Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/86fKM31DBBSwZ8M6qcIf6r_iQR4.roa
File: 86fKM31DBBSwZ8M6qcIf6r_iQR4.roa (raw, json)
Hash identifier: EWjBxOajWLT9vZOY8gky8VpcjsYK4HfbzBG5oTI1lvE=
Subject key identifier: F3:A7:CA:33:7D:43:04:14:B0:67:C3:3A:A9:C2:1F:EA:BF:E2:41:1E
Certificate issuer: /CN=fa630c3d23c6046c2f1a7e0c8fccbd83e20ed4c7
Certificate serial: 019424451C64EF3BFED5DFC84F770E255E73
Authority key identifier: FA:63:0C:3D:23:C6:04:6C:2F:1A:7E:0C:8F:CC:BD:83:E2:0E:D4:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/86fKM31DBBSwZ8M6qcIf6r_iQR4.roa
Signing time: Wed 01 Jan 2025 23:48:16 +0000
ROA not before: Wed 01 Jan 2025 23:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3399
IP address blocks: 2001:678:5d8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:1c:64:ef:3b:fe:d5:df:c8:4f:77:0e:25:5e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa630c3d23c6046c2f1a7e0c8fccbd83e20ed4c7
Validity
Not Before: Jan 1 23:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3a7ca337d430414b067c33aa9c21feabfe2411e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:94:8e:d4:c4:8a:e0:1b:7c:79:4d:06:f8:75:
46:98:1a:84:c3:f4:36:70:b7:d5:a6:59:64:07:b9:
b9:f2:d0:00:ed:bd:f8:72:d7:ec:19:28:42:70:d4:
3b:b6:55:41:23:a6:5d:bb:c0:2d:77:b5:5d:0b:37:
1b:d2:36:ec:d7:6f:e1:36:01:96:d2:a8:d7:50:5b:
aa:af:df:bd:52:31:73:f3:03:b6:1f:56:b2:0f:5c:
a0:de:b4:c0:ab:c8:8e:40:e2:d8:6a:fc:d9:60:63:
e9:34:b8:51:ad:63:23:96:ad:50:88:ac:04:7b:80:
64:ff:66:ea:4a:3a:2d:aa:73:53:d5:7c:05:ab:d2:
6a:16:69:46:2a:a8:7b:fe:8a:3c:df:bd:42:28:fe:
6c:01:c9:e5:a9:5c:00:69:ec:04:06:9a:ac:34:a9:
ea:14:03:81:d4:02:c6:73:ae:71:19:5b:d5:c7:3e:
c5:41:6c:76:7b:16:53:af:04:6f:28:a3:f4:e6:fd:
9d:b0:a7:07:4c:be:8c:52:bf:80:f3:60:f4:92:6f:
c6:fe:b7:29:21:ad:3a:14:21:72:83:f6:e3:7c:06:
56:1a:e6:19:5c:5d:ce:e8:0a:26:ab:4b:2b:e8:5d:
4f:e8:43:a3:64:b8:d1:d1:b8:4f:8d:70:64:e2:53:
b9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A7:CA:33:7D:43:04:14:B0:67:C3:3A:A9:C2:1F:EA:BF:E2:41:1E
X509v3 Authority Key Identifier:
keyid:FA:63:0C:3D:23:C6:04:6C:2F:1A:7E:0C:8F:CC:BD:83:E2:0E:D4:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/86fKM31DBBSwZ8M6qcIf6r_iQR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/49ad97-21f1-4cc9-b776-8cbee5a027c3/1/1-mMMPSPGBGwvGn4Mj8y9g-IO1Mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5d8::/48
Signature Algorithm: sha256WithRSAEncryption
11:32:7e:38:5f:55:5b:f3:9a:d1:b0:76:e1:ac:ea:9d:cd:18:
