Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/aQLWCmdbg9aMVtpUr6kgFp-kl8g.roa
File: aQLWCmdbg9aMVtpUr6kgFp-kl8g.roa (raw, json)
Hash identifier: MaYzTmKmtA6VMd+7uLB1yAAfoDrTIUYoMrGwKo2T4Fc=
Subject key identifier: 69:02:D6:0A:67:5B:83:D6:8C:56:DA:54:AF:A9:20:16:9F:A4:97:C8
Certificate issuer: /CN=3fa136d7643fdc0d3fb1d53467d8abb299b79171
Certificate serial: 01942144509153F03D4CDD84026C35181B49
Authority key identifier: 3F:A1:36:D7:64:3F:DC:0D:3F:B1:D5:34:67:D8:AB:B2:99:B7:91:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P6E212Q_3A0_sdU0Z9irspm3kXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/aQLWCmdbg9aMVtpUr6kgFp-kl8g.roa
Signing time: Wed 01 Jan 2025 09:48:32 +0000
ROA not before: Wed 01 Jan 2025 09:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215777
IP address blocks: 2001:67c:d74::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:50:91:53:f0:3d:4c:dd:84:02:6c:35:18:1b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fa136d7643fdc0d3fb1d53467d8abb299b79171
Validity
Not Before: Jan 1 09:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6902d60a675b83d68c56da54afa920169fa497c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8c:ae:37:0a:5a:03:f7:e3:ce:b4:c1:2c:d7:
22:c4:c9:a2:4a:45:cb:91:18:bc:92:34:08:fb:ca:
ee:e9:eb:fc:06:6c:5e:1e:9f:80:e8:50:ce:90:f7:
f9:fe:e8:6f:77:07:2c:20:3a:78:84:1b:75:43:4f:
06:b4:4c:da:b6:95:81:0b:6e:32:49:29:34:91:40:
17:96:fd:0b:1e:3f:91:61:76:04:0b:a1:49:c1:47:
a7:84:4d:01:c8:cc:64:dc:44:18:6c:b7:98:df:00:
92:68:82:c7:58:46:0e:86:17:f2:b4:66:b7:94:1b:
54:1d:6a:68:24:62:fa:b9:73:e4:5a:64:54:00:88:
b0:6b:9c:e3:40:24:11:ff:ed:86:3d:48:1a:b8:91:
c1:80:a5:1a:fc:28:e3:b2:e0:dd:01:a0:64:dd:0e:
5a:7f:9f:8a:71:88:86:ec:f2:21:c6:d6:84:9c:fd:
02:87:85:79:38:df:47:b6:ba:a9:01:d4:f4:ab:fe:
32:96:d7:fc:af:1f:e9:1f:c3:5f:42:05:88:4e:54:
1b:dc:ba:62:17:f9:d3:a7:9c:84:e9:6b:6b:20:20:
93:97:13:0e:aa:5c:ba:13:03:9d:73:4a:8f:20:25:
88:39:5a:39:91:c4:87:34:f4:9c:53:54:a6:65:ad:
70:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:02:D6:0A:67:5B:83:D6:8C:56:DA:54:AF:A9:20:16:9F:A4:97:C8
X509v3 Authority Key Identifier:
keyid:3F:A1:36:D7:64:3F:DC:0D:3F:B1:D5:34:67:D8:AB:B2:99:B7:91:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P6E212Q_3A0_sdU0Z9irspm3kXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/aQLWCmdbg9aMVtpUr6kgFp-kl8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/655d53-94c5-4a97-88a1-d277a5f3b9e0/1/P6E212Q_3A0_sdU0Z9irspm3kXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d74::/48
