Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/OlU6obIQjael3LSg0ssh_4uTiio.roa
File: OlU6obIQjael3LSg0ssh_4uTiio.roa (raw, json)
Hash identifier: PEk/sjzeYnoi97rfsFTmYB012K4urx+cqdtXV/YTu3g=
Subject key identifier: 3A:55:3A:A1:B2:10:8D:A7:A5:DC:B4:A0:D2:CB:21:FF:8B:93:8A:2A
Certificate issuer: /CN=70675f6a57797c5ca96c3fb45e531bd32783016c
Certificate serial: 019425FC9B03C1081B40521630FCB62C386F
Authority key identifier: 70:67:5F:6A:57:79:7C:5C:A9:6C:3F:B4:5E:53:1B:D3:27:83:01:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGdfald5fFypbD-0XlMb0yeDAWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/OlU6obIQjael3LSg0ssh_4uTiio.roa
Signing time: Thu 02 Jan 2025 07:48:19 +0000
ROA not before: Thu 02 Jan 2025 07:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198903
IP address blocks: 2001:67c:65c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:9b:03:c1:08:1b:40:52:16:30:fc:b6:2c:38:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70675f6a57797c5ca96c3fb45e531bd32783016c
Validity
Not Before: Jan 2 07:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a553aa1b2108da7a5dcb4a0d2cb21ff8b938a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:41:0e:5c:e2:7e:5b:2b:6b:51:de:67:d6:9f:
66:c1:5b:c2:62:03:5d:ba:64:90:f8:74:af:7e:f4:
d2:54:93:98:42:e4:a2:2b:e3:89:db:6b:9d:a4:59:
e4:0b:b9:e9:4e:7b:8b:19:af:64:e0:9c:62:80:08:
cf:58:9a:73:4d:e1:b0:15:e5:61:19:47:b0:d0:29:
0e:80:1c:b7:ed:7d:4f:83:63:0a:2c:ee:ff:cd:d6:
b6:e7:f0:2c:b0:31:15:ae:59:16:43:00:86:2a:83:
2d:8b:bf:e5:f3:c6:22:5b:02:82:ed:6c:75:c3:95:
b3:1d:fd:11:89:40:1f:e4:c2:18:a3:0d:cb:52:47:
e4:7c:3f:56:79:e2:66:d6:9d:94:42:0c:c4:85:0a:
7e:eb:5d:2b:d6:65:3f:b6:a0:51:d6:95:bc:73:81:
8d:94:7e:1b:6a:ac:81:ed:17:36:ab:23:6b:64:f6:
82:de:9f:ee:e3:c6:ff:db:75:0a:ee:2c:f0:05:44:
34:78:50:fa:df:29:83:8b:ab:b5:ff:2c:e1:13:7f:
76:56:88:b5:f0:a2:c2:3a:e0:c9:59:c2:9e:fa:15:
05:97:ce:01:74:dd:f6:d3:a3:4e:5d:7f:08:06:23:
e3:b1:c6:56:93:6f:c3:54:49:e3:24:5e:06:53:dd:
fd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:55:3A:A1:B2:10:8D:A7:A5:DC:B4:A0:D2:CB:21:FF:8B:93:8A:2A
X509v3 Authority Key Identifier:
keyid:70:67:5F:6A:57:79:7C:5C:A9:6C:3F:B4:5E:53:1B:D3:27:83:01:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGdfald5fFypbD-0XlMb0yeDAWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/OlU6obIQjael3LSg0ssh_4uTiio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ac9481-6fca-4240-9ed1-c277d3716bd9/1/cGdfald5fFypbD-0XlMb0yeDAWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:65c::/48
