Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3b72c0-5de9-46a4-abd4-31b60311c315/1/Ln2JbGXgQ88O79Pg1zLA68Pqxy0.roa
File: Ln2JbGXgQ88O79Pg1zLA68Pqxy0.roa (raw, json)
Hash identifier: Mstyw2j7AKFxamlwfGacDBtId3D916+hLBKPld0IQWI=
Subject key identifier: 2E:7D:89:6C:65:E0:43:CF:0E:EF:D3:E0:D7:32:C0:EB:C3:EA:C7:2D
Certificate issuer: /CN=165fad4109283b33b6f3ba53fae83a145d1934e2
Certificate serial: 019421439A5F7F4BFC4CDAF656CE3A666CEF
Authority key identifier: 16:5F:AD:41:09:28:3B:33:B6:F3:BA:53:FA:E8:3A:14:5D:19:34:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fl-tQQkoOzO287pT-ug6FF0ZNOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/3b72c0-5de9-46a4-abd4-31b60311c315/1/Ln2JbGXgQ88O79Pg1zLA68Pqxy0.roa
Signing time: Wed 01 Jan 2025 09:47:46 +0000
ROA not before: Wed 01 Jan 2025 09:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39880
IP address blocks: 2001:67c:2174::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:9a:5f:7f:4b:fc:4c:da:f6:56:ce:3a:66:6c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=165fad4109283b33b6f3ba53fae83a145d1934e2
Validity
Not Before: Jan 1 09:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e7d896c65e043cf0eefd3e0d732c0ebc3eac72d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:11:8a:df:06:a8:aa:67:0d:0f:d5:44:29:a6:
d0:4c:af:25:9d:e5:35:03:91:29:2e:34:97:1d:6a:
d7:67:c0:a1:19:fc:2d:26:48:ae:2f:a2:24:01:a8:
4c:0e:94:12:81:3c:a4:4f:aa:66:21:15:9c:f2:26:
22:fe:0e:6a:87:57:bd:5d:e9:eb:6d:5d:76:1e:79:
d7:74:f9:01:18:0e:37:d6:4b:2d:3f:14:67:87:d7:
fc:17:f7:15:e7:8c:13:f4:e0:54:07:1c:9c:48:1e:
54:68:7d:7b:50:67:09:e4:27:f3:fe:07:3f:95:93:
17:13:90:42:a5:c9:e7:f8:56:ee:b8:d8:2b:e2:ee:
41:56:65:b0:3b:d9:1d:e8:32:9d:d4:8f:62:01:fc:
30:74:94:d6:4f:31:d4:73:fd:c6:4a:eb:45:72:e3:
40:1f:d8:22:54:ee:be:cb:19:bf:e9:58:50:f0:fa:
8a:80:1c:93:b2:c9:7b:a1:78:7d:07:43:01:ba:bb:
7e:64:02:d2:20:aa:a2:cf:38:11:dc:43:2b:16:da:
e0:5a:57:dd:50:96:02:f2:1f:19:9c:c8:e9:d4:4b:
dc:cb:b4:60:78:af:76:d9:a4:67:d7:5a:de:1f:fe:
ed:8f:f3:fd:bf:c8:33:43:bd:7d:3c:90:06:e3:91:
6b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7D:89:6C:65:E0:43:CF:0E:EF:D3:E0:D7:32:C0:EB:C3:EA:C7:2D
X509v3 Authority Key Identifier:
keyid:16:5F:AD:41:09:28:3B:33:B6:F3:BA:53:FA:E8:3A:14:5D:19:34:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fl-tQQkoOzO287pT-ug6FF0ZNOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3b72c0-5de9-46a4-abd4-31b60311c315/1/Ln2JbGXgQ88O79Pg1zLA68Pqxy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3b72c0-5de9-46a4-abd4-31b60311c315/1/Fl-tQQkoOzO287pT-ug6FF0ZNOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2174::/48
