Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/TMFEuWpJtp-N546RTZSeOr_ihcc.roa
File: TMFEuWpJtp-N546RTZSeOr_ihcc.roa (raw, json)
Hash identifier: 15tgIF1xV8iqz3lwud0LDIWMxNL1aGMOQ99+FVGNT5o=
Subject key identifier: 4C:C1:44:B9:6A:49:B6:9F:8D:E7:8E:91:4D:94:9E:3A:BF:E2:85:C7
Certificate issuer: /CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Certificate serial: 019423D7918D6697336CFFF2914829E5A0D9
Authority key identifier: 86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/TMFEuWpJtp-N546RTZSeOr_ihcc.roa
Signing time: Wed 01 Jan 2025 21:48:37 +0000
ROA not before: Wed 01 Jan 2025 21:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13020
IP address blocks: 2001:67c:20a1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:91:8d:66:97:33:6c:ff:f2:91:48:29:e5:a0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=860d9f01a98b514ebd3c2723d7f7eb448326f5e2
Validity
Not Before: Jan 1 21:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cc144b96a49b69f8de78e914d949e3abfe285c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:19:0a:2b:ae:85:d4:54:37:54:0a:76:c3:
bc:6b:9e:0e:e8:0a:1c:23:0f:a2:1e:3d:ce:d2:11:
72:68:a4:b9:32:74:87:63:a4:cf:7c:36:02:f3:5b:
e3:85:c7:18:ba:c2:c6:20:44:dd:5c:96:c9:96:77:
6e:72:f9:a3:57:36:c4:03:b7:59:b0:e5:de:8f:fc:
39:d2:38:2b:41:52:18:1a:2c:17:e1:26:fb:fc:08:
2b:2e:79:fa:1c:46:1b:88:f0:6a:8b:74:e0:94:1c:
4a:2a:96:ce:20:c0:4a:37:40:fc:7b:6e:85:0e:16:
bc:9a:d9:12:0c:54:b4:41:71:01:40:48:98:c8:e8:
9c:bd:9e:ee:6c:4f:da:c6:04:f0:cb:51:71:87:9c:
ef:17:fd:a7:df:71:4d:bf:53:74:e9:51:e4:58:0c:
5b:79:c8:97:58:d4:4c:e9:41:20:db:07:a4:df:8d:
6a:87:ee:67:c3:4a:4b:c0:58:99:8a:1e:6c:f4:86:
42:85:6e:d1:b6:05:08:e1:11:bb:a6:7e:6d:5e:a7:
1c:ca:99:2c:19:cc:56:0f:52:c8:96:8f:eb:cc:e6:
be:9d:1e:7b:74:42:80:0d:7f:cb:92:a9:61:15:ec:
9c:7d:20:4f:e2:2d:87:02:dd:71:88:ab:27:f4:1e:
5d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C1:44:B9:6A:49:B6:9F:8D:E7:8E:91:4D:94:9E:3A:BF:E2:85:C7
X509v3 Authority Key Identifier:
keyid:86:0D:9F:01:A9:8B:51:4E:BD:3C:27:23:D7:F7:EB:44:83:26:F5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hg2fAamLUU69PCcj1_frRIMm9eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/TMFEuWpJtp-N546RTZSeOr_ihcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/23bea6-9001-441d-8364-61cb43c2db85/1/hg2fAamLUU69PCcj1_frRIMm9eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:20a1::/48
