Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/uiT-f1UkP8u3VtHM1H2WjnfclYk.roa
File: uiT-f1UkP8u3VtHM1H2WjnfclYk.roa (raw, json)
Hash identifier: tX+V4MHF7T2iULGYZ2/cXlHTKSsA+WHHf7K/tt0Vdcs=
Subject key identifier: BA:24:FE:7F:55:24:3F:CB:B7:56:D1:CC:D4:7D:96:8E:77:DC:95:89
Certificate issuer: /CN=86daaf4e68d322248230544cd8db29568e6cf003
Certificate serial: 01942143DC89A3195E7BD2F3CC215AF448AA
Authority key identifier: 86:DA:AF:4E:68:D3:22:24:82:30:54:4C:D8:DB:29:56:8E:6C:F0:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htqvTmjTIiSCMFRM2NspVo5s8AM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/uiT-f1UkP8u3VtHM1H2WjnfclYk.roa
Signing time: Wed 01 Jan 2025 09:48:02 +0000
ROA not before: Wed 01 Jan 2025 09:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204088
IP address blocks: 2001:67c:2d14::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:dc:89:a3:19:5e:7b:d2:f3:cc:21:5a:f4:48:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86daaf4e68d322248230544cd8db29568e6cf003
Validity
Not Before: Jan 1 09:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba24fe7f55243fcbb756d1ccd47d968e77dc9589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d3:0d:6f:51:7a:fe:17:69:03:b6:4d:5f:79:
b5:5d:7d:a1:e9:0b:3b:f2:f7:d4:63:0e:1b:55:d7:
d4:e0:c6:f6:be:c4:94:a8:f9:e6:bf:4b:ec:f7:e3:
a8:8c:9e:2b:80:fe:53:ba:6e:58:e7:6f:38:43:d9:
a0:b9:1f:9c:0c:d0:d5:c1:55:7f:29:c8:2d:7f:51:
81:07:93:f0:bb:58:97:a4:75:ad:f6:ed:0a:13:57:
32:a5:be:22:b1:08:47:b5:74:b6:c8:1b:25:8f:5a:
41:74:1b:0f:b3:8c:67:25:c7:a4:5f:93:d9:ce:a0:
be:ff:a1:c9:35:90:c6:a1:b6:43:6e:e7:fa:b0:fd:
8f:91:c4:eb:46:5c:7d:00:a4:ca:32:22:e1:6b:79:
69:84:87:46:ee:8e:f5:ce:80:8f:3e:b6:89:6c:32:
e3:4d:ec:73:2e:fe:78:be:8d:b9:dc:c8:4d:a3:77:
30:53:eb:78:c5:cd:94:0d:6a:a7:f2:ac:6d:a1:6a:
be:10:0b:51:f7:47:ff:ef:29:db:0c:e9:0f:a0:60:
fe:58:e1:18:95:fc:d3:97:5b:e5:09:a9:62:9f:86:
64:e7:7c:1d:85:7d:73:4a:79:25:8e:03:a2:4d:5f:
e9:c8:55:4e:11:41:64:5a:89:d1:31:d2:a6:ce:fa:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:24:FE:7F:55:24:3F:CB:B7:56:D1:CC:D4:7D:96:8E:77:DC:95:89
X509v3 Authority Key Identifier:
keyid:86:DA:AF:4E:68:D3:22:24:82:30:54:4C:D8:DB:29:56:8E:6C:F0:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htqvTmjTIiSCMFRM2NspVo5s8AM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/uiT-f1UkP8u3VtHM1H2WjnfclYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/57d1db-d8eb-49e0-8133-5bc90505d8ca/1/htqvTmjTIiSCMFRM2NspVo5s8AM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d14::/48