Signature Algorithm: sha256WithRSAEncryption
8a:93:04:37:6c:24:94:7b:98:87:ec:7b:61:86:8f:1c:de:b4:
75:31:34:ed:f3:74:d4:cd:1b:e1:82:62:fa:6a:f8:2d:fd:97:
00:1d:3f:dd:a7:a9:c0:f2:c6:bd:4e:88:ce:6e:02:0b:fd:43:
7a:0b:74:1c:e0:a8:48:00:0c:38:57:40:0c:61:87:83:01:f6:
6d:36:03:35:8d:06:c0:c1:43:c8:98:8e:c2:40:5c:d5:63:ba:
ef:4f:fd:ee:eb:75:5d:fa:09:4e:47:45:99:99:a9:cd:fd:9b:
d7:80:1b:65:a5:98:18:87:a2:f4:c6:fb:53:ca:59:ab:90:2d:
fd:a2:e1:8b:76:77:66:f5:f8:43:3e:bf:5a:e1:21:52:68:3b:
6f:ef:17:e0:b5:1f:aa:12:95:87:4e:82:3c:de:d3:87:2e:cd:
fc:6f:69:98:39:02:f1:0a:30:8d:b4:94:97:1a:81:2f:24:a1:
54:ba:e8:82:ef:4b:8f:bc:a3:ea:44:cd:01:0a:f4:cc:4e:a2:
a8:d9:a3:d6:fb:68:97:83:18:ff:ee:e9:a7:a4:d5:08:0f:22:
4e:26:74:73:d3:70:96:3e:f0:80:6b:a3:a1:15:49:e9:67:e5:
f0:03:4b:2c:79:c8:3f:d1:9e:60:ca:8a:c8:92:ba:d3:39:df:
98:d4:ca:c7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/JsDwQgbQFIWMPy2LDhvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNjc1ZjZhNTc3OTdjNWNhOTZjM2ZiNDVlNTMxYmQzMjc4
MzAxNmMwHhcNMjUwMTAyMDc0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU1M2FhMWIyMTA4ZGE3YTVkY2I0YTBkMmNiMjFmZjhiOTM4YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0EOXOJ+WytrUd5n1p9mwVvCYgNd
umSQ+HSvfvTSVJOYQuSiK+OJ22udpFnkC7npTnuLGa9k4JxigAjPWJpzTeGwFeVh
GUew0CkOgBy37X1Pg2MKLO7/zda25/AssDEVrlkWQwCGKoMti7/l88YiWwKC7Wx1
w5WzHf0RiUAf5MIYow3LUkfkfD9WeeJm1p2UQgzEhQp+610r1mU/tqBR1pW8c4GN
lH4baqyB7Rc2qyNrZPaC3p/u48b/23UK7izwBUQ0eFD63ymDi6u1/yzhE392Voi1
8KLCOuDJWcKe+hUFl84BdN3206NOXX8IBiPjscZWk2/DVEnjJF4GU939CQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDpVOqGyEI2npdy0oNLLIf+Lk4oqMB8GA1UdIwQY
MBaAFHBnX2pXeXxcqWw/tF5TG9MngwFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0dkZmFsZDVmRnlwYkQtMFhsTWIweWVEQVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hYzk0ODEtNmZjYS00MjQwLTllZDEt
YzI3N2QzNzE2YmQ5LzEvT2xVNm9iSVFqYWVsM0xTZzBzc2hfNHVUaWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hYzk0ODEtNmZjYS00MjQwLTllZDEtYzI3N2QzNzE2YmQ5
LzEvY0dkZmFsZDVmRnlwYkQtMFhsTWIweWVEQVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAZc
MA0GCSqGSIb3DQEBCwUAA4IBAQCKkwQ3bCSUe5iH7Hthho8c3rR1MTTt83TUzRvh
gmL6avgt/ZcAHT/dp6nA8sa9TojObgIL/UN6C3Qc4KhIAAw4V0AMYYeDAfZtNgM1
jQbAwUPImI7CQFzVY7rvT/3u63Vd+glOR0WZmanN/ZvXgBtlpZgYh6L0xvtTylmr
kC39ouGLdndm9fhDPr9a4SFSaDtv7xfgtR+qEpWHToI83tOHLs38b2mYOQLxCjCN
tJSXGoEvJKFUuuiC70uPvKPqRM0BCvTMTqKo2aPW+2iXgxj/7umnpNUIDyJOJnRz
03CWPvCAa6OhFUnpZ+XwA0ssecg/0Z5gyorIkrrTOd+Y1MrH
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:04:02 2025 by rpki-client