Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/vtYtYuhvjg1T4BhVaI4zFpktgxQ.roa
File: vtYtYuhvjg1T4BhVaI4zFpktgxQ.roa (raw, json)
Hash identifier: IKWSCdeiniVRZpzJ7VfSoxk6PI51vEUka7uIJk6vB8w=
Subject key identifier: BE:D6:2D:62:E8:6F:8E:0D:53:E0:18:55:68:8E:33:16:99:2D:83:14
Certificate issuer: /CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Certificate serial: 01941FFA0345E632CEEF117C14CB026726CD
Authority key identifier: E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/vtYtYuhvjg1T4BhVaI4zFpktgxQ.roa
Signing time: Wed 01 Jan 2025 03:47:45 +0000
ROA not before: Wed 01 Jan 2025 03:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199685
IP address blocks: 2001:67c:2aa0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:03:45:e6:32:ce:ef:11:7c:14:cb:02:67:26:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e12f64f7f697aa9b6e9982c0b76bb7842133876a
Validity
Not Before: Jan 1 03:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bed62d62e86f8e0d53e01855688e3316992d8314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:65:5c:6a:04:ac:ea:1c:85:ee:dd:f2:44:2a:
20:6b:e4:ca:ca:cf:94:ff:8e:51:af:6e:9b:e4:53:
b4:26:10:c2:05:18:45:30:a4:c5:10:cb:a7:ad:ca:
34:2a:2b:9c:8d:25:9a:10:7b:18:b8:7c:df:f6:9e:
c9:d8:ed:f6:22:39:09:b4:77:d5:e8:05:e2:86:3c:
f8:41:44:ad:20:6e:e5:d3:6c:75:93:e5:33:d1:f0:
0e:8c:db:f7:0a:11:e0:8e:46:28:82:aa:64:d9:73:
19:68:0c:a5:be:f7:33:33:9b:d7:5f:c2:c9:90:86:
b7:c2:19:8d:24:8f:60:77:1e:07:77:d8:df:ba:5b:
54:a2:75:90:90:07:10:57:2c:71:1e:9e:96:6f:58:
59:a1:69:7b:cc:59:82:46:d0:94:a8:7a:c4:ab:c1:
d6:72:c2:fa:1b:7b:a2:1a:a6:0f:17:29:19:cc:09:
c9:57:1a:d4:c4:66:f1:c4:45:1c:ae:56:c6:f8:03:
b1:c9:86:79:39:94:c5:3f:31:7c:32:6b:a4:70:6a:
d7:f2:9d:41:07:0e:c8:87:bc:0c:16:3d:af:64:12:
32:08:4d:51:c7:50:75:16:1a:1a:63:e9:a4:a4:d1:
68:cc:01:2a:f0:77:e8:24:3e:a9:54:bb:c3:0d:70:
52:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:D6:2D:62:E8:6F:8E:0D:53:E0:18:55:68:8E:33:16:99:2D:83:14
X509v3 Authority Key Identifier:
keyid:E1:2F:64:F7:F6:97:AA:9B:6E:99:82:C0:B7:6B:B7:84:21:33:87:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4S9k9_aXqptumYLAt2u3hCEzh2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/vtYtYuhvjg1T4BhVaI4zFpktgxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/e7d1a9-ac76-4a9f-b175-47c10a5ce534/1/4S9k9_aXqptumYLAt2u3hCEzh2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2aa0::/48
