Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/69a51d-92a1-48ad-b7e7-c4c879c6724c/1/nL-KWTQu66vGNXjRUVMscsP-grE.roa
File: nL-KWTQu66vGNXjRUVMscsP-grE.roa (raw, json)
Hash identifier: lpIwf/fImc5IbiWpDdeaWDHakzHBWZnODtZp7+PycAY=
Subject key identifier: 9C:BF:8A:59:34:2E:EB:AB:C6:35:78:D1:51:53:2C:72:C3:FE:82:B1
Certificate issuer: /CN=c96aeb75acbb5f212335ea6dccb0c36f367db4f8
Certificate serial: 01856B0A42132549753FAD3D43FDAB2936A2
Authority key identifier: C9:6A:EB:75:AC:BB:5F:21:23:35:EA:6D:CC:B0:C3:6F:36:7D:B4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yWrrday7XyEjNeptzLDDbzZ9tPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/69a51d-92a1-48ad-b7e7-c4c879c6724c/1/nL-KWTQu66vGNXjRUVMscsP-grE.roa
Signing time: Sun 01 Jan 2023 01:55:12 +0000
ROA not before: Sun 01 Jan 2023 01:55:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208743
IP address blocks: 2001:678:710::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:0a:42:13:25:49:75:3f:ad:3d:43:fd:ab:29:36:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c96aeb75acbb5f212335ea6dccb0c36f367db4f8
Validity
Not Before: Jan 1 01:55:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cbf8a59342eebabc63578d151532c72c3fe82b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:41:04:50:c1:3f:11:b9:da:09:19:bd:d4:b1:
d9:dc:98:24:b6:08:2d:00:3a:a3:f9:c9:b7:a3:2e:
6f:67:04:ed:82:65:b2:57:2b:23:9a:57:62:9f:0e:
3a:51:c8:1d:bd:ed:1a:1c:3c:52:b9:64:c4:af:aa:
56:15:20:40:d5:d1:e4:61:70:35:9a:76:9f:a6:fd:
ac:75:63:34:18:39:48:a5:a0:ea:b0:40:4d:f6:1c:
7b:3e:44:b8:eb:1a:c6:d3:72:e7:fe:e8:e8:e1:f6:
8f:d3:54:7a:e5:1e:2f:3b:b5:5f:d9:7d:7d:9c:f5:
1e:93:15:3a:31:13:c7:49:34:0d:cb:0d:b1:41:8c:
b0:17:00:82:0b:09:90:75:b7:71:e3:c7:ee:d9:b7:
34:25:21:14:9e:0c:6f:7b:45:8f:a1:c9:c5:21:ff:
ca:4e:61:32:a2:9c:80:c4:c0:e9:ab:b0:a4:0b:22:
3c:c9:b1:b9:5b:7a:91:45:ed:d2:36:f7:d2:3e:6b:
8f:33:3a:91:c5:3c:7e:7e:91:d6:e2:e0:0e:ad:14:
ad:03:33:25:86:7c:d1:c6:d2:a8:c6:28:90:e9:64:
b5:b2:69:55:64:0f:60:06:87:e3:55:2c:57:90:e9:
af:0c:9f:d8:ae:9a:fe:b6:d0:b5:e8:1d:ab:06:25:
fe:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BF:8A:59:34:2E:EB:AB:C6:35:78:D1:51:53:2C:72:C3:FE:82:B1
X509v3 Authority Key Identifier:
keyid:C9:6A:EB:75:AC:BB:5F:21:23:35:EA:6D:CC:B0:C3:6F:36:7D:B4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yWrrday7XyEjNeptzLDDbzZ9tPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/69a51d-92a1-48ad-b7e7-c4c879c6724c/1/nL-KWTQu66vGNXjRUVMscsP-grE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/69a51d-92a1-48ad-b7e7-c4c879c6724c/1/yWrrday7XyEjNeptzLDDbzZ9tPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:710::/48
