Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/tSdPmCF2mRPxF2tL9jrht8v9nd0.roa
File: tSdPmCF2mRPxF2tL9jrht8v9nd0.roa (raw, json)
Hash identifier: 25zx6oeH7z2ZyGM4y2LzPQiLw04ocTvL7Bq+gPKpw0c=
Subject key identifier: B5:27:4F:98:21:76:99:13:F1:17:6B:4B:F6:3A:E1:B7:CB:FD:9D:DD
Certificate issuer: /CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Certificate serial: 019422FBA65B7A2F35F8236E2CE3B1FB7F9E
Authority key identifier: 3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/tSdPmCF2mRPxF2tL9jrht8v9nd0.roa
Signing time: Wed 01 Jan 2025 17:48:24 +0000
ROA not before: Wed 01 Jan 2025 17:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212789
IP address blocks: 2001:678:53c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:a6:5b:7a:2f:35:f8:23:6e:2c:e3:b1:fb:7f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a778b82baa9788a1acaf2ec368b61981ef51df2
Validity
Not Before: Jan 1 17:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5274f9821769913f1176b4bf63ae1b7cbfd9ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d1:b6:2e:5f:95:f2:06:20:0c:b3:87:9c:c1:
13:3c:91:c9:44:cc:4d:e0:09:90:ef:7a:2b:6b:d9:
b3:08:70:3e:23:e8:a8:f8:74:ff:2a:53:9f:05:47:
d0:66:a6:72:ca:b2:9d:0a:3c:e3:f3:aa:08:46:2d:
d2:c5:12:cf:cf:fd:4b:30:a9:8b:71:f8:7d:a4:9d:
62:64:30:5e:4e:59:07:2e:4f:2d:68:39:73:ab:b3:
50:b0:65:3e:0e:e1:46:dc:d1:63:8c:67:99:fa:35:
1c:68:0f:80:16:71:a9:76:c8:1b:25:33:88:5e:bf:
fe:46:61:d8:1a:b9:ec:85:1d:a7:69:ca:aa:57:ff:
34:20:e5:31:e9:9b:62:64:0b:4c:d1:48:dc:92:15:
23:39:84:92:12:46:5f:a7:55:1b:c1:d6:9d:2b:2a:
31:2e:61:f0:f0:ac:a7:dd:28:34:e5:f3:69:58:2a:
2a:71:df:34:d0:26:55:a7:4b:78:e3:b8:60:15:5e:
24:9a:e6:5c:36:40:81:59:48:21:97:8b:8f:d0:7d:
c5:1c:80:6a:f9:99:f3:1c:24:63:3b:9f:93:26:36:
51:30:48:19:32:51:d4:a1:5e:00:d2:12:74:e4:b0:
9a:ff:8a:0c:11:04:4d:97:45:5d:d8:e3:e8:a7:ae:
b0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:27:4F:98:21:76:99:13:F1:17:6B:4B:F6:3A:E1:B7:CB:FD:9D:DD
X509v3 Authority Key Identifier:
keyid:3A:77:8B:82:BA:A9:78:8A:1A:CA:F2:EC:36:8B:61:98:1E:F5:1D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OneLgrqpeIoayvLsNothmB71HfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/tSdPmCF2mRPxF2tL9jrht8v9nd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/404c04-a7f5-4cdf-8e97-18d33beb7c31/1/OneLgrqpeIoayvLsNothmB71HfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:53c::/48
