Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/i0UtjKhThBAIzRT1eJL3hD2Ywmk.roa
File: i0UtjKhThBAIzRT1eJL3hD2Ywmk.roa (raw, json)
Hash identifier: BKlQ/77pz1u1TCDlrGybeS13ax7xeZWbK2z+UAz10UA=
Subject key identifier: 8B:45:2D:8C:A8:53:84:10:08:CD:14:F5:78:92:F7:84:3D:98:C2:69
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 019421B1E8A1BE898FF94DFF5DFC506527B5
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/i0UtjKhThBAIzRT1eJL3hD2Ywmk.roa
Signing time: Wed 01 Jan 2025 11:48:14 +0000
ROA not before: Wed 01 Jan 2025 11:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60915
IP address blocks: 2001:6d0:4004::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:e8:a1:be:89:8f:f9:4d:ff:5d:fc:50:65:27:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Jan 1 11:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b452d8ca853841008cd14f57892f7843d98c269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9a:a3:d0:df:51:9d:7e:8c:96:61:30:41:28:
d3:bf:ad:32:45:1c:1b:a8:0e:21:84:3f:b9:58:9d:
e4:9a:bc:78:d0:7f:47:31:13:2b:cd:58:33:9a:b9:
c6:cf:db:17:a5:3c:27:e4:2d:49:41:08:00:94:04:
b9:61:73:5e:a7:66:50:96:dc:dd:ea:00:bd:7b:5b:
77:04:b4:0c:8d:ce:a3:04:c4:43:bb:2a:c9:da:c9:
92:14:27:22:f9:21:3c:8a:9d:68:1e:27:8a:9c:a4:
39:97:96:85:91:e2:36:c7:dd:f4:98:14:29:32:52:
b2:ba:12:a7:a5:2e:b7:c6:0c:2d:8d:c2:7a:de:e0:
b2:f8:be:f2:32:da:83:90:ca:9c:1e:5a:70:e0:a7:
f4:51:d7:b0:a0:fe:2a:50:e3:d5:52:08:2b:90:85:
56:03:c1:36:32:b2:79:eb:f5:f2:ed:ee:f3:1d:9c:
e7:fd:47:e1:60:82:c0:cf:96:0e:86:b5:af:9e:16:
97:f7:13:2f:b9:d3:ba:17:ca:8b:b5:36:f7:52:26:
41:88:ea:d4:5b:93:83:89:d5:82:37:b3:a4:1d:78:
11:51:29:18:e6:88:05:b3:25:82:0f:1b:b6:dd:2c:
ce:8f:2d:f1:ff:d4:07:cf:a0:9a:e2:e3:bf:95:de:
e7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:45:2D:8C:A8:53:84:10:08:CD:14:F5:78:92:F7:84:3D:98:C2:69
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/i0UtjKhThBAIzRT1eJL3hD2Ywmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:6d0:4004::/48
Signature Algorithm: sha256WithRSAEncryption
c7:67:05:f3:41:02:24:2c:27:cc:3d:00:e2:2d:aa:f8:e9:9b:
ad:04:cf:21:59:0f:41:f1:a4:bc:08:f4:32:22:38:f1:77:3c:
08:c6:8a:ce:21:de:f9:6a:f8:b8:fe:49:08:2e:7f:82:dc:c7:
ac:4e:8f:03:c0:19:6e:8c:a2:ed:fd:ab:8f:c1:1a:cd:3c:ca:
2f:5b:09:2d:98:d9:50:28:c8:e2:7c:4d:6b:bf:bf:b6:4b:9c:
79:13:23:a3:b0:1e:bc:6c:54:6d:09:0c:cb:38:be:7f:9c:6d:
9b:39:ee:c8:2e:41:8c:a0:a3:62:d3:49:b1:11:50:14:29:c7:
b2:84:70:fd:a7:f3:f4:a3:4a:e9:c6:2b:c8:31:9e:65:1a:ab:
75:4c:ca:53:38:87:bd:d2:aa:8b:26:9b:43:40:4c:90:d5:b4:
49:be:2c:21:41:56:b0:56:2a:92:6c:41:c5:ba:10:02:ea:56:
38:e3:81:55:ad:38:31:2a:fc:a8:73:1e:91:53:3a:05:bb:34:
5c:a7:35:e3:58:8d:85:75:e2:14:e6:23:3a:92:5b:97:27:bf:
ce:1d:31:3c:b1:c5:82:df:03:07:8e:fd:e9:a6:41:df:93:af:
cf:f9:76:c6:ff:2b:29:ba:40:39:d1:93:b9:23:5f:b5:ad:44:
02:89:f0:ec
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhseihvomP+U3/XfxQZSe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjUwMTAxMTE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ1MmQ4Y2E4NTM4NDEwMDhjZDE0ZjU3ODkyZjc4NDNkOThjMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pqj0N9RnX6MlmEwQSjTv60yRRwb
qA4hhD+5WJ3kmrx40H9HMRMrzVgzmrnGz9sXpTwn5C1JQQgAlAS5YXNep2ZQltzd
6gC9e1t3BLQMjc6jBMRDuyrJ2smSFCci+SE8ip1oHieKnKQ5l5aFkeI2x930mBQp
MlKyuhKnpS63xgwtjcJ63uCy+L7yMtqDkMqcHlpw4Kf0UdewoP4qUOPVUggrkIVW
A8E2MrJ56/Xy7e7zHZzn/UfhYILAz5YOhrWvnhaX9xMvudO6F8qLtTb3UiZBiOrU
W5ODidWCN7OkHXgRUSkY5ogFsyWCDxu23SzOjy3x/9QHz6Ca4uO/ld7ndQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFItFLYyoU4QQCM0U9XiS94Q9mMJpMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvaTBVdGpLaFRoQkFJelJUMWVKTDNoRDJZd21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEG0EAE
MA0GCSqGSIb3DQEBCwUAA4IBAQDHZwXzQQIkLCfMPQDiLar46ZutBM8hWQ9B8aS8
CPQyIjjxdzwIxorOId75avi4/kkILn+C3MesTo8DwBlujKLt/auPwRrNPMovWwkt
mNlQKMjifE1rv7+2S5x5EyOjsB68bFRtCQzLOL5/nG2bOe7ILkGMoKNi00mxEVAU
KceyhHD9p/P0o0rpxivIMZ5lGqt1TMpTOIe90qqLJptDQEyQ1bRJviwhQVawViqS
bEHFuhAC6lY444FVrTgxKvyocx6RUzoFuzRcpzXjWI2FdeIU5iM6kluXJ7/OHTE8
scWC3wMHjv3ppkHfk6/P+XbG/yspukA50ZO5I1+1rUQCifDs
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:13 2025 by rpki-client