Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/I8hH4YeV3HM0yWrc52lfIOhYTt8.roa
File: I8hH4YeV3HM0yWrc52lfIOhYTt8.roa (raw, json)
Hash identifier: colmP8j9TQydvYGFc1+glmJgVJjDM5AxsV+6TerMW6o=
Subject key identifier: 23:C8:47:E1:87:95:DC:73:34:C9:6A:DC:E7:69:5F:20:E8:58:4E:DF
Certificate issuer: /CN=d0e65348dc13c85499c7774d156614c120118ab5
Certificate serial: 01941F8C3D915391AF1A740310086E1009FE
Authority key identifier: D0:E6:53:48:DC:13:C8:54:99:C7:77:4D:15:66:14:C1:20:11:8A:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/I8hH4YeV3HM0yWrc52lfIOhYTt8.roa
Signing time: Wed 01 Jan 2025 01:47:51 +0000
ROA not before: Wed 01 Jan 2025 01:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197942
IP address blocks: 2001:678:4b0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:3d:91:53:91:af:1a:74:03:10:08:6e:10:09:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e65348dc13c85499c7774d156614c120118ab5
Validity
Not Before: Jan 1 01:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23c847e18795dc7334c96adce7695f20e8584edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:b5:fd:93:a2:1a:43:d9:e7:4b:57:9d:53:
2d:ae:9f:96:b5:9a:3d:16:27:81:ae:dc:77:d0:38:
d1:aa:71:9d:5e:38:6b:95:2d:48:95:45:7f:14:d3:
bc:84:9d:e8:67:dc:07:e9:58:e5:2c:13:9c:75:c9:
0f:bb:f8:5e:7d:2d:f2:d5:e8:74:9c:9b:86:da:30:
c8:29:a3:f5:af:db:87:a3:ff:db:8d:55:48:ab:cd:
b4:fb:47:0c:67:04:61:25:0d:bb:e2:75:06:35:6a:
c8:29:e2:89:9c:aa:e6:2d:3b:75:1f:69:94:bf:84:
4f:fe:6f:8a:c0:91:2d:0b:1f:ee:99:31:4b:bb:02:
50:0a:b2:9e:32:55:40:c4:7b:57:5c:08:9d:27:ce:
38:ff:04:cd:90:74:08:09:1a:5b:46:be:b6:ee:db:
28:b2:78:b9:79:a2:65:8f:75:cc:0d:e6:9f:04:8d:
bd:63:89:17:ee:8f:59:20:93:36:14:2a:df:c8:c2:
f5:74:28:06:7b:02:76:17:41:6f:43:0e:8e:3a:52:
e6:36:9e:74:90:42:e1:5e:e2:63:88:65:9b:c7:96:
4e:e7:1a:f1:57:95:1c:cf:46:1f:67:04:ee:31:91:
89:2f:07:42:b1:ec:4d:88:86:96:81:88:57:ac:9b:
5f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C8:47:E1:87:95:DC:73:34:C9:6A:DC:E7:69:5F:20:E8:58:4E:DF
X509v3 Authority Key Identifier:
keyid:D0:E6:53:48:DC:13:C8:54:99:C7:77:4D:15:66:14:C1:20:11:8A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OZTSNwTyFSZx3dNFWYUwSARirU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/I8hH4YeV3HM0yWrc52lfIOhYTt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d7a4a7-07e2-48ad-ba56-0db0ec1e945c/1/0OZTSNwTyFSZx3dNFWYUwSARirU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:4b0::/48
