Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/s-kJqLbM0KEIQbJ-31AW4jYwkyY.roa
File: s-kJqLbM0KEIQbJ-31AW4jYwkyY.roa (raw, json)
Hash identifier: lel2X5N/TCz7Pdk6leCd67OSoke7W8rTYmRW3JpbyRE=
Subject key identifier: B3:E9:09:A8:B6:CC:D0:A1:08:41:B2:7E:DF:50:16:E2:36:30:93:26
Certificate issuer: /CN=d673d849b7d5047376d57e6f796f0018b70b4506
Certificate serial: 01942369825187A87CDEF7728F5C60477154
Authority key identifier: D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/s-kJqLbM0KEIQbJ-31AW4jYwkyY.roa
Signing time: Wed 01 Jan 2025 19:48:24 +0000
ROA not before: Wed 01 Jan 2025 19:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1764
IP address blocks: 2001:678:c1c::/48 maxlen: 48
2a01:190::/29 maxlen: 32
2a03:e600::/29 maxlen: 32
2a04:9300::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:82:51:87:a8:7c:de:f7:72:8f:5c:60:47:71:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d673d849b7d5047376d57e6f796f0018b70b4506
Validity
Not Before: Jan 1 19:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3e909a8b6ccd0a10841b27edf5016e236309326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ae:97:8c:59:b7:f0:9e:6b:a3:b1:c4:72:24:
b1:a0:e7:83:b0:42:ad:5c:0d:19:23:ba:e9:df:a6:
f8:25:e1:72:8c:05:bd:65:ce:67:81:9d:0c:a3:9d:
b7:86:05:88:5d:4e:55:73:ed:11:ca:cb:f8:25:c0:
f1:26:49:32:3d:7f:1f:7c:5d:0a:d4:09:13:64:a7:
db:91:03:6f:4d:8c:50:2d:26:4e:2b:bc:12:4d:f3:
65:d8:1c:cc:7d:19:a3:38:ee:a4:3d:24:64:2e:b4:
8d:d1:a1:63:59:e4:1c:3b:59:e2:d9:de:c7:7f:56:
43:bf:f2:8e:d9:c2:82:c2:da:7e:77:e0:02:2b:c0:
1e:f0:1d:9c:72:12:7c:5f:9d:ca:ac:ce:4c:4d:30:
ca:ec:f6:94:00:56:30:25:12:bc:a9:90:c3:2d:2a:
17:b9:3c:31:87:7d:88:a6:f1:1d:ea:ab:59:bf:fe:
3a:f3:b4:b3:1e:70:54:ec:91:1b:a2:74:a0:2c:50:
a7:99:32:ba:6e:9f:ba:37:30:be:3e:c7:ca:94:b7:
18:24:21:db:ef:2c:65:74:5f:9f:f8:26:e9:29:79:
89:e6:a2:0c:58:63:f2:3a:b8:09:69:9b:04:12:cb:
ee:3a:85:2b:12:c9:cf:52:c9:a3:af:99:ed:d0:f1:
9e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E9:09:A8:B6:CC:D0:A1:08:41:B2:7E:DF:50:16:E2:36:30:93:26
X509v3 Authority Key Identifier:
keyid:D6:73:D8:49:B7:D5:04:73:76:D5:7E:6F:79:6F:00:18:B7:0B:45:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nPYSbfVBHN21X5veW8AGLcLRQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/s-kJqLbM0KEIQbJ-31AW4jYwkyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/2ece62-1d8c-450c-91e8-8eeb757cf545/1/1nPYSbfVBHN21X5veW8AGLcLRQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c1c::/48
2a01:190::/29