Signature Algorithm: sha256WithRSAEncryption
a2:f6:c5:5d:c0:a5:2b:d3:ed:da:d1:14:90:0b:96:d3:5b:b9:
07:dc:86:8c:fe:28:95:e1:af:13:82:70:9a:ca:4f:88:73:91:
23:13:42:a5:81:07:f2:c5:1c:ee:3f:33:79:59:9d:b7:26:3e:
1c:2c:bc:02:59:9b:ae:df:9f:c3:96:b3:56:90:ff:1a:77:49:
1a:f9:d9:7d:6a:10:fc:58:37:84:ff:1d:f7:ea:bd:97:d9:d8:
35:2e:50:44:b1:c6:3c:d0:90:be:f7:8c:2b:73:0c:c1:9b:09:
96:48:c7:0d:95:78:b1:4a:48:d6:ea:63:d5:e4:9f:f4:3e:9e:
f6:96:12:e7:ee:0a:f0:fb:62:51:19:c7:dc:2d:f9:36:10:7d:
08:b1:b8:89:2c:a3:61:ec:28:fd:68:0e:bb:b3:a9:90:27:93:
6a:3c:ec:5a:09:74:74:0d:6a:be:83:12:38:51:ce:f7:e5:72:
29:b3:5e:95:49:38:0e:ba:58:3a:fe:47:c9:57:ce:e4:f7:0f:
93:68:e4:88:5e:d6:7d:e5:6b:e5:54:54:ff:fe:c7:c8:e7:29:
cb:13:ec:7c:5e:10:72:04:d4:70:24:c0:49:27:9f:c6:32:a2:
98:b9:1f:93:ab:0a:e1:a0:aa:10:2c:11:a7:1b:d5:87:57:4e:
49:49:b2:5c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRFCRU/A9TN2EAmw1GBtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmYTEzNmQ3NjQzZmRjMGQzZmIxZDUzNDY3ZDhhYmIyOTli
NzkxNzEwHhcNMjUwMTAxMDk0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAyZDYwYTY3NWI4M2Q2OGM1NmRhNTRhZmE5MjAxNjlmYTQ5N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoyuNwpaA/fjzrTBLNcixMmiSkXL
kRi8kjQI+8ru6ev8BmxeHp+A6FDOkPf5/uhvdwcsIDp4hBt1Q08GtEzatpWBC24y
SSk0kUAXlv0LHj+RYXYEC6FJwUenhE0ByMxk3EQYbLeY3wCSaILHWEYOhhfytGa3
lBtUHWpoJGL6uXPkWmRUAIiwa5zjQCQR/+2GPUgauJHBgKUa/CjjsuDdAaBk3Q5a
f5+KcYiG7PIhxtaEnP0Ch4V5ON9HtrqpAdT0q/4yltf8rx/pH8NfQgWITlQb3Lpi
F/nTp5yE6WtrICCTlxMOqly6EwOdc0qPICWIOVo5kcSHNPScU1SmZa1wxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGkC1gpnW4PWjFbaVK+pIBafpJfIMB8GA1UdIwQY
MBaAFD+hNtdkP9wNP7HVNGfYq7KZt5FxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDZFMjEyUV8zQTBfc2RVMFo5aXJzcG0za1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC82NTVkNTMtOTRjNS00YTk3LTg4YTEt
ZDI3N2E1ZjNiOWUwLzEvYVFMV0NtZGJnOWFNVnRwVXI2a2dGcC1rbDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC82NTVkNTMtOTRjNS00YTk3LTg4YTEtZDI3N2E1ZjNiOWUw
LzEvUDZFMjEyUV8zQTBfc2RVMFo5aXJzcG0za1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfA10
MA0GCSqGSIb3DQEBCwUAA4IBAQCi9sVdwKUr0+3a0RSQC5bTW7kH3IaM/iiV4a8T
gnCayk+Ic5EjE0KlgQfyxRzuPzN5WZ23Jj4cLLwCWZuu35/DlrNWkP8ad0ka+dl9
ahD8WDeE/x336r2X2dg1LlBEscY80JC+94wrcwzBmwmWSMcNlXixSkjW6mPV5J/0
Pp72lhLn7grw+2JRGcfcLfk2EH0IsbiJLKNh7Cj9aA67s6mQJ5NqPOxaCXR0DWq+
gxI4Uc735XIps16VSTgOulg6/kfJV87k9w+TaOSIXtZ95WvlVFT//sfI5ynLE+x8
XhByBNRwJMBJJ5/GMqKYuR+TqwrhoKoQLBGnG9WHV05JSbJc
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:40 2025 by rpki-client