Signature Algorithm: sha256WithRSAEncryption
2d:8d:ce:14:cb:fb:8e:a9:6e:53:1e:79:b7:e2:7f:83:08:df:
c6:ed:8a:23:de:47:ab:5c:98:3c:87:a4:08:ee:a9:e9:54:18:
d9:37:e2:bc:fd:34:56:96:84:bf:96:42:62:73:46:0e:68:af:
3c:f9:6c:d8:93:1b:68:16:31:e1:a0:81:ad:ef:07:61:d4:98:
a0:9c:d6:80:85:64:dc:1f:d1:7e:e1:46:13:1d:ea:21:dc:f5:
fa:c6:03:f1:c0:c5:05:6b:e1:a1:34:e0:fa:68:a6:9d:4e:90:
ed:5e:3e:42:39:30:79:63:b8:e5:c6:3f:cd:62:88:af:c3:7b:
32:f0:f5:a5:5a:19:e8:c2:36:02:3c:21:ef:b8:29:ba:ea:42:
d3:ae:09:a4:11:bd:03:fc:2c:dd:0e:df:19:8a:21:33:3e:09:
0e:67:8b:ad:f7:30:c6:2a:ac:2a:3e:11:3b:f5:15:b7:cb:d7:
ba:7e:7e:f5:a0:02:42:e4:3d:6c:da:be:dd:f4:01:0a:e3:46:
33:9f:90:53:79:56:a1:b7:71:a3:17:31:dc:bd:ef:4a:d8:0e:
56:ea:2e:64:25:2f:6f:4f:4f:51:a9:fb:3d:52:fa:eb:a9:bd:
59:1f:63:f3:84:f0:2a:30:37:62:16:ee:4d:f3:98:98:f9:e6:
df:05:a7:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ5pff0v8TNr2Vs46ZmzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NWZhZDQxMDkyODNiMzNiNmYzYmE1M2ZhZTgzYTE0NWQx
OTM0ZTIwHhcNMjUwMTAxMDk0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTdkODk2YzY1ZTA0M2NmMGVlZmQzZTBkNzMyYzBlYmMzZWFjNzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hGK3waoqmcND9VEKabQTK8lneU1
A5EpLjSXHWrXZ8ChGfwtJkiuL6IkAahMDpQSgTykT6pmIRWc8iYi/g5qh1e9Xenr
bV12HnnXdPkBGA431kstPxRnh9f8F/cV54wT9OBUBxycSB5UaH17UGcJ5Cfz/gc/
lZMXE5BCpcnn+FbuuNgr4u5BVmWwO9kd6DKd1I9iAfwwdJTWTzHUc/3GSutFcuNA
H9giVO6+yxm/6VhQ8PqKgByTssl7oXh9B0MBurt+ZALSIKqizzgR3EMrFtrgWlfd
UJYC8h8ZnMjp1Evcy7RgeK922aRn11reH/7tj/P9v8gzQ719PJAG45FrVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC59iWxl4EPPDu/T4NcywOvD6sctMB8GA1UdIwQY
MBaAFBZfrUEJKDsztvO6U/roOhRdGTTiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmwtdFFRa29Pek8yODdwVC11ZzZGRjBaTk9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zYjcyYzAtNWRlOS00NmE0LWFiZDQt
MzFiNjAzMTFjMzE1LzEvTG4ySmJHWGdRODhPNzlQZzF6TEE2OFBxeHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zYjcyYzAtNWRlOS00NmE0LWFiZDQtMzFiNjAzMTFjMzE1
LzEvRmwtdFFRa29Pek8yODdwVC11ZzZGRjBaTk9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCF0
MA0GCSqGSIb3DQEBCwUAA4IBAQAtjc4Uy/uOqW5THnm34n+DCN/G7Yoj3kerXJg8
h6QI7qnpVBjZN+K8/TRWloS/lkJic0YOaK88+WzYkxtoFjHhoIGt7wdh1JignNaA
hWTcH9F+4UYTHeoh3PX6xgPxwMUFa+GhNOD6aKadTpDtXj5COTB5Y7jlxj/NYoiv
w3sy8PWlWhnowjYCPCHvuCm66kLTrgmkEb0D/CzdDt8ZiiEzPgkOZ4ut9zDGKqwq
PhE79RW3y9e6fn71oAJC5D1s2r7d9AEK40Yzn5BTeVaht3GjFzHcve9K2A5W6i5k
JS9vT09Rqfs9Uvrrqb1ZH2PzhPAqMDdiFu5N85iY+ebfBaer
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:09 2025 by rpki-client