Signature Algorithm: sha256WithRSAEncryption
aa:48:72:e8:56:12:c8:9a:3b:ad:0b:18:cd:c6:5f:22:d2:1c:
73:6d:19:89:b2:47:73:4a:8f:00:1c:cd:80:f8:62:95:78:e8:
db:08:5c:30:99:4a:41:0c:c8:2f:35:d7:e7:7a:30:24:e3:fa:
2e:6d:3d:08:48:ad:95:77:61:63:96:0b:93:70:6b:a2:8e:4b:
2a:ca:db:0f:77:1a:8e:bb:01:91:3a:22:63:49:6e:53:6e:32:
b3:21:c0:83:b1:2c:4d:75:f5:c2:46:c3:9a:67:62:2b:57:a8:
3f:3e:df:64:2e:91:77:30:ce:24:c8:84:6e:e8:85:29:43:20:
47:52:3f:a6:14:f9:5b:2f:08:78:22:10:b8:f1:c5:a0:fa:22:
a6:9d:4f:fa:d9:84:e2:f2:13:5a:85:90:13:2f:93:f2:42:68:
13:28:c7:e0:eb:92:57:3f:89:20:d4:76:9d:97:cc:f0:26:fd:
bc:61:c2:25:19:99:28:4e:25:56:75:22:da:21:2a:3d:95:17:
49:d6:23:ec:d4:ab:f8:e6:dc:e6:71:a1:09:53:95:7a:6b:29:
a0:c9:72:a1:e5:0e:ba:67:bd:d3:3e:24:11:a0:14:96:e4:2d:
21:3c:72:20:c8:6f:f9:06:ec:7a:9b:a1:78:fb:0f:d3:98:e7:
a9:02:df:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj15GNZpczbP/ykUgp5aDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MGQ5ZjAxYTk4YjUxNGViZDNjMjcyM2Q3ZjdlYjQ0ODMy
NmY1ZTIwHhcNMjUwMTAxMjE0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2MxNDRiOTZhNDliNjlmOGRlNzhlOTE0ZDk0OWUzYWJmZTI4NWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSEZCiuuhdRUN1QKdsO8a54O6Aoc
Iw+iHj3O0hFyaKS5MnSHY6TPfDYC81vjhccYusLGIETdXJbJlnducvmjVzbEA7dZ
sOXej/w50jgrQVIYGiwX4Sb7/AgrLnn6HEYbiPBqi3TglBxKKpbOIMBKN0D8e26F
Dha8mtkSDFS0QXEBQEiYyOicvZ7ubE/axgTwy1Fxh5zvF/2n33FNv1N06VHkWAxb
eciXWNRM6UEg2wek341qh+5nw0pLwFiZih5s9IZChW7RtgUI4RG7pn5tXqccypks
GcxWD1LIlo/rzOa+nR57dEKADX/LkqlhFeycfSBP4i2HAt1xiKsn9B5d2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEzBRLlqSbafjeeOkU2Unjq/4oXHMB8GA1UdIwQY
MBaAFIYNnwGpi1FOvTwnI9f360SDJvXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQt
NjFjYjQzYzJkYjg1LzEvVE1GRXVXcEp0cC1ONTQ2UlRaU2VPcl9paGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8yM2JlYTYtOTAwMS00NDFkLTgzNjQtNjFjYjQzYzJkYjg1
LzEvaGcyZkFhbUxVVTY5UENjajFfZnJSSU1tOWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCCh
MA0GCSqGSIb3DQEBCwUAA4IBAQCqSHLoVhLImjutCxjNxl8i0hxzbRmJskdzSo8A
HM2A+GKVeOjbCFwwmUpBDMgvNdfnejAk4/oubT0ISK2Vd2FjlguTcGuijksqytsP
dxqOuwGROiJjSW5TbjKzIcCDsSxNdfXCRsOaZ2IrV6g/Pt9kLpF3MM4kyIRu6IUp
QyBHUj+mFPlbLwh4IhC48cWg+iKmnU/62YTi8hNahZATL5PyQmgTKMfg65JXP4kg
1Hadl8zwJv28YcIlGZkoTiVWdSLaISo9lRdJ1iPs1Kv45tzmcaEJU5V6aymgyXKh
5Q66Z73TPiQRoBSW5C0hPHIgyG/5Bux6m6F4+w/TmOepAt/E
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:50:40 2025 by rpki-client