Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/eKmkaw2M8tueZ_tzxfDI9F6CNcc.roa
File: eKmkaw2M8tueZ_tzxfDI9F6CNcc.roa (raw, json)
Hash identifier: fg34CUb41rhu+065E2VZ9qaIx2X2iqQ2jxGQO4GwQe4=
Subject key identifier: 78:A9:A4:6B:0D:8C:F2:DB:9E:67:FB:73:C5:F0:C8:F4:5E:82:35:C7
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 019423D6ED1ED86E8C602F263B85343670F6
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/eKmkaw2M8tueZ_tzxfDI9F6CNcc.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206186
IP address blocks: 2001:678:3b0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ed:1e:d8:6e:8c:60:2f:26:3b:85:34:36:70:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78a9a46b0d8cf2db9e67fb73c5f0c8f45e8235c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ef:7b:94:65:e4:78:75:4e:07:4d:5b:2a:3c:
3e:0d:7c:da:77:79:3b:60:c7:37:8f:7d:2a:91:d7:
76:35:5f:a9:94:23:b8:13:19:a4:16:d5:36:b8:42:
5c:03:ed:0c:70:17:b8:40:fc:34:07:cc:88:9c:0c:
50:99:60:8e:65:81:1d:00:3c:a9:af:09:8f:48:40:
68:36:57:f3:83:7a:d0:4a:b7:a0:c8:98:4e:b8:46:
a3:25:50:2b:4f:df:67:8f:c4:cf:b8:f8:69:4d:f8:
63:99:68:98:d0:0d:0c:9f:4e:d2:eb:d5:24:9c:38:
61:7d:5d:e4:68:48:e8:c4:b6:e4:3d:0b:a6:62:02:
aa:fb:d8:37:a3:d6:e7:47:3e:cd:2a:d8:b7:3f:10:
b0:8f:cf:a8:70:f0:a7:8f:cb:07:66:d5:58:5c:8c:
85:92:58:a1:0c:2a:8a:dc:63:c3:a5:6d:54:d4:36:
a2:30:8c:0f:fa:2d:8c:d8:d5:1d:19:88:a4:55:02:
f0:23:73:20:6a:21:ee:03:6f:33:a4:a2:30:7f:e1:
14:46:95:4d:6f:7c:bd:49:00:8a:2a:ae:90:7c:bc:
0f:29:61:d8:8f:d8:aa:cc:e2:63:a5:5d:5b:e4:d1:
fa:1d:6c:ce:41:a8:68:a9:21:7a:41:e6:ba:01:44:
dc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A9:A4:6B:0D:8C:F2:DB:9E:67:FB:73:C5:F0:C8:F4:5E:82:35:C7
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/eKmkaw2M8tueZ_tzxfDI9F6CNcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:3b0::/48
Signature Algorithm: sha256WithRSAEncryption
bd:b7:26:97:c9:8d:2b:ab:50:ff:f8:c8:26:06:52:12:af:6a:
1c:1a:4b:3b:a6:61:f2:73:99:c6:2d:e3:af:2c:4e:84:bd:aa:
d7:67:0e:be:a0:f3:12:db:bc:42:46:af:1c:99:dc:63:3c:a8:
66:4e:d8:2c:a1:77:8a:3d:0e:28:43:aa:e2:8e:0d:5f:eb:10:
8c:2f:06:78:db:e1:d2:29:0c:fa:cd:30:74:83:81:2a:a1:b9:
7b:7e:b8:65:be:6a:c5:55:7d:ab:84:e7:3c:f0:ad:7a:7a:51:
c4:93:5f:d4:7b:94:51:66:92:78:cc:ff:93:70:26:16:c5:02:
98:f6:c9:66:4f:95:09:73:5d:c2:0c:82:0d:e9:75:d3:db:d6:
a5:66:a3:5d:54:60:06:4d:ed:7f:6f:0b:14:1f:9e:42:e2:ee:
94:9e:1a:03:94:47:0d:87:97:e9:e7:88:14:5d:73:f7:f9:88:
0a:65:ad:d3:1e:ce:2a:e2:1d:ad:6d:7f:6e:78:04:d8:bb:32:
7d:8c:25:b7:43:18:61:26:e1:cf:67:ec:d6:0d:01:ae:ca:92:
72:fa:0a:57:46:9d:1e:2f:9f:e2:48:68:42:ac:bc:34:f4:b5:
2e:d2:bb:3c:df:74:aa:47:f3:ae:b1:ad:85:e6:90:4e:ec:18:
68:81:40:56
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1u0e2G6MYC8mO4U0NnD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE5YTQ2YjBkOGNmMmRiOWU2N2ZiNzNjNWYwYzhmNDVlODIzNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3O97lGXkeHVOB01bKjw+DXzad3k7
YMc3j30qkdd2NV+plCO4ExmkFtU2uEJcA+0McBe4QPw0B8yInAxQmWCOZYEdADyp
rwmPSEBoNlfzg3rQSregyJhOuEajJVArT99nj8TPuPhpTfhjmWiY0A0Mn07S69Uk
nDhhfV3kaEjoxLbkPQumYgKq+9g3o9bnRz7NKti3PxCwj8+ocPCnj8sHZtVYXIyF
klihDCqK3GPDpW1U1DaiMIwP+i2M2NUdGYikVQLwI3MgaiHuA28zpKIwf+EURpVN
b3y9SQCKKq6QfLwPKWHYj9iqzOJjpV1b5NH6HWzOQahoqSF6Qea6AUTcYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHippGsNjPLbnmf7c8XwyPRegjXHMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvZUtta2F3Mk04dHVlWl90enhmREk5RjZDTmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAOw
MA0GCSqGSIb3DQEBCwUAA4IBAQC9tyaXyY0rq1D/+MgmBlISr2ocGks7pmHyc5nG
LeOvLE6EvarXZw6+oPMS27xCRq8cmdxjPKhmTtgsoXeKPQ4oQ6rijg1f6xCMLwZ4
2+HSKQz6zTB0g4Eqobl7frhlvmrFVX2rhOc88K16elHEk1/Ue5RRZpJ4zP+TcCYW
xQKY9slmT5UJc13CDIIN6XXT29alZqNdVGAGTe1/bwsUH55C4u6UnhoDlEcNh5fp
54gUXXP3+YgKZa3THs4q4h2tbX9ueATYuzJ9jCW3QxhhJuHPZ+zWDQGuypJy+gpX
Rp0eL5/iSGhCrLw09LUu0rs833SqR/Ousa2F5pBO7BhogUBW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:38 2025 by rpki-client