Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/c4bdae-09f0-4334-853e-3626b8ffd1e5/1/if3bRvhywq0-AQAvqAMvn9zf2xA.roa
File: if3bRvhywq0-AQAvqAMvn9zf2xA.roa (raw, json)
Hash identifier: e1PwQotXLXaCqhVV0IcDbX0I5jTk19F7wuKZ3aHr5MQ=
Subject key identifier: 89:FD:DB:46:F8:72:C2:AD:3E:01:00:2F:A8:03:2F:9F:DC:DF:DB:10
Certificate issuer: /CN=29d59e889f99aefdde5e949fe8079d337b57f447
Certificate serial: 019423D6D15C4F685C5CB2880F0D995D68A2
Authority key identifier: 29:D5:9E:88:9F:99:AE:FD:DE:5E:94:9F:E8:07:9D:33:7B:57:F4:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdWeiJ-Zrv3eXpSf6AedM3tX9Ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/c4bdae-09f0-4334-853e-3626b8ffd1e5/1/if3bRvhywq0-AQAvqAMvn9zf2xA.roa
Signing time: Wed 01 Jan 2025 21:47:48 +0000
ROA not before: Wed 01 Jan 2025 21:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62396
IP address blocks: 2001:67c:2c68::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d1:5c:4f:68:5c:5c:b2:88:0f:0d:99:5d:68:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d59e889f99aefdde5e949fe8079d337b57f447
Validity
Not Before: Jan 1 21:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89fddb46f872c2ad3e01002fa8032f9fdcdfdb10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:aa:94:32:61:a9:8c:40:73:b4:5d:d1:04:
4a:af:68:1f:4b:62:97:c6:11:b9:96:59:8a:e1:ef:
5f:d1:3b:25:95:10:db:96:09:22:1f:97:fc:31:e3:
0d:f3:26:71:e6:18:b5:de:dd:07:0d:e8:09:cd:cf:
b2:72:2c:d2:8f:db:f6:54:12:03:ce:6e:a3:1b:ef:
e1:b6:a6:83:04:15:98:a0:3e:4e:91:69:2c:20:bb:
7c:c0:94:9d:68:27:a7:ec:a8:9f:89:e3:35:9e:f3:
89:35:a0:37:8a:9c:ef:3b:2d:d8:aa:4b:17:be:7e:
71:ef:3b:7e:86:c8:7e:53:c9:da:20:4f:e8:5e:90:
4d:b9:42:ff:6b:55:75:69:48:d7:a7:36:f3:d4:83:
fc:ed:d1:21:ae:f6:94:30:ee:88:69:2a:62:3d:f0:
05:51:66:49:9d:53:73:28:73:4e:65:87:a7:56:37:
4e:9d:5c:f8:88:00:0a:c8:c4:d5:79:de:eb:ca:58:
1e:6b:53:20:2d:be:c9:d7:b0:4d:90:29:16:c0:18:
53:18:14:70:d7:14:64:d0:75:94:4b:e1:48:ef:4d:
69:0e:da:f1:31:18:24:3f:1e:01:e6:46:f9:f0:a6:
52:9f:d4:7b:fe:a7:f9:91:6f:c8:22:f4:66:c1:ca:
82:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FD:DB:46:F8:72:C2:AD:3E:01:00:2F:A8:03:2F:9F:DC:DF:DB:10
X509v3 Authority Key Identifier:
keyid:29:D5:9E:88:9F:99:AE:FD:DE:5E:94:9F:E8:07:9D:33:7B:57:F4:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdWeiJ-Zrv3eXpSf6AedM3tX9Ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/c4bdae-09f0-4334-853e-3626b8ffd1e5/1/if3bRvhywq0-AQAvqAMvn9zf2xA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/c4bdae-09f0-4334-853e-3626b8ffd1e5/1/KdWeiJ-Zrv3eXpSf6AedM3tX9Ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2c68::/48
