Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/nMVNf2lQw6OBO1n2yk42KKveQrw.roa
File: nMVNf2lQw6OBO1n2yk42KKveQrw.roa (raw, json)
Hash identifier: wyqNzIcUGswTCmLW0W5XZCdk6EXaGRyb1txoc0qPRcI=
Subject key identifier: 9C:C5:4D:7F:69:50:C3:A3:81:3B:59:F6:CA:4E:36:28:AB:DE:42:BC
Certificate issuer: /CN=03485fbdb0b1a04d52e81dcdb95858916a1ddae4
Certificate serial: 019422202453C0C6A5D2AB9FF726BE604601
Authority key identifier: 03:48:5F:BD:B0:B1:A0:4D:52:E8:1D:CD:B9:58:58:91:6A:1D:DA:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A0hfvbCxoE1S6B3NuVhYkWod2uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/nMVNf2lQw6OBO1n2yk42KKveQrw.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211879
IP address blocks: 2001:67c:1b50::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:24:53:c0:c6:a5:d2:ab:9f:f7:26:be:60:46:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03485fbdb0b1a04d52e81dcdb95858916a1ddae4
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cc54d7f6950c3a3813b59f6ca4e3628abde42bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:19:ad:bc:79:95:07:28:9b:05:9f:6d:e7:ae:
1c:44:8e:f4:89:f7:ab:26:96:6a:2d:a6:88:f3:5b:
7c:52:dd:c0:2a:3f:c9:c2:ca:41:5d:45:88:22:91:
ee:30:e7:90:9e:8b:90:59:4d:b5:18:14:c7:75:68:
e7:5b:25:a4:7d:55:fe:23:44:1c:6d:93:72:bf:7b:
38:d9:e7:8f:7c:bb:44:bd:95:b5:83:eb:a6:67:24:
5b:c4:05:fe:22:12:0c:80:91:bd:19:46:fe:3b:73:
f5:06:6a:67:7d:67:b2:fd:b8:8f:3d:f2:60:33:7e:
09:8d:a6:ca:d5:31:23:a8:44:b4:60:a1:29:8c:a6:
98:14:ec:93:99:22:72:cc:31:97:13:55:4a:1f:a2:
d4:b1:5a:93:83:2b:94:f9:0b:55:da:00:d2:26:9a:
65:8b:94:98:bb:3d:cd:62:e7:7c:e4:bf:5b:30:b3:
d9:52:bc:84:26:50:3a:c9:52:c1:9e:f8:0e:a7:10:
e5:89:91:32:b9:6c:f7:5d:6a:c0:3d:fb:8f:34:8b:
86:a8:18:e0:be:be:34:8a:6c:33:e6:7b:c9:80:8a:
aa:a9:e0:9b:14:3a:7b:54:da:63:84:3d:12:a2:fb:
6e:91:73:d8:f8:cb:e5:7d:34:df:e7:91:b3:5e:a6:
8b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C5:4D:7F:69:50:C3:A3:81:3B:59:F6:CA:4E:36:28:AB:DE:42:BC
X509v3 Authority Key Identifier:
keyid:03:48:5F:BD:B0:B1:A0:4D:52:E8:1D:CD:B9:58:58:91:6A:1D:DA:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0hfvbCxoE1S6B3NuVhYkWod2uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/nMVNf2lQw6OBO1n2yk42KKveQrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/524e5b-a8ae-45ab-bbd9-4491845dcd47/1/A0hfvbCxoE1S6B3NuVhYkWod2uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1b50::/48
Signature Algorithm: sha256WithRSAEncryption
