Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-Ym8pinlMftNFPrku5H-NSemdAM.roa
File: 1-Ym8pinlMftNFPrku5H-NSemdAM.roa (raw, json)
Hash identifier: MHzR2dFw0aH3Ij0bHLeBRLk+Y3qTWb5ccKwQwF5gNP0=
Subject key identifier: F9:89:BC:A6:29:E5:31:FB:4D:14:FA:E4:BB:91:FE:35:27:A6:74:03
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C86AF53D81154536DBADE9D3AC6EA4BA7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-Ym8pinlMftNFPrku5H-NSemdAM.roa
Signing time: Wed 20 Dec 2023 10:04:46 +0000
ROA not before: Wed 20 Dec 2023 10:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 2001:67c:64:ffff:0:18c:86af:430f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:af:53:d8:11:54:53:6d:ba:de:9d:3a:c6:ea:4b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 20 10:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f989bca629e531fb4d14fae4bb91fe3527a67403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3a:33:e7:d0:dd:d1:a9:0b:1a:68:98:45:cf:
65:dc:14:ea:d6:75:2c:64:f1:0e:9e:ac:7f:e2:2c:
c3:81:0d:ec:3b:4c:aa:22:19:bf:6d:fc:e4:f7:fa:
de:c0:41:e2:d7:2a:2a:d6:a3:17:e9:6b:84:ce:f2:
35:b1:d9:04:07:5a:8a:c7:41:a6:26:d1:5a:91:37:
1c:f0:ba:b6:1f:39:d2:6b:e4:bb:ab:c2:b1:3b:14:
b3:f1:16:93:04:09:38:a9:aa:bb:9b:e4:5e:0d:7a:
d6:aa:48:76:9f:b9:0b:03:0d:52:26:9e:49:c7:0f:
20:74:5e:84:68:0a:c6:7a:e4:d0:ad:3e:a4:c4:36:
ba:de:44:91:94:bb:bd:7f:27:33:7c:cd:ab:5b:4c:
b4:22:92:5f:c6:5a:52:b5:f3:38:77:6b:58:6a:48:
7d:9f:1d:8d:6a:f6:ad:5a:be:5c:2c:69:cf:ce:33:
75:a9:1b:6a:3c:21:9a:50:16:36:be:cf:53:68:53:
e6:ef:99:07:5c:2c:78:82:93:7e:2e:87:aa:6f:6b:
48:98:c9:54:c3:04:60:31:30:06:e7:2d:b4:6a:01:
0c:dd:b5:a2:4b:d7:32:58:63:d0:b1:9e:45:d3:5b:
9f:c0:d1:bf:0a:2c:a8:97:df:5c:62:b3:b1:2c:69:
4d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:89:BC:A6:29:E5:31:FB:4D:14:FA:E4:BB:91:FE:35:27:A6:74:03
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-Ym8pinlMftNFPrku5H-NSemdAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:18c:86af:430f/128
Signature Algorithm: sha256WithRSAEncryption
a2:9b:13:0f:d0:50:06:c1:07:7f:22:01:0a:a8:5c:91:5f:ef:
2a:b6:c3:d9:c8:e2:ca:a1:19:81:24:fb:08:3b:3d:21:a2:43:
2d:88:0c:fc:94:c6:19:52:b4:2b:40:6c:9b:df:0f:00:94:05:
5f:b9:6a:2a:7a:a4:ab:1c:9b:8a:b8:69:dd:94:19:8a:6a:a0:
bd:7a:45:22:18:68:0e:a1:f4:29:e7:aa:e1:84:04:dd:82:fe:
a3:58:09:7d:87:ad:e6:14:24:c6:8e:59:08:6f:a9:f0:55:dd:
ac:ac:dc:65:87:2d:d8:86:c8:a1:7d:81:0f:61:4c:18:64:f1:
3f:48:66:e4:17:44:4a:7d:74:51:89:83:7d:ef:52:ba:6d:3f:
e3:d0:68:c6:72:51:9e:92:45:45:77:45:2c:f5:53:7c:e3:ad:
53:75:97:bf:4d:a5:68:2a:78:98:aa:a9:9a:f8:86:de:e0:1f:
20:31:e3:97:26:81:98:56:d5:8a:c4:00:74:36:a3:09:cb:98:
92:dd:20:eb:12:61:a3:c6:0e:cf:7a:64:c6:67:4d:b4:3f:4a:
21:06:39:ac:e4:eb:7b:25:c4:d4:b1:95:69:73:3c:d4:c9:17:
51:85:8a:49:45:d4:16:fb:7b:76:6f:df:bb:80:56:c5:29:e9:
1c:28:55:bc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYyGr1PYEVRTbbrenTrG6kunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIwMTAwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTg5YmNhNjI5ZTUzMWZiNGQxNGZhZTRiYjkxZmUzNTI3YTY3NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmToz59Dd0akLGmiYRc9l3BTq1nUs
ZPEOnqx/4izDgQ3sO0yqIhm/bfzk9/rewEHi1yoq1qMX6WuEzvI1sdkEB1qKx0Gm
JtFakTcc8Lq2HznSa+S7q8KxOxSz8RaTBAk4qaq7m+ReDXrWqkh2n7kLAw1SJp5J
xw8gdF6EaArGeuTQrT6kxDa63kSRlLu9fyczfM2rW0y0IpJfxlpStfM4d2tYakh9
nx2NavatWr5cLGnPzjN1qRtqPCGaUBY2vs9TaFPm75kHXCx4gpN+Loeqb2tImMlU
wwRgMTAG5y20agEM3bWiS9cyWGPQsZ5F01ufwNG/Ciyol99cYrOxLGlNnwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPmJvKYp5TH7TRT65LuR/jUnpnQDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1ZbThwaW5sTWZ0TkZQcmt1NUgtTlNlbWRBTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAsBggrBgEFBQcBBwEB/wQdMBswGQQCAAIwEwMRACABBnwA
ZP//AAABjIavQw8wDQYJKoZIhvcNAQELBQADggEBAKKbEw/QUAbBB38iAQqoXJFf
7yq2w9nI4sqhGYEk+wg7PSGiQy2IDPyUxhlStCtAbJvfDwCUBV+5aip6pKscm4q4
ad2UGYpqoL16RSIYaA6h9CnnquGEBN2C/qNYCX2HreYUJMaOWQhvqfBV3ays3GWH
LdiGyKF9gQ9hTBhk8T9IZuQXREp9dFGJg33vUrptP+PQaMZyUZ6SRUV3RSz1U3zj
rVN1l79NpWgqeJiqqZr4ht7gHyAx45cmgZhW1YrEAHQ2ownLmJLdIOsSYaPGDs96
ZMZnTbQ/SiEGOazk63slxNSxlWlzPNTJF1GFiklF1Bb7e3Zv37uAVsUp6RwoVbw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:05:56 2025 by rpki-client