Signature Algorithm: sha256WithRSAEncryption
02:81:19:ff:fc:0e:92:46:10:8d:d8:a5:a1:9f:72:48:6c:ba:
10:ca:ec:eb:f8:6d:a4:69:78:42:01:92:9b:db:45:e1:e0:23:
eb:63:3d:d5:4e:91:a7:ef:63:90:25:5a:cf:6b:10:ad:31:45:
1d:43:bc:af:62:4c:cf:17:57:c3:67:2f:58:65:6d:19:bc:c2:
c6:84:4d:3f:ce:98:2a:f8:fa:a2:af:06:69:d2:7b:5d:da:54:
97:e3:1e:e1:84:65:c9:7e:d7:6e:0e:e6:e5:cb:37:5f:d8:d6:
e6:83:d0:72:39:9a:32:16:e6:57:ad:87:51:c9:14:ed:0d:43:
eb:b7:a1:aa:1b:fe:31:c8:39:d4:26:22:ca:a0:4d:64:de:09:
75:01:bb:d1:62:12:e9:15:7a:dc:10:78:ae:11:8e:27:23:a8:
4d:6b:50:b5:7d:50:16:60:0b:3a:19:a9:46:7d:e5:01:d1:99:
26:53:2e:d0:5c:33:03:8f:32:30:cd:cd:8b:8e:28:46:58:fb:
e0:f3:26:b8:7b:9a:34:cc:b1:a3:cd:8a:92:1e:ed:85:30:a5:
31:69:d6:9a:c0:87:33:84:56:e0:8a:41:a9:5c:6c:b9:29:32:
c2:62:6b:86:7d:7e:b4:13:3d:78:2e:e8:28:fa:d2:b5:aa:83:
f3:d6:c5:65
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+6Zbei81+CNuLOOx+3+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc4YjgyYmFhOTc4OGExYWNhZjJlYzM2OGI2MTk4MWVm
NTFkZjIwHhcNMjUwMTAxMTc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI3NGY5ODIxNzY5OTEzZjExNzZiNGJmNjNhZTFiN2NiZmQ5ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttG2Ll+V8gYgDLOHnMETPJHJRMxN
4AmQ73ora9mzCHA+I+io+HT/KlOfBUfQZqZyyrKdCjzj86oIRi3SxRLPz/1LMKmL
cfh9pJ1iZDBeTlkHLk8taDlzq7NQsGU+DuFG3NFjjGeZ+jUcaA+AFnGpdsgbJTOI
Xr/+RmHYGrnshR2nacqqV/80IOUx6ZtiZAtM0UjckhUjOYSSEkZfp1UbwdadKyox
LmHw8Kyn3Sg05fNpWCoqcd800CZVp0t447hgFV4kmuZcNkCBWUghl4uP0H3FHIBq
+ZnzHCRjO5+TJjZRMEgZMlHUoV4A0hJ05LCa/4oMEQRNl0Vd2OPop66w/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLUnT5ghdpkT8RdrS/Y64bfL/Z3dMB8GA1UdIwQY
MBaAFDp3i4K6qXiKGsry7DaLYZge9R3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTct
MThkMzNiZWI3YzMxLzEvdFNkUG1DRjJtUlB4RjJ0TDlqcmh0OHY5bmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC80MDRjMDQtYTdmNS00Y2RmLThlOTctMThkMzNiZWI3YzMx
LzEvT25lTGdycXBlSW9heXZMc05vdGhtQjcxSGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAU8
MA0GCSqGSIb3DQEBCwUAA4IBAQACgRn//A6SRhCN2KWhn3JIbLoQyuzr+G2kaXhC
AZKb20Xh4CPrYz3VTpGn72OQJVrPaxCtMUUdQ7yvYkzPF1fDZy9YZW0ZvMLGhE0/
zpgq+PqirwZp0ntd2lSX4x7hhGXJftduDublyzdf2Nbmg9ByOZoyFuZXrYdRyRTt
DUPrt6GqG/4xyDnUJiLKoE1k3gl1AbvRYhLpFXrcEHiuEY4nI6hNa1C1fVAWYAs6
GalGfeUB0ZkmUy7QXDMDjzIwzc2LjihGWPvg8ya4e5o0zLGjzYqSHu2FMKUxadaa
wIczhFbgikGpXGy5KTLCYmuGfX60Ez14Lugo+tK1qoPz1sVl
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:18 2025 by rpki-client