Signature Algorithm: sha256WithRSAEncryption
15:ee:c0:4a:96:5e:7e:c2:1e:fa:c7:14:22:31:02:62:9c:ff:
71:ee:2b:c1:f2:3f:a9:0d:fe:91:64:bb:ab:26:5e:5c:8c:e8:
e9:e7:ed:fc:fb:28:2f:0c:89:01:78:3e:16:ad:54:00:48:35:
a3:76:a5:f1:12:26:ac:03:b1:0f:2d:ab:2f:2f:7d:5d:2c:20:
b7:a1:be:b8:aa:b7:db:55:19:e1:8b:a7:c5:86:02:22:cd:10:
99:86:f3:a5:ca:cc:7c:81:dd:6c:1d:8f:13:7c:95:23:73:54:
e8:d3:0b:9f:ff:44:58:d1:44:ed:62:0f:9e:74:95:ae:3e:12:
d8:29:24:4c:c2:e1:17:c2:2c:e6:b0:7a:ad:23:f1:ce:12:26:
c2:cd:0b:ff:cd:bf:ab:be:0e:f5:76:8e:8d:8e:95:10:70:aa:
ec:9c:57:cd:bd:49:0c:7c:90:b6:b8:52:e8:2d:b4:0c:18:6e:
73:c6:13:74:bb:86:90:7a:e4:da:3e:ba:bc:3e:a3:76:63:8e:
4c:57:b2:3f:e3:b0:aa:52:e0:b3:c6:4b:a3:90:23:94:16:bc:
0d:1a:72:22:1d:8d:8b:14:36:bf:b1:cb:c0:75:3a:99:5b:87:
22:2a:8d:43:eb:13:e9:b3:3c:59:e2:3e:25:d5:8b:0b:fd:80:
65:21:ab:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVrCkITJUl1P609Q/2rKTaiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NmFlYjc1YWNiYjVmMjEyMzM1ZWE2ZGNjYjBjMzZmMzY3
ZGI0ZjgwHhcNMjMwMTAxMDE1NTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JmOGE1OTM0MmVlYmFiYzYzNTc4ZDE1MTUzMmM3MmMzZmU4MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0EEUME/EbnaCRm91LHZ3Jgktggt
ADqj+cm3oy5vZwTtgmWyVysjmldinw46Ucgdve0aHDxSuWTEr6pWFSBA1dHkYXA1
mnafpv2sdWM0GDlIpaDqsEBN9hx7PkS46xrG03Ln/ujo4faP01R65R4vO7Vf2X19
nPUekxU6MRPHSTQNyw2xQYywFwCCCwmQdbdx48fu2bc0JSEUngxve0WPocnFIf/K
TmEyopyAxMDpq7CkCyI8ybG5W3qRRe3SNvfSPmuPMzqRxTx+fpHW4uAOrRStAzMl
hnzRxtKoxiiQ6WS1smlVZA9gBofjVSxXkOmvDJ/Yrpr+ttC16B2rBiX+lQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJy/ilk0LuurxjV40VFTLHLD/oKxMB8GA1UdIwQY
MBaAFMlq63Wsu18hIzXqbcyww282fbT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVdycmRheTdYeUVqTmVwdHpMRERielo5dFBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82OWE1MWQtOTJhMS00OGFkLWI3ZTct
YzRjODc5YzY3MjRjLzEvbkwtS1dUUXU2NnZHTlhqUlVWTXNjc1AtZ3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82OWE1MWQtOTJhMS00OGFkLWI3ZTctYzRjODc5YzY3MjRj
LzEveVdycmRheTdYeUVqTmVwdHpMRERielo5dFBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAcQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAV7sBKll5+wh76xxQiMQJinP9x7ivB8j+pDf6R
ZLurJl5cjOjp5+38+ygvDIkBeD4WrVQASDWjdqXxEiasA7EPLasvL31dLCC3ob64
qrfbVRnhi6fFhgIizRCZhvOlysx8gd1sHY8TfJUjc1To0wuf/0RY0UTtYg+edJWu
PhLYKSRMwuEXwizmsHqtI/HOEibCzQv/zb+rvg71do6NjpUQcKrsnFfNvUkMfJC2
uFLoLbQMGG5zxhN0u4aQeuTaPrq8PqN2Y45MV7I/47CqUuCzxkujkCOUFrwNGnIi
HY2LFDa/scvAdTqZW4ciKo1D6xPpszxZ4j4l1YsL/YBlIasF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:29 2025 by rpki-client