Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/aVq4cLrPwFzzhZqO1-advKfUZmA.roa
File: aVq4cLrPwFzzhZqO1-advKfUZmA.roa (raw, json)
Hash identifier: /eEXPn/0u7ownwImimo5XirraLhO6aVXTWk+e0HToH4=
Subject key identifier: 69:5A:B8:70:BA:CF:C0:5C:F3:85:9A:8E:D7:E6:9D:BC:A7:D4:66:60
Certificate issuer: /CN=b1b34e006765b154f37b6d3484588189511fb200
Certificate serial: 019420D5C81E1F29F2BDBA35BD2EFF22C2DA
Authority key identifier: B1:B3:4E:00:67:65:B1:54:F3:7B:6D:34:84:58:81:89:51:1F:B2:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbNOAGdlsVTze200hFiBiVEfsgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/aVq4cLrPwFzzhZqO1-advKfUZmA.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13045
IP address blocks: 2001:678:7d4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c8:1e:1f:29:f2:bd:ba:35:bd:2e:ff:22:c2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1b34e006765b154f37b6d3484588189511fb200
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=695ab870bacfc05cf3859a8ed7e69dbca7d46660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ff:8c:c3:1a:a7:a4:c5:c6:45:55:dc:16:ee:
70:f4:73:ce:2d:80:56:ca:32:6e:9d:14:e8:8e:24:
f3:47:3e:75:36:51:49:9e:ee:f3:5b:77:2f:5d:ba:
75:2e:f9:4e:ae:f4:cb:35:1f:22:63:ff:1a:32:0f:
f8:b7:e4:e2:ff:b4:9a:43:09:76:37:1b:21:96:b6:
2b:39:d9:b6:ce:2f:01:74:5a:e0:32:93:fd:1b:23:
50:b8:6b:a0:a4:99:b5:7b:95:55:df:1c:50:a0:d5:
f4:e8:68:47:7b:25:4d:03:80:3a:7c:87:e9:55:d4:
d8:b6:c9:3a:e4:a3:60:f5:f4:61:fd:e5:c2:57:e3:
e8:c6:99:27:c6:65:99:23:93:56:3c:9b:cf:85:e9:
3d:a4:d8:00:34:9e:4d:19:18:2b:ab:97:68:4e:61:
4d:bb:51:6e:39:40:7a:42:d3:83:39:d5:be:1a:e1:
f8:78:74:f2:a3:b7:5b:70:2e:19:f3:b9:39:71:09:
27:03:52:60:03:84:4e:85:e7:c0:49:c8:ae:e7:e5:
c5:1e:30:38:e8:74:fb:e1:27:84:fa:ea:e2:b4:cd:
b4:5f:69:94:1c:00:08:e3:ea:5b:ea:e4:89:42:dd:
48:f7:06:6e:83:71:47:85:13:31:db:9c:21:45:b8:
77:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:5A:B8:70:BA:CF:C0:5C:F3:85:9A:8E:D7:E6:9D:BC:A7:D4:66:60
X509v3 Authority Key Identifier:
keyid:B1:B3:4E:00:67:65:B1:54:F3:7B:6D:34:84:58:81:89:51:1F:B2:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbNOAGdlsVTze200hFiBiVEfsgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/aVq4cLrPwFzzhZqO1-advKfUZmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/999cf5-812f-4e0a-8ea1-618238b7b942/1/sbNOAGdlsVTze200hFiBiVEfsgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:7d4::/48
Signature Algorithm: sha256WithRSAEncryption