4d:17:0e:4c:df:2d:a8:40:67:cb:cd:0a:0e:fd:1d:70:b4:ed:
43:c9:62:b3:1d:9d:18:fa:da:8d:4d:6c:81:72:85:b6:78:6d:
35:85:0a:56:e2:1c:81:2d:30:a6:21:6b:b9:f4:a5:6d:ba:a6:
e3:ae:bd:0c:f7:83:18:5f:d4:ec:38:b5:f6:80:2c:2f:22:7e:
6e:8c:3d:94:25:7a:b1:9e:15:36:39:c9:39:6a:a0:1a:ce:85:
b1:82:db:1b:6f:86:a4:d0:ab:0e:bd:15:13:bb:b1:b1:43:22:
fd:fd:14:e3:05:df:c2:3d:41:75:ec:9c:a0:70:91:39:94:ca:
da:8c:dd:5d:0a:cf:e2:bf:f5:dc:26:b5:34:8c:a2:9e:31:ee:
a6:86:ab:96:4b:a7:92:cb:7b:06:bd:25:dd:12:e9:c8:c3:91:
8b:a9:16:67:db:0c:c7:4e:82:eb:19:46:50:dd:e2:dc:1c:bd:
2a:8b:4b:4e:d9:d1:46:b5:32:62:ec:02:2d:6a:63:d0:56:2a:
fa:e5:ee:67:00:8a:aa:a9:73:63:76:29:fc:0e:29:0d:66:69:
28:ac:d9:5c:e2:1b:c0:88:31:e6:cb:a5:b4:69:e0:93:e9:5c:
dd:41:64:6f:28:aa:74:50:d3:f2:ab:e0:2e:c7:b9:bc:57:5d:
0d:b2:c1:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiICRTwMal0quf9ya+YEYBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNDg1ZmJkYjBiMWEwNGQ1MmU4MWRjZGI5NTg1ODkxNmEx
ZGRhZTQwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M1NGQ3ZjY5NTBjM2EzODEzYjU5ZjZjYTRlMzYyOGFiZGU0MmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxmtvHmVByibBZ9t564cRI70ifer
JpZqLaaI81t8Ut3AKj/JwspBXUWIIpHuMOeQnouQWU21GBTHdWjnWyWkfVX+I0Qc
bZNyv3s42eePfLtEvZW1g+umZyRbxAX+IhIMgJG9GUb+O3P1BmpnfWey/biPPfJg
M34JjabK1TEjqES0YKEpjKaYFOyTmSJyzDGXE1VKH6LUsVqTgyuU+QtV2gDSJppl
i5SYuz3NYud85L9bMLPZUryEJlA6yVLBnvgOpxDliZEyuWz3XWrAPfuPNIuGqBjg
vr40imwz5nvJgIqqqeCbFDp7VNpjhD0SovtukXPY+MvlfTTf55GzXqaLtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJzFTX9pUMOjgTtZ9spONiir3kK8MB8GA1UdIwQY
MBaAFANIX72wsaBNUugdzblYWJFqHdrkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTBoZnZiQ3hvRTFTNkIzTnVWaFlrV29kMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81MjRlNWItYThhZS00NWFiLWJiZDkt
NDQ5MTg0NWRjZDQ3LzEvbk1WTmYybFF3Nk9CTzFuMnlrNDJLS3ZlUXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS81MjRlNWItYThhZS00NWFiLWJiZDktNDQ5MTg0NWRjZDQ3
LzEvQTBoZnZiQ3hvRTFTNkIzTnVWaFlrV29kMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBNFw5M3y2oQGfLzQoO/R1wtO1DyWKzHZ0Y+tqN
TWyBcoW2eG01hQpW4hyBLTCmIWu59KVtuqbjrr0M94MYX9TsOLX2gCwvIn5ujD2U
JXqxnhU2Ock5aqAazoWxgtsbb4ak0KsOvRUTu7GxQyL9/RTjBd/CPUF17JygcJE5
lMrajN1dCs/iv/XcJrU0jKKeMe6mhquWS6eSy3sGvSXdEunIw5GLqRZn2wzHToLr
GUZQ3eLcHL0qi0tO2dFGtTJi7AItamPQVir65e5nAIqqqXNjdin8DikNZmkorNlc
4hvAiDHmy6W0aeCT6VzdQWRvKKp0UNPyq+Aux7m8V10NssE5
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:11:11 2025 by rpki-client