Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d52ddd-92e1-4d26-a6a1-2161c065e1ec/1/vXzICEn5H4rlL3lkD5MFYVZyoDo.roa
File: vXzICEn5H4rlL3lkD5MFYVZyoDo.roa (raw, json)
Hash identifier: S8AGnwweyFWeH/aatAqqKUZFoytXopNJ9q6GkDgPB6E=
Subject key identifier: BD:7C:C8:08:49:F9:1F:8A:E5:2F:79:64:0F:93:05:61:56:72:A0:3A
Certificate issuer: /CN=b722c90639714bb6c6a7b0b123f0d0662c70d5c1
Certificate serial: 0438CE41
Authority key identifier: B7:22:C9:06:39:71:4B:B6:C6:A7:B0:B1:23:F0:D0:66:2C:70:D5:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyLJBjlxS7bGp7CxI_DQZixw1cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d52ddd-92e1-4d26-a6a1-2161c065e1ec/1/vXzICEn5H4rlL3lkD5MFYVZyoDo.roa
Signing time: Sat 01 Jan 2022 03:57:17 +0000
ROA not before: Sat 01 Jan 2022 03:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34907
IP address blocks: 2001:67c:178c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70831681 (0x438ce41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b722c90639714bb6c6a7b0b123f0d0662c70d5c1
Validity
Not Before: Jan 1 03:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd7cc80849f91f8ae52f79640f9305615672a03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ab:bd:9e:68:f3:8d:a9:93:ca:43:bf:d5:39:
93:5f:87:98:32:27:f2:7b:b6:9c:ee:31:6f:91:d8:
8a:c9:38:2a:3b:c0:77:35:1f:15:fd:72:28:eb:98:
64:da:3b:a9:da:e8:f7:93:77:14:00:49:4c:7a:7b:
47:a4:d2:a0:65:12:99:72:96:e9:b4:65:fc:fa:e4:
80:10:4c:57:16:37:76:fe:7d:ae:bf:38:07:a4:cf:
8b:16:8d:b2:0d:09:6a:ac:49:c4:82:a7:78:56:28:
82:f9:06:f2:39:cb:7f:c4:b4:84:23:b6:52:47:84:
3f:20:fb:48:b8:a3:59:8b:9e:ed:ec:fd:57:d7:9d:
f3:69:73:b4:90:b4:f3:4e:16:06:c4:da:26:32:09:
e4:ba:0b:ee:b0:50:30:82:4c:94:ef:b8:97:da:3b:
b7:b0:f4:07:8f:81:bc:a2:7d:e4:d3:54:96:0d:1c:
b5:10:51:60:45:22:75:a9:63:bd:01:94:99:9c:b0:
d1:e3:a5:1f:ed:b6:b4:c8:2a:21:28:2a:be:72:bc:
ab:65:5d:5c:20:3b:c2:d8:66:5f:93:b7:66:fa:b1:
b9:19:73:4e:f7:00:07:38:39:15:2f:e0:d3:17:33:
88:19:6d:6a:fc:6e:a9:25:6a:89:d8:57:4c:19:93:
8c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7C:C8:08:49:F9:1F:8A:E5:2F:79:64:0F:93:05:61:56:72:A0:3A
X509v3 Authority Key Identifier:
keyid:B7:22:C9:06:39:71:4B:B6:C6:A7:B0:B1:23:F0:D0:66:2C:70:D5:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyLJBjlxS7bGp7CxI_DQZixw1cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d52ddd-92e1-4d26-a6a1-2161c065e1ec/1/vXzICEn5H4rlL3lkD5MFYVZyoDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d52ddd-92e1-4d26-a6a1-2161c065e1ec/1/tyLJBjlxS7bGp7CxI_DQZixw1cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:178c::/48
