Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f2cf11-bf14-4204-af88-f67ecc585bb8/1/8X4RLASwemcpB7sXIrd5tJXKl_c.roa
File: 8X4RLASwemcpB7sXIrd5tJXKl_c.roa (raw, json)
Hash identifier: Ke6+6gCy+3vyH+phFsmwWndNL+U9vVNYKRn14tnYOss=
Subject key identifier: F1:7E:11:2C:04:B0:7A:67:29:07:BB:17:22:B7:79:B4:95:CA:97:F7
Certificate issuer: /CN=c62d573724cb1c095b9b61b2df05ee3fc1a8716d
Certificate serial: 01942521FAD50A65876E59AE644D4427FD28
Authority key identifier: C6:2D:57:37:24:CB:1C:09:5B:9B:61:B2:DF:05:EE:3F:C1:A8:71:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xi1XNyTLHAlbm2Gy3wXuP8GocW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f2cf11-bf14-4204-af88-f67ecc585bb8/1/8X4RLASwemcpB7sXIrd5tJXKl_c.roa
Signing time: Thu 02 Jan 2025 03:49:31 +0000
ROA not before: Thu 02 Jan 2025 03:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214123
IP address blocks: 2001:67c:f20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:fa:d5:0a:65:87:6e:59:ae:64:4d:44:27:fd:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c62d573724cb1c095b9b61b2df05ee3fc1a8716d
Validity
Not Before: Jan 2 03:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f17e112c04b07a672907bb1722b779b495ca97f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:15:7e:72:46:0a:70:79:fd:02:c1:e9:4d:fd:
c4:cc:4c:df:4b:bc:bf:ed:13:19:e9:74:26:81:fa:
1d:29:69:86:7b:0e:25:e9:f0:9c:d3:05:d9:e8:de:
87:d9:ee:b5:57:5d:c1:96:3c:43:50:38:a1:4f:83:
58:48:c0:f3:dc:a3:e0:dd:c5:5f:04:21:28:0b:b5:
37:33:15:c6:19:c4:6e:46:b1:45:0f:53:7e:b3:f9:
a4:e9:52:76:1b:80:30:c6:4c:f1:21:19:10:1e:38:
a5:19:3a:1e:de:ef:46:78:26:ef:bc:24:1a:0e:44:
0c:3e:92:d6:eb:c4:f6:02:3a:36:73:1e:57:77:2e:
32:08:f9:9f:bc:a3:b8:0e:86:67:0c:69:12:90:1a:
50:1e:d3:0e:f4:61:db:7a:52:a5:67:b8:0a:07:4a:
c0:54:bf:9f:0f:90:7b:ec:e4:45:0f:d6:2a:6d:6b:
08:b7:b7:3c:b3:14:0a:81:53:13:88:04:96:b6:d8:
95:9e:32:6f:98:f3:95:ec:0d:36:01:2f:90:6b:27:
7c:d4:78:ae:cb:8d:cd:93:11:08:92:ec:55:10:2e:
0e:0a:6c:e3:b0:cf:6d:d0:5e:08:33:59:78:74:0c:
15:b2:04:4a:73:e2:6c:df:4b:36:6c:93:b8:d4:9c:
5c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7E:11:2C:04:B0:7A:67:29:07:BB:17:22:B7:79:B4:95:CA:97:F7
X509v3 Authority Key Identifier:
keyid:C6:2D:57:37:24:CB:1C:09:5B:9B:61:B2:DF:05:EE:3F:C1:A8:71:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xi1XNyTLHAlbm2Gy3wXuP8GocW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f2cf11-bf14-4204-af88-f67ecc585bb8/1/8X4RLASwemcpB7sXIrd5tJXKl_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f2cf11-bf14-4204-af88-f67ecc585bb8/1/xi1XNyTLHAlbm2Gy3wXuP8GocW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:f20::/48
