Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/rqoLnZge1IdofSuKjEp1P28fzG4.roa
File: rqoLnZge1IdofSuKjEp1P28fzG4.roa (raw, json)
Hash identifier: 87MDZuhxq98g342/UicsxWyg+eE2e9uEBU1wIUgVNIY=
Subject key identifier: AE:AA:0B:9D:98:1E:D4:87:68:7D:2B:8A:8C:4A:75:3F:6F:1F:CC:6E
Certificate issuer: /CN=d9177cfd3851a5d51e45729f5156749248784885
Certificate serial: 018C34AEC5EB61C7D901A0CC56EBC3741A89
Authority key identifier: D9:17:7C:FD:38:51:A5:D5:1E:45:72:9F:51:56:74:92:48:78:48:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Rd8_ThRpdUeRXKfUVZ0kkh4SIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/rqoLnZge1IdofSuKjEp1P28fzG4.roa
Signing time: Mon 04 Dec 2023 11:55:18 +0000
ROA not before: Mon 04 Dec 2023 11:55:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201697
IP address blocks: 2001:678:72c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:ae:c5:eb:61:c7:d9:01:a0:cc:56:eb:c3:74:1a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9177cfd3851a5d51e45729f5156749248784885
Validity
Not Before: Dec 4 11:55:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aeaa0b9d981ed487687d2b8a8c4a753f6f1fcc6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:74:59:56:24:2d:4d:eb:e8:a0:75:12:34:ac:
e1:6a:74:f6:35:bd:aa:1e:e2:ea:01:3c:77:7c:58:
83:34:09:d6:80:9c:14:96:48:ea:06:98:4c:06:61:
97:bc:f4:72:bb:e1:d4:f5:cc:94:c6:1c:da:05:0f:
90:6f:93:ed:91:ee:ec:f8:2f:86:24:c2:72:74:e5:
b5:99:9f:96:47:dd:b1:9e:52:1d:ee:d1:17:67:23:
81:a9:3b:7e:85:30:d5:e8:a1:8f:b9:8a:d4:e0:6f:
a1:1b:4f:0c:b2:49:7a:6b:77:a6:b2:30:46:86:29:
b8:27:1f:11:63:49:da:9a:3d:bf:a9:01:55:4d:e2:
0f:f1:5b:c7:be:61:63:d4:7d:2b:7b:fc:00:c2:2b:
91:22:61:8c:36:d1:0a:7f:25:ef:73:7e:5c:ab:05:
a0:0c:7d:41:ac:a1:6d:4f:5b:1d:ea:b1:2b:b9:1c:
50:9d:be:5f:dd:9a:9f:87:0e:74:80:0e:36:fb:29:
ae:25:d4:8a:22:88:8e:83:7b:71:82:78:4a:e2:d3:
e2:1f:61:00:44:80:8e:66:09:5a:4d:77:3a:c6:ad:
0e:d4:4f:eb:5c:59:b5:cf:17:32:42:fe:68:39:71:
d5:80:46:fe:69:a4:ef:7c:b9:d4:76:79:c1:32:78:
bd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:AA:0B:9D:98:1E:D4:87:68:7D:2B:8A:8C:4A:75:3F:6F:1F:CC:6E
X509v3 Authority Key Identifier:
keyid:D9:17:7C:FD:38:51:A5:D5:1E:45:72:9F:51:56:74:92:48:78:48:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Rd8_ThRpdUeRXKfUVZ0kkh4SIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/rqoLnZge1IdofSuKjEp1P28fzG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4891c4-53bd-4ad6-bade-e4b23f768957/1/2Rd8_ThRpdUeRXKfUVZ0kkh4SIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:72c::/48
