Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/da374f-d694-45e2-94e2-91a0034a989e/1/pZjQfG12G_tUKYaEkvnLZUTVbws.roa
File: pZjQfG12G_tUKYaEkvnLZUTVbws.roa (raw, json)
Hash identifier: dmPm4kVANU0TIQJn0Fmatq8TN1c2CZw4+USK4XmWGtU=
Subject key identifier: A5:98:D0:7C:6D:76:1B:FB:54:29:86:84:92:F9:CB:65:44:D5:6F:0B
Certificate issuer: /CN=daa12ed63a484c03d4c3c271cb2eff0553e12370
Certificate serial: 019424B3CF3ACB0BE95885362E173FD3BE50
Authority key identifier: DA:A1:2E:D6:3A:48:4C:03:D4:C3:C2:71:CB:2E:FF:05:53:E1:23:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2qEu1jpITAPUw8Jxyy7_BVPhI3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/da374f-d694-45e2-94e2-91a0034a989e/1/pZjQfG12G_tUKYaEkvnLZUTVbws.roa
Signing time: Thu 02 Jan 2025 01:49:11 +0000
ROA not before: Thu 02 Jan 2025 01:49:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211169
IP address blocks: 2001:678:f68::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cf:3a:cb:0b:e9:58:85:36:2e:17:3f:d3:be:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daa12ed63a484c03d4c3c271cb2eff0553e12370
Validity
Not Before: Jan 2 01:49:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a598d07c6d761bfb5429868492f9cb6544d56f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:39:b8:51:c6:3c:24:9e:76:7e:93:bf:de:
9e:76:c0:f6:5e:d1:4d:5a:fa:0d:fc:b5:f3:76:0f:
57:2d:56:c7:59:54:bf:78:5a:ad:bf:44:a6:3c:1a:
63:4a:c0:0d:a8:31:76:e2:c6:bb:b8:de:d6:6c:9b:
33:b2:3a:2f:ca:22:9a:0f:ed:47:f7:3d:29:92:bd:
8f:39:93:40:62:a1:89:e9:b1:c3:fb:c9:15:79:8a:
b8:aa:83:ee:be:6d:24:33:ed:3c:8c:4f:f8:dc:f8:
c0:2d:9c:be:ae:bb:8a:c1:a3:ce:6a:7b:b9:b4:c2:
1b:f0:fa:73:8e:46:13:d9:e6:bd:2c:e3:fe:8d:ec:
79:c3:f7:8c:58:bc:5c:39:c5:f9:9a:7f:c9:c8:56:
b4:3c:2c:1e:c1:3d:4c:92:c1:10:b7:c0:47:1b:68:
e6:2f:1b:80:29:02:9a:76:ee:36:38:2e:e5:bf:02:
d7:7f:2b:8a:f1:93:ff:3a:9b:16:82:47:31:ab:86:
c5:22:03:dc:a0:08:03:0c:88:ba:48:3d:a3:22:26:
4c:07:07:04:96:47:89:79:40:80:c1:61:5b:7f:36:
ab:c9:7f:04:60:98:3c:32:63:10:b1:4a:82:b9:31:
33:fc:76:47:11:16:b3:2d:3a:0d:86:c2:4b:1a:75:
e4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:98:D0:7C:6D:76:1B:FB:54:29:86:84:92:F9:CB:65:44:D5:6F:0B
X509v3 Authority Key Identifier:
keyid:DA:A1:2E:D6:3A:48:4C:03:D4:C3:C2:71:CB:2E:FF:05:53:E1:23:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qEu1jpITAPUw8Jxyy7_BVPhI3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/da374f-d694-45e2-94e2-91a0034a989e/1/pZjQfG12G_tUKYaEkvnLZUTVbws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/da374f-d694-45e2-94e2-91a0034a989e/1/2qEu1jpITAPUw8Jxyy7_BVPhI3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:f68::/48
