Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/8e4Eyom1DEiwtMxO7Nlo_unBXk8.roa
File: 8e4Eyom1DEiwtMxO7Nlo_unBXk8.roa (raw, json)
Hash identifier: /qGKh2MXI1F1nEzbOiPb21ax/0kL39BCO/H45a0wYOE=
Subject key identifier: F1:EE:04:CA:89:B5:0C:48:B0:B4:CC:4E:EC:D9:68:FE:E9:C1:5E:4F
Certificate issuer: /CN=940e2a716e5d89895dfea2ef2903081dede99c68
Certificate serial: 018CC5DBEF999FA6BD020E57D201B08FF67E
Authority key identifier: 94:0E:2A:71:6E:5D:89:89:5D:FE:A2:EF:29:03:08:1D:ED:E9:9C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lA4qcW5diYld_qLvKQMIHe3pnGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/8e4Eyom1DEiwtMxO7Nlo_unBXk8.roa
Signing time: Mon 01 Jan 2024 16:29:34 +0000
ROA not before: Mon 01 Jan 2024 16:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31317
IP address blocks: 2001:678:970::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ef:99:9f:a6:bd:02:0e:57:d2:01:b0:8f:f6:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940e2a716e5d89895dfea2ef2903081dede99c68
Validity
Not Before: Jan 1 16:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1ee04ca89b50c48b0b4cc4eecd968fee9c15e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:94:a3:b1:ec:b9:d2:74:f6:1b:48:71:09:20:
3b:91:b4:c5:a0:87:22:bd:0d:58:22:8e:eb:0d:db:
cb:12:6c:6e:3c:79:b2:9e:e3:94:1f:62:1c:81:4d:
47:6b:24:46:5b:e3:c8:5c:e8:71:4b:c7:83:15:fe:
65:b9:20:93:22:70:d2:af:20:be:da:5a:c9:01:6b:
20:98:9b:ce:ff:11:bb:86:13:cb:3e:99:57:1c:f6:
1f:64:ba:5f:ec:78:7e:99:74:a2:ef:c6:c8:5e:12:
e9:8a:63:a2:25:fe:21:a0:92:a0:7f:89:ef:4f:d8:
e2:f3:38:8a:2a:37:1a:f9:eb:89:25:fb:83:26:b9:
c5:cb:23:29:a3:92:85:8e:10:4c:a9:fc:5c:4b:80:
fd:58:1f:21:b1:71:24:9d:41:b0:b9:b7:9c:0b:c7:
6c:6d:56:33:ec:a7:18:41:ee:ee:bb:88:0a:a4:f9:
52:bf:68:98:e5:1e:25:5d:1e:3c:b3:88:31:f5:7f:
ae:40:1b:0f:19:4b:b2:91:6c:f7:3d:f0:9e:34:86:
f8:04:81:02:be:ab:5f:f2:a1:ed:6f:8f:bc:c8:5f:
8d:8e:1a:65:e0:86:4a:d0:63:30:f9:63:a0:52:6a:
85:f7:6f:3e:b1:3c:87:b2:62:85:68:e7:3c:7a:b0:
f1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:EE:04:CA:89:B5:0C:48:B0:B4:CC:4E:EC:D9:68:FE:E9:C1:5E:4F
X509v3 Authority Key Identifier:
keyid:94:0E:2A:71:6E:5D:89:89:5D:FE:A2:EF:29:03:08:1D:ED:E9:9C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lA4qcW5diYld_qLvKQMIHe3pnGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/8e4Eyom1DEiwtMxO7Nlo_unBXk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/851d66-b956-4bce-8bd6-5451441ea633/1/lA4qcW5diYld_qLvKQMIHe3pnGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:970::/48