Signature Algorithm: sha256WithRSAEncryption
6c:69:11:49:1e:18:a2:8c:14:de:62:32:c4:e7:44:63:00:78:
4b:ea:88:61:da:85:60:13:fb:97:35:bc:7a:0a:a0:48:45:2f:
46:3d:ff:76:06:1f:43:95:62:e5:ce:c0:a1:6b:a8:d8:76:d3:
6a:97:d1:50:f8:71:b7:d9:55:a1:a4:a1:ce:ef:5d:41:22:24:
4a:c6:95:d4:98:34:cb:e5:4d:d8:e4:2a:18:06:bc:3a:31:0c:
b6:ee:a1:41:ab:ec:1f:07:c9:19:7e:83:aa:bb:fc:2e:e5:2f:
7b:9b:49:60:fb:80:7a:46:a0:e2:ca:fc:99:90:c5:86:db:cb:
e5:e9:fb:00:64:50:f4:23:75:c9:6d:2f:dd:07:d7:c4:ce:bf:
21:35:4e:d5:b2:63:b2:3a:9d:08:f5:ed:f3:31:e5:af:f7:53:
17:45:53:3c:f1:1f:90:7b:bc:1b:6f:ba:32:13:42:a6:09:01:
ff:21:8e:98:ef:14:8b:4e:03:73:1a:23:c3:7c:cf:ed:c5:71:
5a:d4:ad:3f:2f:44:fd:df:7b:cc:e1:c3:cb:3c:1c:a7:c9:72:
99:20:f4:1c:4e:7f:98:c4:a6:cb:e7:79:8c:b6:8d:d6:f1:47:
12:6d:c1:02:8d:bb:47:23:2e:61:b7:20:df:be:1e:1e:16:f1:
5d:4a:7a:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYw0rsXrYcfZAaDMVuvDdBqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTc3Y2ZkMzg1MWE1ZDUxZTQ1NzI5ZjUxNTY3NDkyNDg3
ODQ4ODUwHhcNMjMxMjA0MTE1NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWFhMGI5ZDk4MWVkNDg3Njg3ZDJiOGE4YzRhNzUzZjZmMWZjYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHRZViQtTevooHUSNKzhanT2Nb2q
HuLqATx3fFiDNAnWgJwUlkjqBphMBmGXvPRyu+HU9cyUxhzaBQ+Qb5Ptke7s+C+G
JMJydOW1mZ+WR92xnlId7tEXZyOBqTt+hTDV6KGPuYrU4G+hG08Mskl6a3emsjBG
him4Jx8RY0namj2/qQFVTeIP8VvHvmFj1H0re/wAwiuRImGMNtEKfyXvc35cqwWg
DH1BrKFtT1sd6rEruRxQnb5f3Zqfhw50gA42+ymuJdSKIoiOg3txgnhK4tPiH2EA
RICOZglaTXc6xq0O1E/rXFm1zxcyQv5oOXHVgEb+aaTvfLnUdnnBMni9ZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK6qC52YHtSHaH0rioxKdT9vH8xuMB8GA1UdIwQY
MBaAFNkXfP04UaXVHkVyn1FWdJJIeEiFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJkOF9UaFJwZFVlUlhLZlVWWjBra2g0U0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ODkxYzQtNTNiZC00YWQ2LWJhZGUt
ZTRiMjNmNzY4OTU3LzEvcnFvTG5aZ2UxSWRvZlN1S2pFcDFQMjhmekc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS80ODkxYzQtNTNiZC00YWQ2LWJhZGUtZTRiMjNmNzY4OTU3
LzEvMlJkOF9UaFJwZFVlUlhLZlVWWjBra2g0U0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAcs
MA0GCSqGSIb3DQEBCwUAA4IBAQBsaRFJHhiijBTeYjLE50RjAHhL6ohh2oVgE/uX
Nbx6CqBIRS9GPf92Bh9DlWLlzsCha6jYdtNql9FQ+HG32VWhpKHO711BIiRKxpXU
mDTL5U3Y5CoYBrw6MQy27qFBq+wfB8kZfoOqu/wu5S97m0lg+4B6RqDiyvyZkMWG
28vl6fsAZFD0I3XJbS/dB9fEzr8hNU7VsmOyOp0I9e3zMeWv91MXRVM88R+Qe7wb
b7oyE0KmCQH/IY6Y7xSLTgNzGiPDfM/txXFa1K0/L0T933vM4cPLPBynyXKZIPQc
Tn+YxKbL53mMto3W8UcSbcECjbtHIy5htyDfvh4eFvFdSnpY
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:02:59 2025 by rpki-client