Signature Algorithm: sha256WithRSAEncryption
0e:e7:e2:2d:5c:d5:21:2f:4a:9c:40:c5:15:05:91:ee:4d:ed:
8b:1a:4c:96:42:e4:c0:69:9a:31:91:7e:8d:62:43:f9:14:33:
23:a5:85:eb:13:cc:f3:88:a6:8d:ab:a5:80:4e:49:9b:2b:2a:
05:c9:cb:7c:83:98:3f:6c:9c:0b:cd:9f:c8:86:c0:35:3c:a6:
75:3c:ba:4c:e9:d9:05:df:3b:ab:26:75:ad:04:ef:50:e9:2e:
4a:f7:ba:36:0e:39:5b:4d:38:1f:33:1f:fc:ee:36:ed:69:fd:
cf:fe:e6:0d:76:b7:07:13:b6:2b:16:a8:67:5d:54:2f:5b:3a:
f5:c4:0c:e6:e1:1b:5e:ef:b1:a9:46:96:04:28:fe:5c:16:45:
0d:80:ee:07:f5:c4:17:3e:c5:02:c4:31:d5:4a:e5:7e:2a:ba:
11:ab:89:6d:2b:23:ab:06:ec:e7:47:f2:05:19:ba:9c:1b:fc:
b4:5d:5c:5f:78:96:95:53:f7:f0:fa:82:6d:d9:22:be:68:29:
4b:20:0c:78:0e:72:ad:51:ec:5e:60:85:9c:86:8c:59:25:e7:
19:35:a1:92:a8:be:94:86:22:b8:04:c0:d2:63:51:ac:e4:b2:
4d:e0:20:7a:59:ce:a6:da:6e:63:d7:21:1f:0e:f8:13:c0:53:
41:2f:e3:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhQ9yJoxlee9LzzCFa9EiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZGFhZjRlNjhkMzIyMjQ4MjMwNTQ0Y2Q4ZGIyOTU2OGU2
Y2YwMDMwHhcNMjUwMTAxMDk0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTI0ZmU3ZjU1MjQzZmNiYjc1NmQxY2NkNDdkOTY4ZTc3ZGM5NTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNMNb1F6/hdpA7ZNX3m1XX2h6Qs7
8vfUYw4bVdfU4Mb2vsSUqPnmv0vs9+OojJ4rgP5Tum5Y5284Q9mguR+cDNDVwVV/
Kcgtf1GBB5Pwu1iXpHWt9u0KE1cypb4isQhHtXS2yBslj1pBdBsPs4xnJcekX5PZ
zqC+/6HJNZDGobZDbuf6sP2PkcTrRlx9AKTKMiLha3lphIdG7o71zoCPPraJbDLj
TexzLv54vo253MhNo3cwU+t4xc2UDWqn8qxtoWq+EAtR90f/7ynbDOkPoGD+WOEY
lfzTl1vlCalin4Zk53wdhX1zSnkljgOiTV/pyFVOEUFkWonRMdKmzvrJFwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLok/n9VJD/Lt1bRzNR9lo533JWJMB8GA1UdIwQY
MBaAFIbar05o0yIkgjBUTNjbKVaObPADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRxdlRtalRJaVNDTUZSTTJOc3BWbzVzOEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS81N2QxZGItZDhlYi00OWUwLTgxMzMt
NWJjOTA1MDVkOGNhLzEvdWlULWYxVWtQOHUzVnRITTFIMldqbmZjbFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS81N2QxZGItZDhlYi00OWUwLTgxMzMtNWJjOTA1MDVkOGNh
LzEvaHRxdlRtalRJaVNDTUZSTTJOc3BWbzVzOEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC0U
MA0GCSqGSIb3DQEBCwUAA4IBAQAO5+ItXNUhL0qcQMUVBZHuTe2LGkyWQuTAaZox
kX6NYkP5FDMjpYXrE8zziKaNq6WATkmbKyoFyct8g5g/bJwLzZ/IhsA1PKZ1PLpM
6dkF3zurJnWtBO9Q6S5K97o2DjlbTTgfMx/87jbtaf3P/uYNdrcHE7YrFqhnXVQv
Wzr1xAzm4Rte77GpRpYEKP5cFkUNgO4H9cQXPsUCxDHVSuV+KroRq4ltKyOrBuzn
R/IFGbqcG/y0XVxfeJaVU/fw+oJt2SK+aClLIAx4DnKtUexeYIWchoxZJecZNaGS
qL6UhiK4BMDSY1Gs5LJN4CB6Wc6m2m5j1yEfDvgTwFNBL+OO
-----END CERTIFICATE-----
Generated at Fri Feb 21 13:04:31 2025 by rpki-client