Signature Algorithm: sha256WithRSAEncryption
50:34:6b:8c:a1:af:30:6a:74:bd:ec:6f:39:d4:30:bc:cb:dc:
fc:6c:7a:c3:d4:bd:e7:d9:06:42:c4:e3:11:93:b9:f2:ac:4a:
82:d6:2f:f2:de:3c:3a:3a:6d:2a:fe:5c:31:52:d0:95:cd:62:
b4:a0:f2:dc:57:e9:ea:d6:5e:c1:f3:02:e8:07:ee:c3:da:e0:
01:4d:00:97:cf:55:6d:75:ec:d2:13:ab:3a:99:f4:8e:fd:40:
30:05:30:48:76:f5:9c:5d:25:5d:d7:ad:96:02:67:0d:95:66:
b4:da:e6:d6:b3:eb:0b:a3:85:d7:b6:13:bf:b5:3b:4f:54:c8:
9a:8a:36:27:ee:55:bc:4a:3c:28:72:2c:f1:30:7f:b6:23:2c:
8d:f8:9f:78:57:ff:9d:d5:f0:0e:b2:2f:12:0d:dd:58:c5:71:
77:07:a2:8e:eb:5e:20:7c:71:d6:e5:dc:66:82:c6:08:1c:e7:
74:12:9b:9f:2c:11:ca:95:1e:e8:07:c7:71:fc:7c:0c:24:6d:
22:31:72:80:a0:6d:1e:99:12:82:d7:7d:ea:0d:1b:fb:4e:8f:
11:2f:01:6b:e3:6b:a8:4f:6c:0b:41:be:fb:bc:e6:10:92:f5:
48:9d:13:d0:5c:0b:5d:af:cd:32:3e:83:f6:98:e3:96:5d:e6:
92:63:96:20
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+gNF5jLO7xF8FMsCZybNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMmY2NGY3ZjY5N2FhOWI2ZTk5ODJjMGI3NmJiNzg0MjEz
Mzg3NmEwHhcNMjUwMTAxMDM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWQ2MmQ2MmU4NmY4ZTBkNTNlMDE4NTU2ODhlMzMxNjk5MmQ4MzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGVcagSs6hyF7t3yRCoga+TKys+U
/45Rr26b5FO0JhDCBRhFMKTFEMunrco0KiucjSWaEHsYuHzf9p7J2O32IjkJtHfV
6AXihjz4QUStIG7l02x1k+Uz0fAOjNv3ChHgjkYogqpk2XMZaAylvvczM5vXX8LJ
kIa3whmNJI9gdx4Hd9jfultUonWQkAcQVyxxHp6Wb1hZoWl7zFmCRtCUqHrEq8HW
csL6G3uiGqYPFykZzAnJVxrUxGbxxEUcrlbG+AOxyYZ5OZTFPzF8MmukcGrX8p1B
Bw7Ih7wMFj2vZBIyCE1Rx1B1FhoaY+mkpNFozAEq8HfoJD6pVLvDDXBSlQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL7WLWLob44NU+AYVWiOMxaZLYMUMB8GA1UdIwQY
MBaAFOEvZPf2l6qbbpmCwLdrt4QhM4dqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUt
NDdjMTBhNWNlNTM0LzEvdnRZdFl1aHZqZzFUNEJoVmFJNHpGcGt0Z3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9lN2QxYTktYWM3Ni00YTlmLWIxNzUtNDdjMTBhNWNlNTM0
LzEvNFM5azlfYVhxcHR1bVlMQXQydTNoQ0V6aDJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBQNGuMoa8wanS97G851DC8y9z8bHrD1L3n2QZC
xOMRk7nyrEqC1i/y3jw6Om0q/lwxUtCVzWK0oPLcV+nq1l7B8wLoB+7D2uABTQCX
z1VtdezSE6s6mfSO/UAwBTBIdvWcXSVd162WAmcNlWa02ubWs+sLo4XXthO/tTtP
VMiaijYn7lW8SjwocizxMH+2IyyN+J94V/+d1fAOsi8SDd1YxXF3B6KO614gfHHW
5dxmgsYIHOd0EpufLBHKlR7oB8dx/HwMJG0iMXKAoG0emRKC133qDRv7To8RLwFr
42uoT2wLQb77vOYQkvVInRPQXAtdr80yPoP2mOOWXeaSY5Yg
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:34:40 2025 by rpki-client