Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/3QQh6mYIogZmcAHgohHHs_wJc94.roa
File: 3QQh6mYIogZmcAHgohHHs_wJc94.roa (raw, json)
Hash identifier: 4ogLkVurD/JT7p+ANpl86Nw475W+j5/jdwzAnfbcoSw=
Subject key identifier: DD:04:21:EA:66:08:A2:06:66:70:01:E0:A2:11:C7:B3:FC:09:73:DE
Certificate issuer: /CN=c3d7cb333c50ff2126e26f22ecb791cf6fd95c21
Certificate serial: 019427471CA90F8C8DCE10029DB29130B687
Authority key identifier: C3:D7:CB:33:3C:50:FF:21:26:E2:6F:22:EC:B7:91:CF:6F:D9:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w9fLMzxQ_yEm4m8i7LeRz2_ZXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/3QQh6mYIogZmcAHgohHHs_wJc94.roa
Signing time: Thu 02 Jan 2025 13:49:19 +0000
ROA not before: Thu 02 Jan 2025 13:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211640
IP address blocks: 2001:678:f3c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:1c:a9:0f:8c:8d:ce:10:02:9d:b2:91:30:b6:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3d7cb333c50ff2126e26f22ecb791cf6fd95c21
Validity
Not Before: Jan 2 13:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd0421ea6608a206667001e0a211c7b3fc0973de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:80:b8:c9:53:41:4e:ec:72:42:f3:7f:26:d2:
d8:f6:9c:6d:c6:87:bc:91:09:26:a2:4f:e7:6c:02:
2b:b8:e8:6c:c9:3c:18:fa:57:f9:48:4a:a4:7a:15:
4f:7a:b9:f0:2b:d1:0a:e8:9d:75:11:61:6e:89:81:
d4:32:76:df:40:54:09:8b:2c:b6:69:f2:e6:25:4d:
18:c6:22:80:fe:aa:04:ea:3b:df:82:b1:c1:e6:1b:
5e:3e:b9:e2:d5:78:c2:b7:c6:17:aa:4a:a5:ab:7d:
fd:9c:96:e8:6a:47:21:46:04:51:37:0c:21:4d:78:
1f:c5:6a:9a:16:c2:3b:96:78:34:7a:5c:76:98:72:
e3:62:01:af:6d:c2:6e:d2:a7:ba:b0:ad:23:4d:13:
da:97:52:1d:2a:e6:c9:14:10:c2:ef:82:ca:75:fb:
78:51:14:8e:e8:ae:68:31:e8:07:e8:5d:b1:c0:f5:
ea:97:a1:f2:40:c7:8e:e5:49:5b:8f:73:45:3f:c8:
62:47:ae:81:d5:c2:42:42:bb:66:ca:7a:4b:85:12:
56:0d:df:57:36:25:dc:89:73:1d:90:ad:a5:d7:0f:
25:3a:cd:0c:46:8c:06:f5:a2:70:22:d4:c2:a8:9b:
50:bb:a8:10:23:75:2b:68:93:d4:76:0e:06:35:84:
4b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:04:21:EA:66:08:A2:06:66:70:01:E0:A2:11:C7:B3:FC:09:73:DE
X509v3 Authority Key Identifier:
keyid:C3:D7:CB:33:3C:50:FF:21:26:E2:6F:22:EC:B7:91:CF:6F:D9:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9fLMzxQ_yEm4m8i7LeRz2_ZXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/3QQh6mYIogZmcAHgohHHs_wJc94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/w9fLMzxQ_yEm4m8i7LeRz2_ZXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f3c::/48
Signature Algorithm: sha256WithRSAEncryption