Signature Algorithm: sha256WithRSAEncryption
9c:1e:ef:26:39:39:c9:91:1b:89:55:1c:7a:c2:7a:4d:e9:e0:
c3:29:1c:77:12:73:dc:d7:47:fe:40:16:5d:46:1f:25:3e:75:
fc:dc:44:17:fc:e1:b5:ec:0e:f2:09:46:21:4c:3a:a7:6e:2c:
3d:40:b9:28:79:df:95:37:b3:2b:29:ac:a6:bb:e1:90:2d:22:
7f:e0:08:f3:1e:8f:75:57:92:44:42:a6:b4:5a:e4:7f:35:4e:
b6:8a:30:8c:02:66:49:12:48:b3:f4:40:8c:db:20:9b:a8:d1:
89:11:57:a6:83:e2:e2:0c:15:95:98:a9:2f:3f:b2:5a:ca:23:
8e:9b:cc:72:25:f1:f6:98:b4:d0:ee:c4:fc:37:41:9e:6f:ca:
2a:d6:2c:55:bf:fb:67:83:f7:50:0e:18:6c:cb:4a:d7:28:89:
39:af:e1:c7:d5:ef:02:ba:1d:4b:e6:c2:dc:04:62:10:07:d6:
f6:de:65:50:d9:8c:e3:f2:ab:f2:90:0f:b5:2e:ac:0c:26:58:
29:c9:b4:d4:97:5c:98:6b:e6:12:5b:c5:ab:52:16:77:f3:db:
d7:b6:e8:62:bc:f7:4a:43:bd:86:09:54:85:9c:e0:b1:e1:73:
33:5c:31:8f:91:1c:bb:bb:72:97:ef:0e:ac:fc:15:70:aa:98:
b5:40:0c:a3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjD2RU5GvGnQDEAhuEAn+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZTY1MzQ4ZGMxM2M4NTQ5OWM3Nzc0ZDE1NjYxNGMxMjAx
MThhYjUwHhcNMjUwMTAxMDE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M4NDdlMTg3OTVkYzczMzRjOTZhZGNlNzY5NWYyMGU4NTg0ZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8q1/ZOiGkPZ50tXnVMtrp+WtZo9
FieBrtx30DjRqnGdXjhrlS1IlUV/FNO8hJ3oZ9wH6VjlLBOcdckPu/hefS3y1eh0
nJuG2jDIKaP1r9uHo//bjVVIq820+0cMZwRhJQ274nUGNWrIKeKJnKrmLTt1H2mU
v4RP/m+KwJEtCx/umTFLuwJQCrKeMlVAxHtXXAidJ844/wTNkHQICRpbRr627tso
sni5eaJlj3XMDeafBI29Y4kX7o9ZIJM2FCrfyML1dCgGewJ2F0FvQw6OOlLmNp50
kELhXuJjiGWbx5ZO5xrxV5Ucz0YfZwTuMZGJLwdCsexNiIaWgYhXrJtfewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCPIR+GHldxzNMlq3OdpXyDoWE7fMB8GA1UdIwQY
MBaAFNDmU0jcE8hUmcd3TRVmFMEgEYq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kN2E0YTctMDdlMi00OGFkLWJhNTYt
MGRiMGVjMWU5NDVjLzEvSThoSDRZZVYzSE0weVdyYzUybGZJT2hZVHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9kN2E0YTctMDdlMi00OGFkLWJhNTYtMGRiMGVjMWU5NDVj
LzEvME9aVFNOd1R5RlNaeDNkTkZXWVV3U0FSaXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeASw
MA0GCSqGSIb3DQEBCwUAA4IBAQCcHu8mOTnJkRuJVRx6wnpN6eDDKRx3EnPc10f+
QBZdRh8lPnX83EQX/OG17A7yCUYhTDqnbiw9QLkoed+VN7MrKaymu+GQLSJ/4Ajz
Ho91V5JEQqa0WuR/NU62ijCMAmZJEkiz9ECM2yCbqNGJEVemg+LiDBWVmKkvP7Ja
yiOOm8xyJfH2mLTQ7sT8N0Geb8oq1ixVv/tng/dQDhhsy0rXKIk5r+HH1e8Cuh1L
5sLcBGIQB9b23mVQ2Yzj8qvykA+1LqwMJlgpybTUl1yYa+YSW8WrUhZ389vXtuhi
vPdKQ72GCVSFnOCx4XMzXDGPkRy7u3KX7w6s/BVwqpi1QAyj
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:21:55 2025 by rpki-client