPybgpOsojdNVCvyfCyYiAApWeCsCk6NYH6XgcJlmy2nRvDoajBbwnWiI/bE
RvMC+/E7teNiewosSMcqPLGZVvJJuUh6AzL/p0E9mPkmHbds23Fx6zbkXJGCk6fT
a64D4jSjWaMbquSWznAXfke8viCGRH028cAIPVstCTNtq0GvNBF9JQD99JMRTAUv
0VM7GRvdsL6de0xRNICNU6PTsFhidLshxGFlrWcLMuZoWGcV
-----END CERTIFICATE-----
Generated at Fri May 9 11:08:03 2025 by rpki-client