Signature Algorithm: sha256WithRSAEncryption
45:14:70:b0:8f:8b:dd:8b:7b:5a:4d:54:ae:c1:5d:1f:68:a3:
0d:c6:f0:5f:be:b8:e2:4a:30:a2:8f:9e:47:2a:2c:53:aa:4c:
6d:3b:72:36:6f:9d:5f:bd:72:1b:b4:c8:7b:11:a2:07:86:48:
19:43:bd:77:de:8b:af:4e:59:f0:d2:1a:e4:6f:a2:d4:e1:ba:
e6:99:ea:f3:c6:86:68:96:6a:e0:7b:c6:ee:ae:01:6a:0a:62:
ed:03:bf:c8:4e:a3:c8:bc:a1:2c:de:a9:81:9c:a5:34:a5:5b:
ac:fb:1e:3d:b6:98:72:e7:bf:59:5c:12:a8:9a:09:f6:15:6d:
09:03:94:e3:44:80:cc:63:24:3a:4f:b4:dc:1d:60:9a:6e:d3:
09:30:28:78:28:20:59:45:91:50:21:db:0b:af:02:bb:ca:e3:
d9:70:b3:45:fd:74:d2:e5:62:01:59:79:c3:f8:e4:89:0f:11:
46:79:b3:60:dc:c4:eb:55:b7:f4:de:f8:e2:94:9c:e7:3b:05:
68:c1:d6:85:a1:85:c8:78:06:41:dd:25:68:d0:5a:3b:a2:99:
35:e1:ce:76:81:fe:0f:41:4f:ce:01:1a:63:1a:01:ca:b6:a2:
dd:63:29:f9:e3:e3:81:dd:ec:75:b5:d0:8b:59:99:a8:29:d4:
0a:eb:8e:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1tFcT2hcXLKIDw2ZXWiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDU5ZTg4OWY5OWFlZmRkZTVlOTQ5ZmU4MDc5ZDMzN2I1
N2Y0NDcwHhcNMjUwMTAxMjE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWZkZGI0NmY4NzJjMmFkM2UwMTAwMmZhODAzMmY5ZmRjZGZkYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVmqlDJhqYxAc7Rd0QRKr2gfS2KX
xhG5llmK4e9f0TsllRDblgkiH5f8MeMN8yZx5hi13t0HDegJzc+ycizSj9v2VBID
zm6jG+/htqaDBBWYoD5OkWksILt8wJSdaCen7KifieM1nvOJNaA3ipzvOy3YqksX
vn5x7zt+hsh+U8naIE/oXpBNuUL/a1V1aUjXpzbz1IP87dEhrvaUMO6IaSpiPfAF
UWZJnVNzKHNOZYenVjdOnVz4iAAKyMTVed7rylgea1MgLb7J17BNkCkWwBhTGBRw
1xRk0HWUS+FI701pDtrxMRgkPx4B5kb58KZSn9R7/qf5kW/IIvRmwcqCRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIn920b4csKtPgEAL6gDL5/c39sQMB8GA1UdIwQY
MBaAFCnVnoifma793l6Un+gHnTN7V/RHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RXZWlKLVpydjNlWHBTZjZBZWRNM3RYOUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jNGJkYWUtMDlmMC00MzM0LTg1M2Ut
MzYyNmI4ZmZkMWU1LzEvaWYzYlJ2aHl3cTAtQVFBdnFBTXZuOXpmMnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9jNGJkYWUtMDlmMC00MzM0LTg1M2UtMzYyNmI4ZmZkMWU1
LzEvS2RXZWlKLVpydjNlWHBTZjZBZWRNM3RYOUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCxo
MA0GCSqGSIb3DQEBCwUAA4IBAQBFFHCwj4vdi3taTVSuwV0faKMNxvBfvrjiSjCi
j55HKixTqkxtO3I2b51fvXIbtMh7EaIHhkgZQ7133ouvTlnw0hrkb6LU4brmmerz
xoZolmrge8burgFqCmLtA7/ITqPIvKEs3qmBnKU0pVus+x49tphy579ZXBKomgn2
FW0JA5TjRIDMYyQ6T7TcHWCabtMJMCh4KCBZRZFQIdsLrwK7yuPZcLNF/XTS5WIB
WXnD+OSJDxFGebNg3MTrVbf03vjilJznOwVowdaFoYXIeAZB3SVo0Fo7opk14c52
gf4PQU/OARpjGgHKtqLdYyn54+OB3ex1tdCLWZmoKdQK645n
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:47:01 2025 by rpki-client