Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/08c4a7-4d2a-4d1c-8b8e-56c5d76ddcd8/1/DruMjLoGzTbfpdC-U-WNttTm1_E.roa
File: DruMjLoGzTbfpdC-U-WNttTm1_E.roa (raw, json)
Hash identifier: SsRWSqMHnifAjAWueilvP4vmdjzH/KuaOCO7NOMeoV8=
Subject key identifier: 0E:BB:8C:8C:BA:06:CD:36:DF:A5:D0:BE:53:E5:8D:B6:D4:E6:D7:F1
Certificate issuer: /CN=c8e90b172f88be21bb99d573fd75b27f5bf745c2
Certificate serial: 0194221FEF17B11F067DAD7F3AA5D33ED21B
Authority key identifier: C8:E9:0B:17:2F:88:BE:21:BB:99:D5:73:FD:75:B2:7F:5B:F7:45:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yOkLFy-IviG7mdVz_XWyf1v3RcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/08c4a7-4d2a-4d1c-8b8e-56c5d76ddcd8/1/DruMjLoGzTbfpdC-U-WNttTm1_E.roa
Signing time: Wed 01 Jan 2025 13:48:25 +0000
ROA not before: Wed 01 Jan 2025 13:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212002
IP address blocks: 2001:67c:229c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:ef:17:b1:1f:06:7d:ad:7f:3a:a5:d3:3e:d2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8e90b172f88be21bb99d573fd75b27f5bf745c2
Validity
Not Before: Jan 1 13:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ebb8c8cba06cd36dfa5d0be53e58db6d4e6d7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f5:e2:39:6c:d6:5b:fb:46:1e:9d:15:ba:5c:
22:ad:83:15:57:b7:12:cc:25:ca:66:12:ca:8a:d3:
f0:3e:c6:d8:94:aa:10:30:6b:17:e2:ca:aa:8c:0e:
27:99:95:d0:d2:63:66:f2:c0:d1:74:74:5b:39:ab:
f3:c7:05:e4:59:2e:3d:ef:75:04:ee:00:bc:3c:e3:
ef:3e:ca:a4:12:87:09:bf:06:57:05:4d:7d:14:eb:
12:05:68:56:aa:9d:7d:7e:49:bf:83:7e:8c:2a:9f:
af:65:20:4c:d0:f1:31:66:1e:ec:b0:c5:af:13:01:
5c:f0:24:2d:06:7d:e4:e7:50:7f:d6:f0:cf:75:9f:
db:fa:a2:1d:80:e3:e9:61:ff:2f:5c:1e:ea:32:d5:
7e:5b:f2:1f:43:bc:84:60:1d:a7:e5:5a:a5:af:e9:
da:2e:9f:f8:88:a2:bc:98:de:95:f5:f1:4d:05:d7:
c1:4b:4c:c7:95:e6:d9:87:2f:00:6b:01:9b:d9:44:
02:94:c1:6f:5e:c0:64:9e:f2:43:0c:41:ff:d9:69:
c1:37:e4:3c:15:37:43:a2:65:45:7c:f5:3e:44:52:
40:30:2d:ff:2e:f8:18:96:ee:e5:d8:41:7c:24:a5:
46:00:c2:c8:79:30:40:fa:c1:5f:17:92:4d:61:51:
c7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BB:8C:8C:BA:06:CD:36:DF:A5:D0:BE:53:E5:8D:B6:D4:E6:D7:F1
X509v3 Authority Key Identifier:
keyid:C8:E9:0B:17:2F:88:BE:21:BB:99:D5:73:FD:75:B2:7F:5B:F7:45:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yOkLFy-IviG7mdVz_XWyf1v3RcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/08c4a7-4d2a-4d1c-8b8e-56c5d76ddcd8/1/DruMjLoGzTbfpdC-U-WNttTm1_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/08c4a7-4d2a-4d1c-8b8e-56c5d76ddcd8/1/yOkLFy-IviG7mdVz_XWyf1v3RcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:229c::/48
