Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/U8zXsGEWCBH4_8YcgXmHjVER-wA.roa
File: U8zXsGEWCBH4_8YcgXmHjVER-wA.roa (raw, json)
Hash identifier: QGCHO7XwYCcbkNmS/y1pKg7c9YRHZM93ZZOJP0WiYK0=
Subject key identifier: 53:CC:D7:B0:61:16:08:11:F8:FF:C6:1C:81:79:87:8D:51:11:FB:00
Certificate issuer: /CN=2682c816f72686ff7aede53538618cc2e8861039
Certificate serial: 01941F8C93FC4C9B35C117B01242F035A4CE
Authority key identifier: 26:82:C8:16:F7:26:86:FF:7A:ED:E5:35:38:61:8C:C2:E8:86:10:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JoLIFvcmhv967eU1OGGMwuiGEDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/U8zXsGEWCBH4_8YcgXmHjVER-wA.roa
Signing time: Wed 01 Jan 2025 01:48:14 +0000
ROA not before: Wed 01 Jan 2025 01:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 2001:67c:2850::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:93:fc:4c:9b:35:c1:17:b0:12:42:f0:35:a4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2682c816f72686ff7aede53538618cc2e8861039
Validity
Not Before: Jan 1 01:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53ccd7b061160811f8ffc61c8179878d5111fb00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:da:dd:40:7f:82:e3:7f:85:1b:cc:61:54:9c:
42:71:a3:14:7b:5e:22:49:bc:ee:66:e6:0e:77:05:
c5:31:1d:01:91:57:c0:ca:1c:ef:df:24:bf:df:08:
8d:8d:37:29:25:68:f6:ef:0a:00:b2:49:16:2d:fe:
1a:d9:ce:5f:d6:58:88:72:a4:7b:b8:27:97:5f:bc:
7d:37:a8:33:6b:37:65:05:8a:c7:d4:bf:74:63:7c:
11:67:bd:80:76:06:d5:d0:cf:22:96:06:b1:98:79:
d9:89:87:ad:af:99:4d:53:47:43:24:84:62:ea:ac:
2c:46:f7:67:df:3b:bd:e9:0f:6e:bf:59:58:11:f8:
e1:cf:19:22:ca:dc:fc:b0:4c:9c:81:a4:41:65:62:
7b:00:ff:c0:a3:19:1e:c0:52:d2:2c:f7:38:97:7e:
e2:8c:80:f0:5c:f0:d8:fc:09:0e:49:18:b2:11:8b:
97:33:a4:92:94:58:04:d6:16:58:2f:d3:14:8f:81:
61:61:4e:b0:94:8b:05:c0:45:26:61:23:e5:6b:7e:
5e:50:62:b5:61:aa:be:22:88:d7:72:c1:b5:de:c4:
c9:4e:37:ff:1c:c8:06:f4:19:97:fd:fe:f3:1d:f3:
b8:04:37:a3:6f:1c:d7:3a:53:2c:41:41:7e:b3:6f:
3b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CC:D7:B0:61:16:08:11:F8:FF:C6:1C:81:79:87:8D:51:11:FB:00
X509v3 Authority Key Identifier:
keyid:26:82:C8:16:F7:26:86:FF:7A:ED:E5:35:38:61:8C:C2:E8:86:10:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JoLIFvcmhv967eU1OGGMwuiGEDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/U8zXsGEWCBH4_8YcgXmHjVER-wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/a00090-6663-46a1-a5fb-661e8fe3c1e9/1/JoLIFvcmhv967eU1OGGMwuiGEDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2850::/48
Signature Algorithm: sha256WithRSAEncryption