4e:19:0c:51:c4:d3:dc:1b:8d:8e:34:62:46:b9:1d:c0:cf:cf:
62:ff:36:c3:fc:d8:29:26:60:d7:d7:ea:37:0a:de:b2:29:b2:
18:cc:1e:3f:ab:f3:9a:4b:4d:5f:01:3e:e7:cc:da:df:6e:fa:
34:27:3c:5b:d5:8e:4a:9f:8e:80:21:d2:c1:a9:6d:9c:3d:00:
6d:75:fa:d8:67:50:e1:9d:13:43:a7:7a:ef:1f:70:f7:bb:df:
38:4a:5c:e5:93:6a:7d:49:08:62:73:1b:43:be:da:60:ce:57:
32:14:fd:69:55:ff:cb:8d:a6:5a:81:2a:bb:d9:1f:15:29:93:
d4:13:36:c1:0e:c8:80:d5:5f:0e:0c:8b:35:66:a5:70:85:69:
1e:9c:d5:c3:82:37:bb:5a:08:c3:f3:f2:b0:9a:18:e0:5b:f2:
bc:3d:80:72:31:1d:07:58:20:03:19:b5:41:02:9e:4b:82:8b:
09:0f:a8:d3:b4:9f:c8:1b:73:af:81:3c:22:dc:c7:94:7f:5d:
ce:8f:5b:72:f0:ef:72:b5:77:69:a6:9c:f8:20:7e:22:7f:b7:
bf:02:71:8e:43:e6:f0:dc:e3:8a:b0:49:bb:37:49:13:fc:d1:
b3:65:8d:0b
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZQkRRxk7zv+1d/IT3cOJV5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjMwYzNkMjNjNjA0NmMyZjFhN2UwYzhmY2NiZDgzZTIw
ZWQ0YzcwHhcNMjUwMTAxMjM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2E3Y2EzMzdkNDMwNDE0YjA2N2MzM2FhOWMyMWZlYWJmZTI0MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZSO1MSK4Bt8eU0G+HVGmBqEw/Q2
cLfVpllkB7m58tAA7b34ctfsGShCcNQ7tlVBI6Zdu8Atd7VdCzcb0jbs12/hNgGW
0qjXUFuqr9+9UjFz8wO2H1ayD1yg3rTAq8iOQOLYavzZYGPpNLhRrWMjlq1QiKwE
e4Bk/2bqSjotqnNT1XwFq9JqFmlGKqh7/oo8371CKP5sAcnlqVwAaewEBpqsNKnq
FAOB1ALGc65xGVvVxz7FQWx2exZTrwRvKKP05v2dsKcHTL6MUr+A82D0km/G/rcp
Ia06FCFyg/bjfAZWGuYZXF3O6Aomq0sr6F1P6EOjZLjR0bhPjXBk4lO5EQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFPOnyjN9QwQUsGfDOqnCH+q/4kEeMB8GA1UdIwQY
MBaAFPpjDD0jxgRsLxp+DI/MvYPiDtTHMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tTU1QU1BHQkd3dkduNE1qOHk5Zy1JTzFNYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMvNDlhZDk3LTIxZjEtNGNjOS1iNzc2
LThjYmVlNWEwMjdjMy8xLzg2ZktNMzFEQkJTd1o4TTZxY0lmNnJfaVFSNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvNDlhZDk3LTIxZjEtNGNjOS1iNzc2LThjYmVlNWEwMjdj
My8xLzEtbU1NUFNQR0JHd3ZHbjRNajh5OWctSU8xTWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ4
BdgwDQYJKoZIhvcNAQELBQADggEBABEyfjhfVVvzmtGwduGs6p3NGE4ZDFHE09wb
jY40Yka5HcDPz2L/NsP82CkmYNfX6jcK3rIpshjMHj+r85pLTV8BPufM2t9u+jQn
PFvVjkqfjoAh0sGpbZw9AG11+thnUOGdE0Oneu8fcPe73zhKXOWTan1JCGJzG0O+
2mDOVzIU/WlV/8uNplqBKrvZHxUpk9QTNsEOyIDVXw4MizVmpXCFaR6c1cOCN7ta
CMPz8rCaGOBb8rw9gHIxHQdYIAMZtUECnkuCiwkPqNO0n8gbc6+BPCLcx5R/Xc6P
W3Lw73K1d2mmnPggfiJ/t78CcY5D5vDc44qwSbs3SRP80bNljQs=
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:58:36 2025 by rpki-client