Signature Algorithm: sha256WithRSAEncryption
89:a2:b4:dd:36:36:d2:86:f4:f3:90:23:da:35:92:3b:79:70:
45:e4:67:c2:e3:a2:85:19:43:b7:f9:82:68:6b:4a:fc:1a:7c:
aa:f8:fa:fd:d1:08:f2:f5:7f:04:3b:ba:0a:5c:7a:69:f9:5d:
1e:4b:a3:08:7d:4e:51:fb:e3:4d:3e:b0:82:a5:cd:1f:7a:52:
2f:b9:12:e6:8a:75:02:4e:e3:f2:96:6e:f4:a4:ef:69:b6:52:
dc:66:72:1b:d9:ba:88:76:06:39:eb:37:08:cd:0b:44:ba:63:
bf:1c:15:a8:7b:81:70:fc:83:3f:34:cc:30:e7:ae:7a:37:b3:
0e:5a:f0:ae:b0:dd:2d:b9:1c:6a:84:2c:8d:71:47:2a:e4:3f:
25:e5:bd:6a:af:46:bf:f7:48:2c:19:65:33:6a:67:b9:89:3a:
14:f5:6a:23:5d:2d:d1:ed:3b:8d:82:e8:68:b9:8b:be:bc:3e:
6c:6d:60:e8:ab:99:a1:db:c5:ce:fc:2c:12:69:7d:b8:af:be:
22:7f:75:4d:27:29:d5:93:50:c2:c0:ef:2c:8b:ea:fc:dc:a1:
d5:fb:8c:c9:28:f0:0f:67:50:e1:f8:f6:89:a7:cb:93:a6:76:
ed:f6:c9:41:56:fe:00:e8:8d:a0:85:f2:0f:2b:4b:d6:bd:e2:
f4:11:56:1d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBDjOQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzIyYzkwNjM5NzE0YmI2YzZhN2IwYjEyM2YwZDA2NjJjNzBkNWMxMB4XDTIyMDEw
MTAzNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ3Y2M4MDg0OWY5
MWY4YWU1MmY3OTY0MGY5MzA1NjE1NjcyYTAzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+rvZ5o842pk8pDv9U5k1+HmDIn8nu2nO4xb5HYisk4KjvA
dzUfFf1yKOuYZNo7qdro95N3FABJTHp7R6TSoGUSmXKW6bRl/PrkgBBMVxY3dv59
rr84B6TPixaNsg0JaqxJxIKneFYogvkG8jnLf8S0hCO2UkeEPyD7SLijWYue7ez9
V9ed82lztJC0804WBsTaJjIJ5LoL7rBQMIJMlO+4l9o7t7D0B4+BvKJ95NNUlg0c
tRBRYEUidaljvQGUmZyw0eOlH+22tMgqISgqvnK8q2VdXCA7wthmX5O3ZvqxuRlz
TvcABzg5FS/g0xcziBltavxuqSVqidhXTBmTjE8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBS9fMgISfkfiuUveWQPkwVhVnKgOjAfBgNVHSMEGDAWgBS3IskGOXFLtsan
sLEj8NBmLHDVwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5TEpCamx4UzdiR3A3Q3hJX0RRWml4dzFjRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvZDUyZGRkLTkyZTEtNGQyNi1hNmExLTIxNjFjMDY1ZTFlYy8x
L3ZYeklDRW41SDRybEwzbGtENU1GWVZaeW9Eby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
ZDUyZGRkLTkyZTEtNGQyNi1hNmExLTIxNjFjMDY1ZTFlYy8xL3R5TEpCamx4Uzdi
R3A3Q3hJX0RRWml4dzFjRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwXjDANBgkqhkiG9w0BAQsF
AAOCAQEAiaK03TY20ob085Aj2jWSO3lwReRnwuOihRlDt/mCaGtK/Bp8qvj6/dEI
8vV/BDu6Clx6afldHkujCH1OUfvjTT6wgqXNH3pSL7kS5op1Ak7j8pZu9KTvabZS
3GZyG9m6iHYGOes3CM0LRLpjvxwVqHuBcPyDPzTMMOeuejezDlrwrrDdLbkcaoQs
jXFHKuQ/JeW9aq9Gv/dILBllM2pnuYk6FPVqI10t0e07jYLoaLmLvrw+bG1g6KuZ
odvFzvwsEml9uK++In91TScp1ZNQwsDvLIvq/Nyh1fuMySjwD2dQ4fj2iafLk6Z2
7fbJQVb+AOiNoIXyDytL1r3i9BFWHQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:51 2025 by rpki-client