Signature Algorithm: sha256WithRSAEncryption
66:f7:15:5f:ed:07:2c:08:08:07:e8:8a:82:aa:6e:ee:db:34:
00:e3:e9:04:da:17:a5:6d:13:38:f0:ff:0b:46:eb:31:b8:d8:
95:35:03:60:9e:c9:00:6c:e2:da:a7:1e:34:80:27:8d:3e:23:
d4:17:73:75:13:c8:08:0c:16:20:b7:bb:66:a0:6a:cd:74:29:
67:33:46:da:11:98:ad:ea:72:a5:57:c4:09:fe:0d:4f:77:1b:
f9:3f:5c:ba:37:a3:01:fe:6c:81:7f:67:2b:45:91:ae:0a:35:
46:b8:bb:15:90:ff:ed:44:ab:7a:43:92:69:d4:52:b5:ab:80:
0d:2a:fa:ec:b0:8a:9a:b4:a4:02:91:1f:35:77:18:9d:9f:51:
19:f1:ed:17:4d:45:85:83:07:bf:f1:4a:fd:a9:42:d3:54:e6:
f5:79:50:6c:5b:ce:d6:92:3f:ae:69:c8:04:f3:a8:e9:89:65:
10:c8:27:7f:0d:55:c0:09:32:81:16:55:b7:e8:ba:b0:80:25:
b6:eb:1e:7b:63:71:5e:41:c9:7e:a6:6b:e8:ee:b3:4f:76:fd:
f2:42:15:90:5e:68:1f:c3:07:b2:0f:59:7d:08:3c:5e:27:7f:
88:1a:38:97:63:57:11:92:f8:55:41:0e:06:d1:ff:b9:f7:78:
d3:77:10:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQks886ywvpWIU2Lhc/075QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTEyZWQ2M2E0ODRjMDNkNGMzYzI3MWNiMmVmZjA1NTNl
MTIzNzAwHhcNMjUwMTAyMDE0OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk4ZDA3YzZkNzYxYmZiNTQyOTg2ODQ5MmY5Y2I2NTQ0ZDU2ZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5c5uFHGPCSedn6Tv96edsD2XtFN
WvoN/LXzdg9XLVbHWVS/eFqtv0SmPBpjSsANqDF24sa7uN7WbJszsjovyiKaD+1H
9z0pkr2POZNAYqGJ6bHD+8kVeYq4qoPuvm0kM+08jE/43PjALZy+rruKwaPOanu5
tMIb8PpzjkYT2ea9LOP+jex5w/eMWLxcOcX5mn/JyFa0PCwewT1MksEQt8BHG2jm
LxuAKQKadu42OC7lvwLXfyuK8ZP/OpsWgkcxq4bFIgPcoAgDDIi6SD2jIiZMBwcE
lkeJeUCAwWFbfzaryX8EYJg8MmMQsUqCuTEz/HZHERazLToNhsJLGnXkjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKWY0Hxtdhv7VCmGhJL5y2VE1W8LMB8GA1UdIwQY
MBaAFNqhLtY6SEwD1MPCccsu/wVT4SNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFFdTFqcElUQVBVdzhKeHl5N19CVlBoSTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9kYTM3NGYtZDY5NC00NWUyLTk0ZTIt
OTFhMDAzNGE5ODllLzEvcFpqUWZHMTJHX3RVS1lhRWt2bkxaVVRWYndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9kYTM3NGYtZDY5NC00NWUyLTk0ZTItOTFhMDAzNGE5ODll
LzEvMnFFdTFqcElUQVBVdzhKeHl5N19CVlBoSTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA9o
MA0GCSqGSIb3DQEBCwUAA4IBAQBm9xVf7QcsCAgH6IqCqm7u2zQA4+kE2helbRM4
8P8LRusxuNiVNQNgnskAbOLapx40gCeNPiPUF3N1E8gIDBYgt7tmoGrNdClnM0ba
EZit6nKlV8QJ/g1Pdxv5P1y6N6MB/myBf2crRZGuCjVGuLsVkP/tRKt6Q5Jp1FK1
q4ANKvrssIqatKQCkR81dxidn1EZ8e0XTUWFgwe/8Ur9qULTVOb1eVBsW87Wkj+u
acgE86jpiWUQyCd/DVXACTKBFlW36LqwgCW26x57Y3FeQcl+pmvo7rNPdv3yQhWQ
XmgfwweyD1l9CDxeJ3+IGjiXY1cRkvhVQQ4G0f+593jTdxCw
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:57:12 2025 by rpki-client