Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/CeyVhKKlQizpmEMKZpkCphU-tKE.roa
File: CeyVhKKlQizpmEMKZpkCphU-tKE.roa (raw, json)
Hash identifier: V7FK7ujI5WNh4G979EP6OplAMcKIGYG++g7Obm6Snq4=
Subject key identifier: 09:EC:95:84:A2:A5:42:2C:E9:98:43:0A:66:99:02:A6:15:3E:B4:A1
Certificate issuer: /CN=81413f5afc6443e8d2343518ac0b19fd30ba3c12
Certificate serial: 01941F8C1F6604C44CF80F6BE073F5679053
Authority key identifier: 81:41:3F:5A:FC:64:43:E8:D2:34:35:18:AC:0B:19:FD:30:BA:3C:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/CeyVhKKlQizpmEMKZpkCphU-tKE.roa
Signing time: Wed 01 Jan 2025 01:47:44 +0000
ROA not before: Wed 01 Jan 2025 01:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:678:d44::/64 maxlen: 64
2001:678:d44:200::/64 maxlen: 64
2001:678:d44:300::/64 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:1f:66:04:c4:4c:f8:0f:6b:e0:73:f5:67:90:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81413f5afc6443e8d2343518ac0b19fd30ba3c12
Validity
Not Before: Jan 1 01:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09ec9584a2a5422ce998430a669902a6153eb4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:aa:3b:9d:41:a3:f5:aa:82:48:07:ea:44:b4:
94:4d:33:b5:af:f1:56:fd:05:50:5c:2d:fe:40:05:
e8:92:20:8d:85:98:20:f6:9e:51:db:ac:3b:91:55:
ec:ff:3a:63:5a:12:25:4a:b5:b7:97:12:5c:e9:d3:
b4:65:e3:e6:a1:3f:b7:47:f8:40:2b:aa:d0:33:e9:
62:7c:c1:bf:6d:af:65:10:2b:32:f9:9a:2a:39:3d:
a4:ae:12:8c:b2:19:b4:40:4d:2f:6b:75:28:fc:62:
2e:d6:9c:0b:d6:f5:00:f3:67:4f:16:27:b8:44:5e:
81:80:3a:80:f3:41:6c:64:1a:d1:95:16:01:8f:08:
1b:a9:16:ab:33:2f:59:aa:a2:e2:f0:cb:e8:15:f6:
7e:ac:47:21:0d:bb:16:35:1f:9a:2c:36:ff:cb:32:
b6:d5:2e:00:d8:be:b8:af:9d:f0:22:d6:89:36:10:
7a:83:0d:99:51:8a:09:9d:f3:85:f1:11:da:9c:30:
ef:82:8c:33:6e:f3:9e:16:16:10:92:a7:9b:49:0f:
0c:aa:e2:e6:fb:78:3c:3b:d9:65:5b:0d:e8:d4:cf:
f9:15:bb:c1:f7:e6:49:68:0e:3d:81:fe:a0:18:e8:
94:51:3a:9d:a0:c9:e9:e3:51:88:fb:ea:ce:a2:cb:
b5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:EC:95:84:A2:A5:42:2C:E9:98:43:0A:66:99:02:A6:15:3E:B4:A1
X509v3 Authority Key Identifier:
keyid:81:41:3F:5A:FC:64:43:E8:D2:34:35:18:AC:0B:19:FD:30:BA:3C:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/CeyVhKKlQizpmEMKZpkCphU-tKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/32491b-4fc6-4033-9bda-2510ad32c2b4/1/gUE_WvxkQ-jSNDUYrAsZ_TC6PBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d44::/64
2001:678:d44:200::/64
2001:678:d44:300::/64
Signature Algorithm: sha256WithRSAEncryption
