Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/DytTYF4ziQT8l0ha4pf_nXEcbWg.roa
File: DytTYF4ziQT8l0ha4pf_nXEcbWg.roa (raw, json)
Hash identifier: iToUvdhlqBCAVhPb0eVYkbBb6eW2Krqb+v2w1vuu5tM=
Subject key identifier: 0F:2B:53:60:5E:33:89:04:FC:97:48:5A:E2:97:FF:9D:71:1C:6D:68
Certificate issuer: /CN=c3d7cb333c50ff2126e26f22ecb791cf6fd95c21
Certificate serial: 019427471C617AC47B0B551A86953D0E2596
Authority key identifier: C3:D7:CB:33:3C:50:FF:21:26:E2:6F:22:EC:B7:91:CF:6F:D9:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w9fLMzxQ_yEm4m8i7LeRz2_ZXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/DytTYF4ziQT8l0ha4pf_nXEcbWg.roa
Signing time: Thu 02 Jan 2025 13:49:19 +0000
ROA not before: Thu 02 Jan 2025 13:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17160
IP address blocks: 2001:678:f3c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:1c:61:7a:c4:7b:0b:55:1a:86:95:3d:0e:25:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3d7cb333c50ff2126e26f22ecb791cf6fd95c21
Validity
Not Before: Jan 2 13:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f2b53605e338904fc97485ae297ff9d711c6d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f5:70:ec:2a:5a:5c:d8:07:f8:81:a9:76:a7:
4e:8b:d3:10:8f:1f:fa:90:cb:5e:ef:91:fe:91:48:
db:21:ef:6c:98:3a:65:98:7e:89:7d:00:7f:ff:60:
33:f8:4f:74:55:4f:1b:a9:50:d8:07:7e:77:2b:3e:
2a:64:58:42:65:11:99:95:04:3a:a1:29:50:da:d3:
a9:c4:55:bf:bc:94:c9:88:6a:d2:11:7f:10:31:20:
72:95:c1:6e:d2:3d:6f:d1:39:75:bf:99:30:dd:9c:
7f:2b:0e:c5:9f:09:75:c6:91:c5:2d:13:15:c8:be:
50:d8:47:b8:72:d9:da:36:26:8b:8b:44:4f:54:05:
ee:9d:34:b6:13:d9:48:45:4b:17:d8:09:d1:11:f3:
83:e9:32:59:43:4e:f5:06:44:a2:b4:c0:05:ef:47:
14:7d:21:8d:86:3a:0b:11:3e:c1:fe:77:27:74:26:
0f:3f:41:40:d8:14:96:5e:34:59:17:f1:4c:c5:a3:
fe:90:f6:76:2d:bb:00:9f:32:d7:af:6f:f9:a9:92:
2e:8b:04:3a:d0:09:3c:9a:cd:f4:3b:89:f1:65:9f:
01:b0:5b:f1:b1:b7:ab:04:87:86:32:16:27:d6:ca:
66:ea:f1:81:4f:41:19:9d:df:97:ee:b7:b8:e4:b4:
39:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2B:53:60:5E:33:89:04:FC:97:48:5A:E2:97:FF:9D:71:1C:6D:68
X509v3 Authority Key Identifier:
keyid:C3:D7:CB:33:3C:50:FF:21:26:E2:6F:22:EC:B7:91:CF:6F:D9:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9fLMzxQ_yEm4m8i7LeRz2_ZXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/DytTYF4ziQT8l0ha4pf_nXEcbWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/77f569-6a5d-4258-8de9-1f09c8b6a08d/1/w9fLMzxQ_yEm4m8i7LeRz2_ZXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f3c::/48
