Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/pedXVkU_3_VDst7sTxTSsbn2Em4.roa
File: pedXVkU_3_VDst7sTxTSsbn2Em4.roa (raw, json)
Hash identifier: 3VM8cHkV3+LaUs7pbcy8XQqPPtDXhoRXeq5taS4kpbU=
Subject key identifier: A5:E7:57:56:45:3F:DF:F5:43:B2:DE:EC:4F:14:D2:B1:B9:F6:12:6E
Certificate issuer: /CN=ca886d5587ec85f71242cd57ced409544528168d
Certificate serial: 01941F8C91648B2DB6BEA2EF9DE957316551
Authority key identifier: CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/pedXVkU_3_VDst7sTxTSsbn2Em4.roa
Signing time: Wed 01 Jan 2025 01:48:13 +0000
ROA not before: Wed 01 Jan 2025 01:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206858
IP address blocks: 2001:678:d88::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:91:64:8b:2d:b6:be:a2:ef:9d:e9:57:31:65:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca886d5587ec85f71242cd57ced409544528168d
Validity
Not Before: Jan 1 01:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a5e75756453fdff543b2deec4f14d2b1b9f6126e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d6:e7:85:29:12:e7:45:fc:75:0d:e7:0c:06:
ba:a6:03:96:cd:37:60:a8:e9:a8:f3:16:75:c4:c8:
f4:6d:d0:b8:c6:d6:62:47:44:61:ee:34:82:7a:be:
a6:75:4b:72:c5:d6:38:90:50:00:41:d0:e7:da:7c:
de:8f:ff:1e:cb:1a:92:d8:b7:7c:9f:65:9c:ac:b1:
2f:50:56:a7:b4:c6:44:92:70:0a:bd:5e:73:9e:09:
17:0e:b5:db:d3:ba:89:8d:9a:4e:5c:44:55:33:ee:
e8:f6:52:57:87:89:4b:30:cc:dc:60:22:83:51:7c:
14:d3:4f:6d:9a:eb:29:c1:17:68:7b:e8:41:e6:0c:
92:0f:f3:44:93:9c:4b:28:1f:94:52:98:25:36:61:
ed:12:e4:3e:e6:81:6c:ae:3d:32:92:85:69:d4:52:
48:e9:1f:31:74:c7:b5:72:82:c2:e4:98:f1:0c:41:
67:f7:d3:c3:1d:e4:a7:52:2f:fe:bb:6e:10:bb:75:
fb:7b:2d:51:7b:7c:4f:b2:2f:a4:8a:70:ac:d8:69:
23:80:8c:37:d1:f5:d1:ec:9a:cc:8a:68:f5:a1:8c:
87:57:32:d7:d5:9c:6b:a6:b2:41:9e:dd:6b:6b:f1:
ef:dd:7d:63:c6:36:e9:3c:e3:91:21:e6:60:ba:02:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E7:57:56:45:3F:DF:F5:43:B2:DE:EC:4F:14:D2:B1:B9:F6:12:6E
X509v3 Authority Key Identifier:
keyid:CA:88:6D:55:87:EC:85:F7:12:42:CD:57:CE:D4:09:54:45:28:16:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yohtVYfshfcSQs1XztQJVEUoFo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/pedXVkU_3_VDst7sTxTSsbn2Em4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/fe82d1-1575-47c1-9f22-c7e2520c4cea/1/yohtVYfshfcSQs1XztQJVEUoFo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d88::/48