7b:69:dd:78:e3:4b:ea:73:0c:3d:10:c1:23:5c:95:d1:8b:9f:
8f:61:5b:11:eb:82:60:8f:90:f4:0b:19:61:0f:76:af:db:54:
36:8e:bc:88:65:59:ef:31:15:95:c3:1b:69:16:2b:ff:23:61:
19:25:46:12:75:1b:e6:92:12:99:94:53:a1:4b:cd:ca:cf:fb:
97:c1:16:22:af:74:a5:f0:75:73:c2:89:f9:a4:11:cb:0b:07:
06:eb:3f:37:4f:27:04:7a:8e:ba:cd:1f:79:ec:6c:08:52:0f:
7e:b3:9f:49:4f:12:7b:a6:74:a4:2d:92:57:21:f8:55:9e:6c:
ad:c2:f3:f5:e6:d5:be:0e:7a:57:ed:8f:91:da:3f:a4:88:4b:
bf:4c:c2:fa:bb:f5:e8:c4:8d:98:5c:e4:31:47:29:93:78:8a:
76:19:a9:82:b7:ba:c6:7f:24:10:3c:55:f7:92:fa:01:21:cf:
70:d1:21:48:49:62:a3:db:40:e7:2f:24:2e:c3:a7:e9:83:b3:
c0:34:23:a9:6b:3c:86:8b:e4:30:1c:43:92:15:af:05:56:65:
0a:8f:d0:31:1f:28:10:2e:a1:8d:1e:07:ce:d9:a6:13:8e:e7:
37:19:df:0a:c0:02:3f:78:d7:d1:f7:cf:58:ab:44:f3:cb:70:
3b:de:25:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjB9mBMRM+A9r4HP1Z5BTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNDEzZjVhZmM2NDQzZThkMjM0MzUxOGFjMGIxOWZkMzBi
YTNjMTIwHhcNMjUwMTAxMDE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWVjOTU4NGEyYTU0MjJjZTk5ODQzMGE2Njk5MDJhNjE1M2ViNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6o7nUGj9aqCSAfqRLSUTTO1r/FW
/QVQXC3+QAXokiCNhZgg9p5R26w7kVXs/zpjWhIlSrW3lxJc6dO0ZePmoT+3R/hA
K6rQM+lifMG/ba9lECsy+ZoqOT2krhKMshm0QE0va3Uo/GIu1pwL1vUA82dPFie4
RF6BgDqA80FsZBrRlRYBjwgbqRarMy9ZqqLi8MvoFfZ+rEchDbsWNR+aLDb/yzK2
1S4A2L64r53wItaJNhB6gw2ZUYoJnfOF8RHanDDvgowzbvOeFhYQkqebSQ8MquLm
+3g8O9llWw3o1M/5FbvB9+ZJaA49gf6gGOiUUTqdoMnp41GI++rOosu1xQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAnslYSipUIs6ZhDCmaZAqYVPrShMB8GA1UdIwQY
MBaAFIFBP1r8ZEPo0jQ1GKwLGf0wujwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1VFX1d2eGtRLWpTTkRVWXJBc1pfVEM2UEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMjQ5MWItNGZjNi00MDMzLTliZGEt
MjUxMGFkMzJjMmI0LzEvQ2V5VmhLS2xRaXpwbUVNS1pwa0NwaFUtdEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMjQ5MWItNGZjNi00MDMzLTliZGEtMjUxMGFkMzJjMmI0
LzEvZ1VFX1d2eGtRLWpTTkRVWXJBc1pfVEM2UEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAAjAhAwkAIAEGeA1E
AAADCQAgAQZ4DUQCAAMJACABBngNRAMAMA0GCSqGSIb3DQEBCwUAA4IBAQB7ad14
40vqcww9EMEjXJXRi5+PYVsR64Jgj5D0CxlhD3av21Q2jryIZVnvMRWVwxtpFiv/
I2EZJUYSdRvmkhKZlFOhS83Kz/uXwRYir3Sl8HVzwon5pBHLCwcG6z83TycEeo66
zR957GwIUg9+s59JTxJ7pnSkLZJXIfhVnmytwvP15tW+DnpX7Y+R2j+kiEu/TML6
u/XoxI2YXOQxRymTeIp2GamCt7rGfyQQPFX3kvoBIc9w0SFISWKj20DnLyQuw6fp
g7PANCOpazyGi+QwHEOSFa8FVmUKj9AxHygQLqGNHgfO2aYTjuc3Gd8KwAI/eNfR
989Yq0Tzy3A73iXJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:31 2025 by rpki-client