Signature Algorithm: sha256WithRSAEncryption
74:24:5b:41:d1:1e:04:42:fc:cc:41:42:23:1a:ae:cb:e2:fc:
cf:ec:b3:86:e4:21:be:3e:39:13:16:50:c3:ca:c6:b1:74:18:
62:ad:f7:b0:fc:98:4e:ce:85:5a:02:33:51:28:a1:84:8c:a1:
a9:e7:16:5f:5e:16:d7:4e:b7:7a:23:b6:40:08:dd:36:ec:c9:
55:d9:72:bb:cc:54:2b:ca:4c:30:18:f7:0f:db:d2:02:43:a2:
a9:bd:b2:4c:df:4b:2a:bb:ba:cc:82:70:75:ca:73:1e:1a:bb:
48:d5:69:35:12:09:28:85:6a:cb:9e:2d:fb:0c:50:dc:3d:59:
d0:33:e1:84:37:6e:3e:f9:ea:d5:93:97:c7:17:b6:4e:ff:66:
4d:58:d5:e7:c0:9a:98:d5:b0:91:37:48:f0:81:75:47:68:ed:
6a:8c:3e:44:31:bd:81:29:8f:e2:f7:42:9a:b7:13:eb:41:be:
e8:1f:52:6d:94:49:fb:bb:50:fb:ee:db:e3:0c:ac:f9:c2:46:
aa:5b:36:f6:e8:44:cd:d9:87:15:30:31:23:68:de:30:be:95:
a8:90:95:48:bf:82:10:7c:0d:74:98:48:a4:32:4b:dc:2c:31:
87:6a:41:e3:03:66:b8:c8:f0:02:b8:5c:94:71:d1:8b:53:12:
b8:5c:55:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzF2++Zn6a9Ag5X0gGwj/Z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGUyYTcxNmU1ZDg5ODk1ZGZlYTJlZjI5MDMwODFkZWRl
OTljNjgwHhcNMjQwMTAxMTYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWVlMDRjYTg5YjUwYzQ4YjBiNGNjNGVlY2Q5NjhmZWU5YzE1ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZSjsey50nT2G0hxCSA7kbTFoIci
vQ1YIo7rDdvLEmxuPHmynuOUH2IcgU1HayRGW+PIXOhxS8eDFf5luSCTInDSryC+
2lrJAWsgmJvO/xG7hhPLPplXHPYfZLpf7Hh+mXSi78bIXhLpimOiJf4hoJKgf4nv
T9ji8ziKKjca+euJJfuDJrnFyyMpo5KFjhBMqfxcS4D9WB8hsXEknUGwubecC8ds
bVYz7KcYQe7uu4gKpPlSv2iY5R4lXR48s4gx9X+uQBsPGUuykWz3PfCeNIb4BIEC
vqtf8qHtb4+8yF+Njhpl4IZK0GMw+WOgUmqF928+sTyHsmKFaOc8erDxMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPHuBMqJtQxIsLTMTuzZaP7pwV5PMB8GA1UdIwQY
MBaAFJQOKnFuXYmJXf6i7ykDCB3t6ZxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEE0cWNXNWRpWWxkX3FMdktRTUlIZTNwbkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi84NTFkNjYtYjk1Ni00YmNlLThiZDYt
NTQ1MTQ0MWVhNjMzLzEvOGU0RXlvbTFERWl3dE14TzdObG9fdW5CWGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi84NTFkNjYtYjk1Ni00YmNlLThiZDYtNTQ1MTQ0MWVhNjMz
LzEvbEE0cWNXNWRpWWxkX3FMdktRTUlIZTNwbkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAlw
MA0GCSqGSIb3DQEBCwUAA4IBAQB0JFtB0R4EQvzMQUIjGq7L4vzP7LOG5CG+PjkT
FlDDysaxdBhirfew/JhOzoVaAjNRKKGEjKGp5xZfXhbXTrd6I7ZACN027MlV2XK7
zFQrykwwGPcP29ICQ6KpvbJM30squ7rMgnB1ynMeGrtI1Wk1EgkohWrLni37DFDc
PVnQM+GEN24++erVk5fHF7ZO/2ZNWNXnwJqY1bCRN0jwgXVHaO1qjD5EMb2BKY/i
90KatxPrQb7oH1JtlEn7u1D77tvjDKz5wkaqWzb26ETN2YcVMDEjaN4wvpWokJVI
v4IQfA10mEikMkvcLDGHakHjA2a4yPACuFyUcdGLUxK4XFXR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:17 2025 by rpki-client