Signature Algorithm: sha256WithRSAEncryption
10:a7:b2:e9:f3:84:fb:a1:d3:97:64:3f:da:23:22:1f:a1:cf:
7d:a8:b2:b9:fe:6e:4f:15:73:aa:01:d5:49:68:72:27:66:66:
c0:9b:7d:f7:f7:18:47:ca:4f:81:88:ec:b7:fd:59:d3:90:24:
28:ed:bc:c6:62:11:a3:40:97:13:dc:63:94:70:b1:c6:8c:d0:
dc:87:fd:cb:3c:3c:bf:00:fd:2d:f4:dd:4d:de:95:87:82:44:
e6:d0:f8:af:0d:40:c6:07:2b:bb:dc:fc:a2:70:8f:f5:26:6d:
f1:14:ef:c5:2a:eb:fd:aa:0a:b2:10:cc:a2:09:80:12:d4:4d:
2b:a7:1d:90:f0:b0:80:7d:11:ec:48:90:81:7e:90:91:d4:c9:
7a:a2:b2:05:7f:f4:50:35:08:c5:0e:ed:ca:96:aa:d8:fe:07:
6a:26:52:ea:8a:85:75:cb:49:ac:63:8a:37:a2:fa:7b:64:f0:
e9:95:26:31:15:b4:3a:33:58:05:46:e6:b3:1c:80:55:a0:0b:
1c:ab:82:21:42:5a:0a:97:3b:a8:9f:a9:19:fc:8d:b1:5b:ff:
af:79:dd:f5:15:d1:04:2b:07:6a:1f:75:5c:75:b4:84:b2:cc:
b6:f8:86:2b:c8:73:b5:b1:e1:0a:73:d6:97:d2:10:9e:24:8b:
ca:59:01:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjJFkiy22vqLvnelXMWVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhODg2ZDU1ODdlYzg1ZjcxMjQyY2Q1N2NlZDQwOTU0NDUy
ODE2OGQwHhcNMjUwMTAxMDE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWU3NTc1NjQ1M2ZkZmY1NDNiMmRlZWM0ZjE0ZDJiMWI5ZjYxMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8NbnhSkS50X8dQ3nDAa6pgOWzTdg
qOmo8xZ1xMj0bdC4xtZiR0Rh7jSCer6mdUtyxdY4kFAAQdDn2nzej/8eyxqS2Ld8
n2WcrLEvUFantMZEknAKvV5zngkXDrXb07qJjZpOXERVM+7o9lJXh4lLMMzcYCKD
UXwU009tmuspwRdoe+hB5gySD/NEk5xLKB+UUpglNmHtEuQ+5oFsrj0ykoVp1FJI
6R8xdMe1coLC5JjxDEFn99PDHeSnUi/+u24Qu3X7ey1Re3xPsi+kinCs2GkjgIw3
0fXR7JrMimj1oYyHVzLX1ZxrprJBnt1ra/Hv3X1jxjbpPOORIeZgugKLAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKXnV1ZFP9/1Q7Le7E8U0rG59hJuMB8GA1UdIwQY
MBaAFMqIbVWH7IX3EkLNV87UCVRFKBaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjIt
YzdlMjUyMGM0Y2VhLzEvcGVkWFZrVV8zX1ZEc3Q3c1R4VFNzYm4yRW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mZTgyZDEtMTU3NS00N2MxLTlmMjItYzdlMjUyMGM0Y2Vh
LzEveW9odFZZZnNoZmNTUXMxWHp0UUpWRVVvRm8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA2I
MA0GCSqGSIb3DQEBCwUAA4IBAQAQp7Lp84T7odOXZD/aIyIfoc99qLK5/m5PFXOq
AdVJaHInZmbAm3339xhHyk+BiOy3/VnTkCQo7bzGYhGjQJcT3GOUcLHGjNDch/3L
PDy/AP0t9N1N3pWHgkTm0PivDUDGByu73PyicI/1Jm3xFO/FKuv9qgqyEMyiCYAS
1E0rpx2Q8LCAfRHsSJCBfpCR1Ml6orIFf/RQNQjFDu3KlqrY/gdqJlLqioV1y0ms
Y4o3ovp7ZPDplSYxFbQ6M1gFRuazHIBVoAscq4IhQloKlzuon6kZ/I2xW/+ved31
FdEEKwdqH3VcdbSEssy2+IYryHO1seEKc9aX0hCeJIvKWQE2
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:18 2025 by rpki-client