3d:b8:30:47:f8:e0:70:10:77:f5:5b:0b:86:74:7d:c8:c6:cb:
70:7a:02:8e:64:65:c7:27:28:c9:82:74:ea:a5:db:43:f9:d0:
5e:42:bf:bf:e3:7f:75:3e:39:1c:aa:9b:bc:05:f7:1f:3d:ea:
04:cd:3d:8f:43:bc:39:1d:c3:45:c5:19:a4:e1:76:09:01:c9:
dd:a3:81:2f:4d:7a:82:6b:43:fb:bb:6f:b9:e1:02:b0:6d:5b:
06:91:f5:dc:8c:09:b4:e4:57:8f:22:8c:c3:87:46:bc:6e:2b:
66:88:47:3c:ba:59:50:96:20:22:bb:ae:09:1a:e5:ae:3c:c4:
5a:09:38:29:5f:0c:db:c0:51:53:ca:33:70:45:9b:e4:7c:17:
dd:a9:c6:a0:23:da:7c:3b:2a:6e:73:98:8f:77:fb:7f:0c:e1:
f2:cc:89:c4:52:ff:74:aa:f1:7a:48:53:66:fe:dd:32:37:52:
8c:58:28:54:a1:63:46:31:04:a5:48:c4:ed:21:69:43:d6:50:
9e:9b:a9:51:ca:0b:cf:e3:6c:2c:d2:8a:7e:0e:ab:12:7b:94:
dd:a9:2c:dc:19:5c:7f:dd:9b:4a:37:ea:c4:7d:53:be:fa:5c:
fb:27:a1:dd:c6:21:7b:b9:7e:6d:7e:be:7d:f8:c6:94:01:c4:
18:32:f4:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1cgeHynyvbo1vS7/IsLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYjM0ZTAwNjc2NWIxNTRmMzdiNmQzNDg0NTg4MTg5NTEx
ZmIyMDAwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTVhYjg3MGJhY2ZjMDVjZjM4NTlhOGVkN2U2OWRiY2E3ZDQ2NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov+MwxqnpMXGRVXcFu5w9HPOLYBW
yjJunRTojiTzRz51NlFJnu7zW3cvXbp1LvlOrvTLNR8iY/8aMg/4t+Ti/7SaQwl2
NxshlrYrOdm2zi8BdFrgMpP9GyNQuGugpJm1e5VV3xxQoNX06GhHeyVNA4A6fIfp
VdTYtsk65KNg9fRh/eXCV+PoxpknxmWZI5NWPJvPhek9pNgANJ5NGRgrq5doTmFN
u1FuOUB6QtODOdW+GuH4eHTyo7dbcC4Z87k5cQknA1JgA4ROhefASciu5+XFHjA4
6HT74SeE+uritM20X2mUHAAI4+pb6uSJQt1I9wZug3FHhRMx25whRbh37QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGlauHC6z8Bc84Wajtfmnbyn1GZgMB8GA1UdIwQY
MBaAFLGzTgBnZbFU83ttNIRYgYlRH7IAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2JOT0FHZGxzVlR6ZTIwMGhGaUJpVkVmc2dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy85OTljZjUtODEyZi00ZTBhLThlYTEt
NjE4MjM4YjdiOTQyLzEvYVZxNGNMclB3Rnp6aFpxTzEtYWR2S2ZVWm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy85OTljZjUtODEyZi00ZTBhLThlYTEtNjE4MjM4YjdiOTQy
LzEvc2JOT0FHZGxzVlR6ZTIwMGhGaUJpVkVmc2dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAfU
MA0GCSqGSIb3DQEBCwUAA4IBAQA9uDBH+OBwEHf1WwuGdH3IxstwegKOZGXHJyjJ
gnTqpdtD+dBeQr+/4391Pjkcqpu8BfcfPeoEzT2PQ7w5HcNFxRmk4XYJAcndo4Ev
TXqCa0P7u2+54QKwbVsGkfXcjAm05FePIozDh0a8bitmiEc8ullQliAiu64JGuWu
PMRaCTgpXwzbwFFTyjNwRZvkfBfdqcagI9p8Oypuc5iPd/t/DOHyzInEUv90qvF6
SFNm/t0yN1KMWChUoWNGMQSlSMTtIWlD1lCem6lRygvP42ws0op+DqsSe5TdqSzc
GVx/3ZtKN+rEfVO++lz7J6HdxiF7uX5tfr59+MaUAcQYMvQj
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:31:14 2025 by rpki-client