Signature Algorithm: sha256WithRSAEncryption
92:38:47:41:c4:48:6b:0c:0c:1c:bd:fc:88:fc:c7:46:d1:8d:
b6:c4:c9:3b:af:3a:41:6d:ce:46:27:86:73:70:6b:ea:b4:b3:
5d:6a:e9:4b:9e:92:ff:d0:af:94:73:87:79:9b:11:e6:68:e1:
52:9b:93:60:2d:fa:2d:b9:71:0d:23:11:d7:3d:e9:14:66:f2:
89:60:eb:3c:25:bf:c1:8d:9b:8c:79:24:4b:61:22:dc:01:a8:
bd:3c:cd:f1:66:07:52:7f:84:37:bd:89:40:b4:04:39:2b:6a:
3f:1a:87:2d:af:a5:41:f7:42:89:67:1d:db:22:8e:fb:92:56:
ae:8e:db:69:7b:97:c3:ee:63:eb:e2:73:8e:af:f6:01:70:1e:
be:58:0a:35:5d:7e:75:3e:11:ad:f7:b5:b1:4c:49:bb:d4:e5:
4a:fe:b2:bf:c4:8f:54:1a:65:df:15:c5:14:2f:6c:06:37:ee:
e0:e9:64:5d:21:ed:9e:92:36:76:a9:5c:98:ad:88:b5:ef:d0:
a5:47:20:df:7e:0b:a1:c1:6f:52:1e:98:2e:3b:ce:db:64:b1:
ee:97:86:24:2a:bd:b0:01:9f:6b:de:27:b2:77:f4:d5:75:e7:
c9:e6:5f:7a:34:f6:75:4b:1a:6b:90:a7:e4:c2:7d:03:c7:95:
85:09:cf:6b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH+8XsR8Gfa1/OqXTPtIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZTkwYjE3MmY4OGJlMjFiYjk5ZDU3M2ZkNzViMjdmNWJm
NzQ1YzIwHhcNMjUwMTAxMTM0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJiOGM4Y2JhMDZjZDM2ZGZhNWQwYmU1M2U1OGRiNmQ0ZTZkN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfXiOWzWW/tGHp0VulwirYMVV7cS
zCXKZhLKitPwPsbYlKoQMGsX4sqqjA4nmZXQ0mNm8sDRdHRbOavzxwXkWS4973UE
7gC8POPvPsqkEocJvwZXBU19FOsSBWhWqp19fkm/g36MKp+vZSBM0PExZh7ssMWv
EwFc8CQtBn3k51B/1vDPdZ/b+qIdgOPpYf8vXB7qMtV+W/IfQ7yEYB2n5Vqlr+na
Lp/4iKK8mN6V9fFNBdfBS0zHlebZhy8AawGb2UQClMFvXsBknvJDDEH/2WnBN+Q8
FTdDomVFfPU+RFJAMC3/LvgYlu7l2EF8JKVGAMLIeTBA+sFfF5JNYVHHvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA67jIy6Bs0236XQvlPljbbU5tfxMB8GA1UdIwQY
MBaAFMjpCxcviL4hu5nVc/11sn9b90XCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU9rTEZ5LUl2aUc3bWRWel9YV3lmMXYzUmNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wOGM0YTctNGQyYS00ZDFjLThiOGUt
NTZjNWQ3NmRkY2Q4LzEvRHJ1TWpMb0d6VGJmcGRDLVUtV050dFRtMV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wOGM0YTctNGQyYS00ZDFjLThiOGUtNTZjNWQ3NmRkY2Q4
LzEveU9rTEZ5LUl2aUc3bWRWel9YV3lmMXYzUmNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCKc
MA0GCSqGSIb3DQEBCwUAA4IBAQCSOEdBxEhrDAwcvfyI/MdG0Y22xMk7rzpBbc5G
J4ZzcGvqtLNdaulLnpL/0K+Uc4d5mxHmaOFSm5NgLfotuXENIxHXPekUZvKJYOs8
Jb/BjZuMeSRLYSLcAai9PM3xZgdSf4Q3vYlAtAQ5K2o/Goctr6VB90KJZx3bIo77
klaujttpe5fD7mPr4nOOr/YBcB6+WAo1XX51PhGt97WxTEm71OVK/rK/xI9UGmXf
FcUUL2wGN+7g6WRdIe2ekjZ2qVyYrYi179ClRyDffguhwW9SHpguO87bZLHul4Yk
Kr2wAZ9r3ieyd/TVdefJ5l96NPZ1SxprkKfkwn0Dx5WFCc9r
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:39 2025 by rpki-client