6b:17:91:54:e1:20:7e:d2:1d:ae:50:eb:4a:87:5a:84:13:ad:
93:59:38:34:d3:83:84:46:49:ad:bd:dd:95:dc:b7:67:1f:03:
77:89:c7:e3:9c:93:8a:f3:62:b7:f8:27:16:c0:6f:16:24:01:
ca:13:81:79:a1:bd:e1:01:52:92:2c:c1:f4:4c:8d:b9:71:a5:
11:ed:2b:61:66:32:02:7b:32:48:7b:5b:6e:ec:58:4f:7c:61:
4f:67:f2:a9:7e:bf:f2:a1:76:ce:6f:01:65:45:f8:a3:65:ad:
a3:bc:98:b0:0e:92:d8:22:8a:b6:78:51:93:5b:87:f5:f6:40:
ed:0e:b6:eb:bd:a6:3b:f1:5f:b1:7e:96:5b:ac:0b:f4:be:27:
6a:cf:14:fa:2e:e8:e1:e6:ce:e6:56:3a:49:bd:5b:a6:03:e9:
79:6a:54:74:85:70:76:c9:7f:3e:fd:7c:71:e4:89:b9:d7:78:
ab:32:a5:8a:f3:d7:fd:ca:73:a3:18:ab:27:84:c2:5d:db:e1:
ce:11:55:b1:f1:12:07:d7:1d:45:a4:71:ed:16:5f:34:f0:ea:
f6:5a:c0:80:56:ff:e9:fa:f9:be:4f:a1:00:c1:dc:a5:c4:0d:
85:34:cc:40:f6:7f:4b:32:0c:c6:b5:09:09:bf:e5:3f:a2:6a:
04:f2:ac:58
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjJP8TJs1wRewEkLwNaTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ODJjODE2ZjcyNjg2ZmY3YWVkZTUzNTM4NjE4Y2MyZTg4
NjEwMzkwHhcNMjUwMTAxMDE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2NjZDdiMDYxMTYwODExZjhmZmM2MWM4MTc5ODc4ZDUxMTFmYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztrdQH+C43+FG8xhVJxCcaMUe14i
SbzuZuYOdwXFMR0BkVfAyhzv3yS/3wiNjTcpJWj27woAskkWLf4a2c5f1liIcqR7
uCeXX7x9N6gzazdlBYrH1L90Y3wRZ72AdgbV0M8ilgaxmHnZiYetr5lNU0dDJIRi
6qwsRvdn3zu96Q9uv1lYEfjhzxkiytz8sEycgaRBZWJ7AP/AoxkewFLSLPc4l37i
jIDwXPDY/AkOSRiyEYuXM6SSlFgE1hZYL9MUj4FhYU6wlIsFwEUmYSPla35eUGK1
Yaq+IojXcsG13sTJTjf/HMgG9BmX/f7zHfO4BDejbxzXOlMsQUF+s287/wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFPM17BhFggR+P/GHIF5h41REfsAMB8GA1UdIwQY
MBaAFCaCyBb3Job/eu3lNThhjMLohhA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm9MSUZ2Y21odjk2N2VVMU9HR013dWlHRURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9hMDAwOTAtNjY2My00NmExLWE1ZmIt
NjYxZThmZTNjMWU5LzEvVTh6WHNHRVdDQkg0XzhZY2dYbUhqVkVSLXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9hMDAwOTAtNjY2My00NmExLWE1ZmItNjYxZThmZTNjMWU5
LzEvSm9MSUZ2Y21odjk2N2VVMU9HR013dWlHRURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfChQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBrF5FU4SB+0h2uUOtKh1qEE62TWTg004OERkmt
vd2V3LdnHwN3icfjnJOK82K3+CcWwG8WJAHKE4F5ob3hAVKSLMH0TI25caUR7Sth
ZjICezJIe1tu7FhPfGFPZ/Kpfr/yoXbObwFlRfijZa2jvJiwDpLYIoq2eFGTW4f1
9kDtDrbrvaY78V+xfpZbrAv0vidqzxT6Lujh5s7mVjpJvVumA+l5alR0hXB2yX8+
/Xxx5Im513irMqWK89f9ynOjGKsnhMJd2+HOEVWx8RIH1x1FpHHtFl808Or2WsCA
Vv/p+vm+T6EAwdylxA2FNMxA9n9LMgzGtQkJv+U/omoE8qxY
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:32:40 2025 by rpki-client