Signature Algorithm: sha256WithRSAEncryption
38:9c:26:da:58:7c:92:42:b6:ed:46:67:10:5b:62:95:ca:36:
ae:03:b9:3e:c7:61:44:62:1d:85:f9:4e:7d:6e:f2:02:ca:01:
ee:38:d6:0e:39:34:55:3e:02:5b:06:36:1b:31:44:5a:2a:16:
ca:b8:2a:fc:ac:7c:72:34:9b:22:8a:44:2f:bb:08:73:f2:92:
ca:40:65:1a:06:c0:25:35:52:1a:12:15:af:61:46:f1:77:2e:
c4:20:f2:3f:5a:f9:6d:a2:d3:ac:32:ef:6e:b8:c2:9d:1a:91:
bd:60:a7:8d:15:71:28:39:10:36:d5:c9:46:54:4a:2b:c1:c8:
07:69:6a:43:7d:15:5f:7c:cd:fc:30:59:78:4a:86:bc:ef:eb:
f9:dd:44:34:97:a7:e2:5f:6a:58:63:32:53:17:84:a8:b8:eb:
66:65:71:7c:70:25:5a:a8:af:f5:a2:bb:74:5b:da:68:a2:06:
89:6c:6d:67:49:1c:19:6b:06:a9:76:9a:06:b0:c6:ad:e2:9a:
aa:f6:39:0f:18:06:35:94:79:28:90:ec:86:be:7a:1b:17:66:
fa:a6:de:2a:e9:47:00:aa:5c:a2:ff:be:fa:80:35:8e:92:73:
90:14:da:89:89:9e:c0:e3:6a:83:0d:c2:64:5e:fe:48:2e:06:
1c:cb:76:0c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRxxhesR7C1UahpU9DiWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZDdjYjMzM2M1MGZmMjEyNmUyNmYyMmVjYjc5MWNmNmZk
OTVjMjEwHhcNMjUwMTAyMTM0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjJiNTM2MDVlMzM4OTA0ZmM5NzQ4NWFlMjk3ZmY5ZDcxMWM2ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPVw7CpaXNgH+IGpdqdOi9MQjx/6
kMte75H+kUjbIe9smDplmH6JfQB//2Az+E90VU8bqVDYB353Kz4qZFhCZRGZlQQ6
oSlQ2tOpxFW/vJTJiGrSEX8QMSBylcFu0j1v0Tl1v5kw3Zx/Kw7Fnwl1xpHFLRMV
yL5Q2Ee4ctnaNiaLi0RPVAXunTS2E9lIRUsX2AnREfOD6TJZQ071BkSitMAF70cU
fSGNhjoLET7B/ncndCYPP0FA2BSWXjRZF/FMxaP+kPZ2LbsAnzLXr2/5qZIuiwQ6
0Ak8ms30O4nxZZ8BsFvxsberBIeGMhYn1spm6vGBT0EZnd+X7re45LQ59QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA8rU2BeM4kE/JdIWuKX/51xHG1oMB8GA1UdIwQY
MBaAFMPXyzM8UP8hJuJvIuy3kc9v2VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzlmTE16eFFfeUVtNG04aTdMZVJ6Ml9aWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83N2Y1NjktNmE1ZC00MjU4LThkZTkt
MWYwOWM4YjZhMDhkLzEvRHl0VFlGNHppUVQ4bDBoYTRwZl9uWEVjYldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83N2Y1NjktNmE1ZC00MjU4LThkZTktMWYwOWM4YjZhMDhk
LzEvdzlmTE16eFFfeUVtNG04aTdMZVJ6Ml9aWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA88
MA0GCSqGSIb3DQEBCwUAA4IBAQA4nCbaWHySQrbtRmcQW2KVyjauA7k+x2FEYh2F
+U59bvICygHuONYOOTRVPgJbBjYbMURaKhbKuCr8rHxyNJsiikQvuwhz8pLKQGUa
BsAlNVIaEhWvYUbxdy7EIPI/WvltotOsMu9uuMKdGpG9YKeNFXEoORA21clGVEor
wcgHaWpDfRVffM38MFl4Soa87+v53UQ0l6fiX2pYYzJTF4SouOtmZXF8cCVaqK/1
ort0W9poogaJbG1nSRwZawapdpoGsMat4pqq9jkPGAY1lHkokOyGvnobF2b6pt4q
6UcAqlyi/776gDWOknOQFNqJiZ7A42qDDcJkXv5ILgYcy3YM
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:38:28 2025 by rpki-client