Signature Algorithm: sha256WithRSAEncryption
64:c9:cf:73:09:d7:ff:a5:ec:bd:86:a7:fd:d1:83:19:29:22:
f9:65:ff:be:8c:f5:fe:41:5e:26:ae:bf:3f:1a:08:7d:f9:e8:
8d:85:5c:71:31:30:80:dc:db:3c:79:14:2b:b5:05:55:bc:6b:
d6:aa:03:c2:ab:10:81:e4:82:1f:45:3d:c1:7a:02:38:4e:a9:
0e:59:40:91:ee:3a:70:c1:44:33:cd:94:19:21:da:6a:cb:b5:
cc:7a:48:60:ac:9e:3d:ad:97:38:cf:8c:69:f2:98:aa:d1:b3:
4b:95:3b:4c:60:a0:65:a8:d6:5e:14:74:78:9d:7f:50:3c:6d:
c2:04:58:b7:a3:07:02:4a:70:dd:1a:01:5d:c5:b5:54:71:95:
72:fe:b0:b5:08:83:97:fc:54:f4:3f:8c:53:a1:03:b3:5b:08:
7e:c5:2c:2f:83:f6:4e:e9:57:14:92:9d:fe:2b:3c:75:1e:a5:
e3:9d:96:8b:8f:a2:2c:7b:09:1e:4f:95:ec:a5:b9:27:0f:6c:
e7:5a:a2:0d:89:25:1c:5c:c0:52:7a:bc:20:eb:6c:3e:be:12:
31:11:05:56:6e:72:92:92:c2:07:8a:8f:8f:3b:f5:04:01:7d:
d8:c3:5e:12:f7:f8:d4:3e:7f:b9:dd:b3:e7:56:45:30:30:dd:
d4:a2:6f:a9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIfrVCmWHblmuZE1EJ/0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MmQ1NzM3MjRjYjFjMDk1YjliNjFiMmRmMDVlZTNmYzFh
ODcxNmQwHhcNMjUwMTAyMDM0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdlMTEyYzA0YjA3YTY3MjkwN2JiMTcyMmI3NzliNDk1Y2E5N2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BV+ckYKcHn9AsHpTf3EzEzfS7y/
7RMZ6XQmgfodKWmGew4l6fCc0wXZ6N6H2e61V13BljxDUDihT4NYSMDz3KPg3cVf
BCEoC7U3MxXGGcRuRrFFD1N+s/mk6VJ2G4AwxkzxIRkQHjilGToe3u9GeCbvvCQa
DkQMPpLW68T2Ajo2cx5Xdy4yCPmfvKO4DoZnDGkSkBpQHtMO9GHbelKlZ7gKB0rA
VL+fD5B77ORFD9YqbWsIt7c8sxQKgVMTiASWttiVnjJvmPOV7A02AS+Qayd81Hiu
y43NkxEIkuxVEC4OCmzjsM9t0F4IM1l4dAwVsgRKc+Js30s2bJO41JxcpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPF+ESwEsHpnKQe7FyK3ebSVypf3MB8GA1UdIwQY
MBaAFMYtVzckyxwJW5thst8F7j/BqHFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGkxWE55VExIQWxibTJHeTN3WHVQOEdvY1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMmNmMTEtYmYxNC00MjA0LWFmODgt
ZjY3ZWNjNTg1YmI4LzEvOFg0UkxBU3dlbWNwQjdzWElyZDV0SlhLbF9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMmNmMTEtYmYxNC00MjA0LWFmODgtZjY3ZWNjNTg1YmI4
LzEveGkxWE55VExIQWxibTJHeTN3WHVQOEdvY1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA8g
MA0GCSqGSIb3DQEBCwUAA4IBAQBkyc9zCdf/pey9hqf90YMZKSL5Zf++jPX+QV4m
rr8/Ggh9+eiNhVxxMTCA3Ns8eRQrtQVVvGvWqgPCqxCB5IIfRT3BegI4TqkOWUCR
7jpwwUQzzZQZIdpqy7XMekhgrJ49rZc4z4xp8piq0bNLlTtMYKBlqNZeFHR4nX9Q
PG3CBFi3owcCSnDdGgFdxbVUcZVy/rC1CIOX/FT0P4xToQOzWwh+xSwvg/ZO6VcU
kp3+Kzx1HqXjnZaLj6IsewkeT5XspbknD2znWqINiSUcXMBSerwg62w+vhIxEQVW
bnKSksIHio+PO/UEAX3Yw14S9/jUPn+53bPnVkUwMN3Uom+p
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:50:44 2025 by rpki-client