Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/VWcJP68R1iCD75ssSwFn6hz8CZY.roa
File: VWcJP68R1iCD75ssSwFn6hz8CZY.roa (raw, json)
Hash identifier: 9It7diBDuI5/L54Ro2RJcj4yvJavFWDdkkIXSsptI6U=
Subject key identifier: 55:67:09:3F:AF:11:D6:20:83:EF:9B:2C:4B:01:67:EA:1C:FC:09:96
Certificate issuer: /CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Certificate serial: 019426D96AD9FCE017833167ED7D8CD3F807
Authority key identifier: 4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/VWcJP68R1iCD75ssSwFn6hz8CZY.roa
Signing time: Thu 02 Jan 2025 11:49:30 +0000
ROA not before: Thu 02 Jan 2025 11:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48924
IP address blocks: 2a07:ddc0:8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:6a:d9:fc:e0:17:83:31:67:ed:7d:8c:d3:f8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecd75a5109e2c106e1193d57ee2b999fec27fe0
Validity
Not Before: Jan 2 11:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5567093faf11d62083ef9b2c4b0167ea1cfc0996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c3:c0:c5:09:c3:8e:15:d0:ef:e3:64:2a:cf:
d1:2b:7a:de:e4:55:b5:dc:f5:78:70:9a:b5:c8:2b:
1c:58:7a:34:cc:09:30:ac:a9:7e:01:1b:26:f0:74:
12:2e:eb:98:2f:c1:53:e4:7f:d7:43:bd:13:a8:68:
bc:40:77:80:a9:42:c4:72:16:5b:bd:2b:29:20:a1:
70:f7:c9:0b:82:00:57:48:c1:58:0b:3a:98:a8:91:
cf:3c:c6:d0:ed:41:34:c0:85:f0:d6:7b:73:1b:1d:
25:9d:24:ae:06:c1:38:ab:be:56:60:56:9e:32:6b:
9c:af:0b:71:86:64:fa:22:30:45:6b:27:99:56:83:
0c:49:c1:1e:17:78:d7:3c:ad:2c:13:b1:9c:e6:60:
bd:26:58:90:cc:d5:7e:13:70:eb:58:a9:70:72:c5:
e3:25:7e:18:d0:4f:bc:71:fe:ae:1e:a3:b2:35:ca:
0b:39:90:76:f0:b0:7e:ac:e4:9e:da:e8:d6:35:9a:
cb:42:4d:66:78:f3:8f:63:2e:1b:16:bb:50:93:91:
f6:ed:2a:3a:5a:d2:16:d0:33:ef:bb:9e:bd:31:36:
9b:fc:13:4d:0a:e3:b6:23:0c:d0:47:ef:37:e9:a6:
9b:bc:41:5d:93:24:88:ad:38:f7:c2:fe:74:a6:b3:
6d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:67:09:3F:AF:11:D6:20:83:EF:9B:2C:4B:01:67:EA:1C:FC:09:96
X509v3 Authority Key Identifier:
keyid:4E:CD:75:A5:10:9E:2C:10:6E:11:93:D5:7E:E2:B9:99:FE:C2:7F:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/VWcJP68R1iCD75ssSwFn6hz8CZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/d7beed-df98-4ec8-87b6-4072557c47fa/1/Ts11pRCeLBBuEZPVfuK5mf7Cf-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:ddc0:8::/48
Signature Algorithm: sha256WithRSAEncryption