17:64:4f:64:39:ab:f4:85:e1:32:2f:0c:6b:84:43:46:45:72:
54:07:e3:3b:ab:c0:01:df:96:31:54:61:fe:c3:36:ba:1d:6d:
46:89:c5:77:1f:ae:23:b1:a3:16:68:fa:82:f8:f3:27:cc:3b:
a3:b0:62:e1:d3:ab:71:e9:8b:d8:a0:14:52:b2:5a:9c:a0:10:
0a:21:a1:c8:31:4c:81:51:3d:51:c4:43:65:fa:c1:3c:b5:cc:
77:d5:19:f4:f1:69:95:a9:64:81:b0:eb:c7:96:e9:5b:a9:91:
9f:0c:46:40:11:53:7f:64:e1:a2:e9:06:9a:a6:79:93:58:c5:
37:b6:ef:33:88:6a:ef:88:fd:a3:d6:c2:5a:cb:f3:fc:7f:38:
c3:ca:34:bd:f1:bb:c3:06:96:9c:38:22:4c:5e:70:73:8d:d7:
ed:3d:4f:11:5e:d2:d1:40:1d:4a:44:84:9e:e2:c5:e7:13:9b:
04:c0:c7:dd:21:2d:42:3e:82:47:60:13:28:8b:69:09:ea:88:
3b:72:bc:e3:d3:c2:b2:2e:5e:26:f5:1c:23:6c:c8:84:20:12:
5e:01:5a:d9:ec:6b:0a:a5:61:30:39:12:bf:7b:2d:12:62:28:
1f:da:6a:8d:bc:e9:ea:1c:c0:d6:cd:ea:d7:97:6b:b3:8a:ca:
a8:ab:cc:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRxypD4yNzhACnbKRMLaHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZDdjYjMzM2M1MGZmMjEyNmUyNmYyMmVjYjc5MWNmNmZk
OTVjMjEwHhcNMjUwMTAyMTM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDA0MjFlYTY2MDhhMjA2NjY3MDAxZTBhMjExYzdiM2ZjMDk3M2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4C4yVNBTuxyQvN/JtLY9pxtxoe8
kQkmok/nbAIruOhsyTwY+lf5SEqkehVPernwK9EK6J11EWFuiYHUMnbfQFQJiyy2
afLmJU0YxiKA/qoE6jvfgrHB5htePrni1XjCt8YXqkqlq339nJboakchRgRRNwwh
TXgfxWqaFsI7lng0elx2mHLjYgGvbcJu0qe6sK0jTRPal1IdKubJFBDC74LKdft4
URSO6K5oMegH6F2xwPXql6HyQMeO5Ulbj3NFP8hiR66B1cJCQrtmynpLhRJWDd9X
NiXciXMdkK2l1w8lOs0MRowG9aJwItTCqJtQu6gQI3UraJPUdg4GNYRLyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN0EIepmCKIGZnAB4KIRx7P8CXPeMB8GA1UdIwQY
MBaAFMPXyzM8UP8hJuJvIuy3kc9v2VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzlmTE16eFFfeUVtNG04aTdMZVJ6Ml9aWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83N2Y1NjktNmE1ZC00MjU4LThkZTkt
MWYwOWM4YjZhMDhkLzEvM1FRaDZtWUlvZ1ptY0FIZ29oSEhzX3dKYzk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83N2Y1NjktNmE1ZC00MjU4LThkZTktMWYwOWM4YjZhMDhk
LzEvdzlmTE16eFFfeUVtNG04aTdMZVJ6Ml9aWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA88
MA0GCSqGSIb3DQEBCwUAA4IBAQAXZE9kOav0heEyLwxrhENGRXJUB+M7q8AB35Yx
VGH+wza6HW1GicV3H64jsaMWaPqC+PMnzDujsGLh06tx6YvYoBRSslqcoBAKIaHI
MUyBUT1RxENl+sE8tcx31Rn08WmVqWSBsOvHlulbqZGfDEZAEVN/ZOGi6QaapnmT
WMU3tu8ziGrviP2j1sJay/P8fzjDyjS98bvDBpacOCJMXnBzjdftPU8RXtLRQB1K
RISe4sXnE5sEwMfdIS1CPoJHYBMoi2kJ6og7crzj08KyLl4m9RwjbMiEIBJeAVrZ
7GsKpWEwORK/ey0SYigf2mqNvOnqHMDWzerXl2uzisqoq8w6
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:13:15 2025 by rpki-client