Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/cdvkytGTuhzfI_n3jlQrgir1LVg.roa
File: cdvkytGTuhzfI_n3jlQrgir1LVg.roa (raw, json)
Hash identifier: bDSSCJ1WplO8Ib0UIaI2qA5CZAt1v6VMlLCWW3FIaSk=
Subject key identifier: 71:DB:E4:CA:D1:93:BA:1C:DF:23:F9:F7:8E:54:2B:82:2A:F5:2D:58
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 019420686AAF77E019FAA1316DF97B5B305C
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/cdvkytGTuhzfI_n3jlQrgir1LVg.roa
Signing time: Wed 01 Jan 2025 05:48:21 +0000
ROA not before: Wed 01 Jan 2025 05:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35052
IP address blocks: 2001:678:1c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6a:af:77:e0:19:fa:a1:31:6d:f9:7b:5b:30:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Jan 1 05:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71dbe4cad193ba1cdf23f9f78e542b822af52d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b4:bf:e3:d4:ab:98:97:77:56:59:ef:a2:f3:
a6:29:71:28:90:9d:16:fe:b0:cf:8c:ca:6a:96:24:
d8:5d:84:65:8f:0f:c4:01:8a:9f:6b:44:af:b4:11:
50:b2:89:3f:d6:20:7a:ae:59:f4:5f:61:ad:34:f4:
bb:36:63:24:58:26:ab:31:93:ee:55:a5:8b:38:c7:
ed:e2:dd:fc:d5:60:01:21:99:4e:04:60:a1:3e:d2:
f8:71:87:b2:8e:46:ea:da:06:ca:b2:cf:d4:a8:9d:
04:1f:8a:38:7e:9f:08:da:76:c6:28:17:16:87:c1:
34:f6:71:ad:99:dd:9c:f1:3f:f5:37:9e:c5:99:99:
8b:02:5c:65:15:cc:de:56:39:23:b0:44:95:e0:b1:
8b:de:92:d9:88:9f:35:1a:cb:af:bf:5d:22:ad:7f:
08:e0:5e:19:64:da:26:ef:2a:33:c7:7f:4c:de:c4:
5c:03:17:5f:7a:6b:1e:f9:9d:01:00:96:02:fa:9c:
e9:04:7d:37:c2:c3:55:8c:16:5c:8e:6a:4f:95:c9:
da:35:f7:5c:56:fc:27:2f:27:1c:ac:56:e2:4e:fd:
4c:32:62:58:ba:ba:a8:c9:e6:f2:2d:26:99:93:1f:
50:51:a0:02:ea:24:b6:33:0f:51:b4:62:43:cf:81:
84:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:DB:E4:CA:D1:93:BA:1C:DF:23:F9:F7:8E:54:2B:82:2A:F5:2D:58
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/cdvkytGTuhzfI_n3jlQrgir1LVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1c::/48
Signature Algorithm: sha256WithRSAEncryption
91:fd:e5:99:9d:d4:02:e8:e2:3c:40:be:a4:19:34:01:1f:d0:
77:ff:f3:e7:9f:d0:46:50:e4:d5:27:d4:37:32:64:2f:60:e7:
66:e7:a4:c7:7d:cd:18:7e:ce:72:48:3c:5a:e5:d1:f1:16:1f:
9d:47:5d:df:83:f8:67:b5:ce:1d:d5:4a:8d:48:d4:15:ae:e6:
87:9e:cb:57:7f:fe:58:c1:aa:04:67:bc:b3:b2:c7:c2:3b:39:
62:37:ad:74:66:d0:c3:b7:8b:07:30:c7:8a:f8:9c:fa:69:d9:
d2:e5:2c:9a:ef:03:14:8e:a7:be:fa:ff:2f:74:16:e5:07:a0:
b5:a7:76:28:73:54:58:88:ba:6b:07:19:32:f0:3a:8f:4a:4f:
d9:ea:2d:dc:4e:5f:af:8a:aa:dc:4a:ca:da:d5:76:b4:3f:1b:
c9:ec:e2:53:02:d7:52:77:81:ba:3b:8e:0f:0d:38:12:4b:c4:
3b:73:fa:ff:a2:d7:e2:26:e4:b4:6a:d9:4b:35:ad:45:3a:ca:
71:91:81:3c:d6:14:05:4b:2e:96:a6:1c:a2:32:8e:ce:9b:c2:
35:b8:09:43:f5:c4:1f:64:04:40:e3:a0:ce:6c:d9:b8:a9:d4:
ae:91:59:20:98:4e:d3:86:58:9d:ee:40:92:60:0b:59:90:5b:
43:6f:ec:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgaGqvd+AZ+qExbfl7WzBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjUwMTAxMDU0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWRiZTRjYWQxOTNiYTFjZGYyM2Y5Zjc4ZTU0MmI4MjJhZjUyZDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbS/49SrmJd3VlnvovOmKXEokJ0W
/rDPjMpqliTYXYRljw/EAYqfa0SvtBFQsok/1iB6rln0X2GtNPS7NmMkWCarMZPu
VaWLOMft4t381WABIZlOBGChPtL4cYeyjkbq2gbKss/UqJ0EH4o4fp8I2nbGKBcW
h8E09nGtmd2c8T/1N57FmZmLAlxlFczeVjkjsESV4LGL3pLZiJ81Gsuvv10irX8I
4F4ZZNom7yozx39M3sRcAxdfemse+Z0BAJYC+pzpBH03wsNVjBZcjmpPlcnaNfdc
VvwnLyccrFbiTv1MMmJYurqoyebyLSaZkx9QUaAC6iS2Mw9RtGJDz4GEVwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHHb5MrRk7oc3yP5945UK4Iq9S1YMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvY2R2a3l0R1R1aHpmSV9uM2psUXJnaXIxTFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAAc
MA0GCSqGSIb3DQEBCwUAA4IBAQCR/eWZndQC6OI8QL6kGTQBH9B3//Pnn9BGUOTV
J9Q3MmQvYOdm56THfc0Yfs5ySDxa5dHxFh+dR13fg/hntc4d1UqNSNQVruaHnstX
f/5YwaoEZ7yzssfCOzliN610ZtDDt4sHMMeK+Jz6adnS5Sya7wMUjqe++v8vdBbl
B6C1p3Yoc1RYiLprBxky8DqPSk/Z6i3cTl+viqrcSsra1Xa0PxvJ7OJTAtdSd4G6
O44PDTgSS8Q7c/r/otfiJuS0atlLNa1FOspxkYE81hQFSy6WphyiMo7Om8I1uAlD
9cQfZARA46DObNm4qdSukVkgmE7Thlid7kCSYAtZkFtDb+zZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:38:25 2025 by rpki-client