80:03:2d:1b:ec:9c:28:ec:7e:18:0b:e7:87:c8:97:26:81:25:
98:fd:7f:64:c9:6e:54:c7:fe:e2:5e:08:7b:86:9b:e2:6a:dd:
ca:7a:8e:20:1e:ee:78:57:70:ed:63:f6:34:43:63:a5:af:e7:
d6:db:e6:e6:9a:82:e0:1e:0f:bc:b2:b9:8c:ea:5d:2d:24:b9:
4e:e1:7f:e6:e7:a8:26:60:b4:80:37:29:52:6d:a2:f2:1a:7d:
b3:81:6e:1a:60:78:d8:30:86:0a:2a:38:d9:d5:21:f2:3d:27:
d1:0a:12:d5:aa:66:f5:97:3e:ed:f3:46:f5:2f:59:6f:e9:fc:
2a:ba:a4:6e:00:37:39:c5:6b:9c:5e:e2:34:53:2b:78:a1:09:
c2:7b:1b:0b:da:0d:86:e0:3c:4f:c9:b1:0d:66:7e:4f:2c:0b:
85:fd:24:71:cd:5d:6a:42:b0:00:45:4e:01:34:0a:d8:e6:ba:
66:27:f0:25:09:91:0e:74:c6:dd:de:54:8d:4b:77:b3:ae:a0:
8f:ad:c7:ae:d6:ee:19:14:a6:0c:8d:b1:6e:2b:02:d3:20:bf:
16:a2:5b:32:85:99:81:99:c2:98:c2:e2:65:7d:86:47:ec:a2:
9e:23:d5:da:9d:ef:b6:81:af:f6:13:f1:fd:11:70:88:06:55:
58:98:71:12
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2WrZ/OAXgzFn7X2M0/gHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Q3NWE1MTA5ZTJjMTA2ZTExOTNkNTdlZTJiOTk5ZmVj
MjdmZTAwHhcNMjUwMTAyMTE0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY3MDkzZmFmMTFkNjIwODNlZjliMmM0YjAxNjdlYTFjZmMwOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcPAxQnDjhXQ7+NkKs/RK3re5FW1
3PV4cJq1yCscWHo0zAkwrKl+ARsm8HQSLuuYL8FT5H/XQ70TqGi8QHeAqULEchZb
vSspIKFw98kLggBXSMFYCzqYqJHPPMbQ7UE0wIXw1ntzGx0lnSSuBsE4q75WYFae
MmucrwtxhmT6IjBFayeZVoMMScEeF3jXPK0sE7Gc5mC9JliQzNV+E3DrWKlwcsXj
JX4Y0E+8cf6uHqOyNcoLOZB28LB+rOSe2ujWNZrLQk1mePOPYy4bFrtQk5H27So6
WtIW0DPvu569MTab/BNNCuO2IwzQR+836aabvEFdkySIrTj3wv50prNtAQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFVnCT+vEdYgg++bLEsBZ+oc/AmWMB8GA1UdIwQY
MBaAFE7NdaUQniwQbhGT1X7iuZn+wn/gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYt
NDA3MjU1N2M0N2ZhLzEvVldjSlA2OFIxaUNENzVzc1N3Rm42aHo4Q1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9kN2JlZWQtZGY5OC00ZWM4LTg3YjYtNDA3MjU1N2M0N2Zh
LzEvVHMxMXBSQ2VMQkJ1RVpQVmZ1SzVtZjdDZi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgfdwAAI
MA0GCSqGSIb3DQEBCwUAA4IBAQCAAy0b7Jwo7H4YC+eHyJcmgSWY/X9kyW5Ux/7i
Xgh7hpviat3Keo4gHu54V3DtY/Y0Q2Olr+fW2+bmmoLgHg+8srmM6l0tJLlO4X/m
56gmYLSANylSbaLyGn2zgW4aYHjYMIYKKjjZ1SHyPSfRChLVqmb1lz7t80b1L1lv
6fwquqRuADc5xWucXuI0Uyt4oQnCexsL2g2G4DxPybENZn5PLAuF/SRxzV1qQrAA
RU4BNArY5rpmJ/AlCZEOdMbd3lSNS3ezrqCPrceu1u4ZFKYMjbFuKwLTIL8Wolsy
hZmBmcKYwuJlfYZH7KKeI9Xane+2ga/2E/H9EXCIBlVYmHES
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:23 2025 by rpki-client