2a03:e600::/29
2a04:9300::/29
Signature Algorithm: sha256WithRSAEncryption
c1:93:eb:f5:03:a9:35:9c:17:92:3d:00:44:32:8a:30:95:c7:
3f:c9:66:e8:f8:dd:37:c2:5d:b3:b5:61:2c:a8:f5:91:4e:bb:
10:35:4d:20:5a:e4:21:06:15:01:92:1f:bc:3c:82:25:eb:84:
e2:1f:61:37:e6:5e:95:df:5f:1a:01:bb:fb:a3:fe:40:51:e9:
d2:b4:04:8a:a6:18:85:05:d7:3a:c7:27:09:3c:4e:46:67:fc:
cb:46:11:45:1b:6a:bb:c1:70:57:ff:ad:b7:12:3c:a5:8f:c6:
57:55:2a:7e:8f:b4:ad:a9:ca:15:4d:6a:19:e7:3e:ca:ee:95:
e5:d4:cc:af:6e:5f:a6:bb:c8:8a:cf:f2:45:5e:d5:6a:3b:6b:
93:f7:6c:11:22:80:47:98:2e:c6:3f:af:d7:06:8a:a4:6c:0a:
e2:9b:db:7c:6b:16:12:56:89:d2:03:0e:29:94:5e:2b:fe:c8:
47:5c:ad:8c:ca:5e:3c:61:b0:c3:f6:8a:f0:de:12:10:88:4c:
b2:7a:7f:36:de:93:49:7d:e2:9a:5e:54:17:1f:32:cd:55:e8:
d9:4c:ac:f2:9a:a1:5a:30:e0:13:64:ef:50:9d:f7:cd:cd:37:
5a:72:c8:37:9c:01:fa:06:65:c5:91:d3:36:cc:3c:6c:c0:16:
6b:78:2d:09
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQjaYJRh6h83vdyj1xgR3FUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzNkODQ5YjdkNTA0NzM3NmQ1N2U2Zjc5NmYwMDE4Yjcw
YjQ1MDYwHhcNMjUwMTAxMTk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2U5MDlhOGI2Y2NkMGExMDg0MWIyN2VkZjUwMTZlMjM2MzA5MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp66XjFm38J5ro7HEciSxoOeDsEKt
XA0ZI7rp36b4JeFyjAW9Zc5ngZ0Mo523hgWIXU5Vc+0Rysv4JcDxJkkyPX8ffF0K
1AkTZKfbkQNvTYxQLSZOK7wSTfNl2BzMfRmjOO6kPSRkLrSN0aFjWeQcO1ni2d7H
f1ZDv/KO2cKCwtp+d+ACK8Ae8B2cchJ8X53KrM5MTTDK7PaUAFYwJRK8qZDDLSoX
uTwxh32IpvEd6qtZv/4687SzHnBU7JEbonSgLFCnmTK6bp+6NzC+PsfKlLcYJCHb
7yxldF+f+CbpKXmJ5qIMWGPyOrgJaZsEEsvuOoUrEsnPUsmjr5nt0PGeDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLPpCai2zNChCEGyft9QFuI2MJMmMB8GA1UdIwQY
MBaAFNZz2Em31QRzdtV+b3lvABi3C0UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgt
OGVlYjc1N2NmNTQ1LzEvcy1rSnFMYk0wS0VJUWJKLTMxQVc0all3a3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8yZWNlNjItMWQ4Yy00NTBjLTkxZTgtOGVlYjc1N2NmNTQ1
LzEvMW5QWVNiZlZCSE4yMVg1dmVXOEFHTGNMUlFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwcAIAEGeAwc
AwUDKgEBkAMFAyoD5gADBQMqBJMAMA0GCSqGSIb3DQEBCwUAA4IBAQDBk+v1A6k1
nBeSPQBEMoowlcc/yWbo+N03wl2ztWEsqPWRTrsQNU0gWuQhBhUBkh+8PIIl64Ti
H2E35l6V318aAbv7o/5AUenStASKphiFBdc6xycJPE5GZ/zLRhFFG2q7wXBX/623
Ejylj8ZXVSp+j7StqcoVTWoZ5z7K7pXl1Myvbl+mu8iKz/JFXtVqO2uT92wRIoBH
mC7GP6/XBoqkbArim9t8axYSVonSAw4plF4r/shHXK2Myl48YbDD9orw3hIQiEyy
en823pNJfeKaXlQXHzLNVejZTKzymqFaMOATZO9QnffNzTdacsg3nAH6BmXFkdM2
zDxswBZreC0J
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:36:49 2025 by rpki-client