Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/172310-3cb0-4bb0-91ae-4462a126d07d/1/tCReBQEfist-xvNAig7wcNT_kFY.roa
File: tCReBQEfist-xvNAig7wcNT_kFY.roa (raw, json)
Hash identifier: eAnNRfWeMAKf3K2opw1l/ihLmhFWT1Klsp1nr6sdAiU=
Subject key identifier: B4:24:5E:05:01:1F:8A:CB:7E:C6:F3:40:8A:0E:F0:70:D4:FF:90:56
Certificate issuer: /CN=f50e225bfb45218b997719804ea287f1751cf20e
Certificate serial: 019425FC58E9B41DBA9497F0D7B0B22768CA
Authority key identifier: F5:0E:22:5B:FB:45:21:8B:99:77:19:80:4E:A2:87:F1:75:1C:F2:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Q4iW_tFIYuZdxmATqKH8XUc8g4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/172310-3cb0-4bb0-91ae-4462a126d07d/1/tCReBQEfist-xvNAig7wcNT_kFY.roa
Signing time: Thu 02 Jan 2025 07:48:02 +0000
ROA not before: Thu 02 Jan 2025 07:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58247
IP address blocks: 2001:67c:29d4::/48 maxlen: 48
2001:67c:29d4:8000::/49 maxlen: 49
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:58:e9:b4:1d:ba:94:97:f0:d7:b0:b2:27:68:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50e225bfb45218b997719804ea287f1751cf20e
Validity
Not Before: Jan 2 07:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4245e05011f8acb7ec6f3408a0ef070d4ff9056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a5:98:e5:fa:11:12:44:a7:b2:57:4c:2b:f8:
2f:c8:7f:7b:79:f7:f2:06:9d:da:c8:4a:cf:90:00:
f4:93:96:f9:02:83:fe:6e:d5:77:b3:a3:4c:0b:05:
0f:76:c1:a3:7d:57:50:ad:02:15:b5:ec:1e:07:ed:
52:14:00:5d:75:95:b7:53:92:c1:72:a9:bb:27:be:
c3:a5:14:93:5e:d6:e7:e8:7d:5b:f2:70:ab:26:01:
52:a6:eb:49:47:10:09:c0:75:73:05:4a:d1:05:66:
07:63:13:63:ec:bc:87:48:eb:80:8d:ca:aa:4d:eb:
40:e8:34:aa:66:f1:da:e7:37:34:b4:29:03:45:b3:
72:29:ad:af:25:cb:0c:5a:99:e8:03:4e:26:41:fa:
82:3b:6c:69:9b:b4:0e:87:ba:49:0d:f6:06:2e:04:
4e:c9:2e:19:db:f2:a7:d2:19:72:89:5b:15:6b:82:
22:22:12:52:26:af:25:18:9f:f9:c2:d5:8d:fe:54:
8f:fb:2b:82:e1:dc:1b:01:32:85:3b:3f:4a:0e:d2:
6a:ce:91:62:e6:e1:33:f6:ab:b2:b6:9f:7f:d9:bc:
b8:34:05:44:53:4c:c2:b1:25:be:fe:e0:cf:03:5b:
84:4f:e6:df:c4:19:05:e9:3e:60:cd:72:cf:56:eb:
09:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:24:5E:05:01:1F:8A:CB:7E:C6:F3:40:8A:0E:F0:70:D4:FF:90:56
X509v3 Authority Key Identifier:
keyid:F5:0E:22:5B:FB:45:21:8B:99:77:19:80:4E:A2:87:F1:75:1C:F2:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Q4iW_tFIYuZdxmATqKH8XUc8g4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/172310-3cb0-4bb0-91ae-4462a126d07d/1/tCReBQEfist-xvNAig7wcNT_kFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/172310-3cb0-4bb0-91ae-4462a126d07d/1/9Q4iW_tFIYuZdxmATqKH8XUc8g4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:29d4::/48
Signature Algorithm: sha256WithRSAEncryption
b3:fb:89:7b:1d:08:a8:0c:6e:98:da:4e:11:18:89:a7:57:b6:
40:20:c7:c6:b7:da:1a:f7:90:a6:7c:89:bc:b1:af:86:22:83:
f3:9e:7a:1e:8f:c2:89:9d:5b:7c:ee:bd:a1:96:7a:ef:c1:2e:
13:61:02:d8:4a:0b:74:92:0b:50:39:02:3b:ab:b2:3a:77:4d:
c9:15:7b:bc:a0:72:72:64:9a:8d:fa:53:b9:4a:5c:d9:14:2c:
ec:77:f1:4b:97:c6:ef:88:a2:55:f8:d3:c0:d7:cf:17:98:91:
74:30:d6:a6:29:69:af:02:ad:c7:a3:18:0b:7d:0f:70:3d:d5:
76:fa:89:08:c4:79:b5:e9:e7:00:92:fc:01:ee:dd:a9:e8:7f:
77:4c:60:d3:9a:7e:c9:d9:39:87:7e:ba:e1:ab:9a:66:7c:1e:
5f:db:a8:84:e5:70:ef:ae:3b:74:bd:28:f5:83:84:f7:93:e6:
76:f2:45:6b:68:f8:ca:bf:40:98:37:52:fe:2d:8f:86:a7:5f:
1a:bb:88:ab:be:93:fa:ae:e2:aa:94:94:65:a8:58:4c:6e:a1:
23:6d:73:d8:76:ae:1e:1e:0b:25:f1:8d:b9:d8:48:d3:72:9c:
a3:25:02:7e:e1:07:20:4d:44:54:2d:9b:45:88:97:bb:71:11:
e2:65:4d:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/FjptB26lJfw17CyJ2jKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGUyMjViZmI0NTIxOGI5OTc3MTk4MDRlYTI4N2YxNzUx
Y2YyMGUwHhcNMjUwMTAyMDc0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDI0NWUwNTAxMWY4YWNiN2VjNmYzNDA4YTBlZjA3MGQ0ZmY5MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36WY5foREkSnsldMK/gvyH97effy
Bp3ayErPkAD0k5b5AoP+btV3s6NMCwUPdsGjfVdQrQIVteweB+1SFABddZW3U5LB
cqm7J77DpRSTXtbn6H1b8nCrJgFSputJRxAJwHVzBUrRBWYHYxNj7LyHSOuAjcqq
TetA6DSqZvHa5zc0tCkDRbNyKa2vJcsMWpnoA04mQfqCO2xpm7QOh7pJDfYGLgRO
yS4Z2/Kn0hlyiVsVa4IiIhJSJq8lGJ/5wtWN/lSP+yuC4dwbATKFOz9KDtJqzpFi
5uEz9quytp9/2by4NAVEU0zCsSW+/uDPA1uET+bfxBkF6T5gzXLPVusJhwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLQkXgUBH4rLfsbzQIoO8HDU/5BWMB8GA1UdIwQY
MBaAFPUOIlv7RSGLmXcZgE6ih/F1HPIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVE0aVdfdEZJWXVaZHhtQVRxS0g4WFVjOGc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xNzIzMTAtM2NiMC00YmIwLTkxYWUt
NDQ2MmExMjZkMDdkLzEvdENSZUJRRWZpc3QteHZOQWlnN3djTlRfa0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xNzIzMTAtM2NiMC00YmIwLTkxYWUtNDQ2MmExMjZkMDdk
LzEvOVE0aVdfdEZJWXVaZHhtQVRxS0g4WFVjOGc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCnU
MA0GCSqGSIb3DQEBCwUAA4IBAQCz+4l7HQioDG6Y2k4RGImnV7ZAIMfGt9oa95Cm
fIm8sa+GIoPznnoej8KJnVt87r2hlnrvwS4TYQLYSgt0kgtQOQI7q7I6d03JFXu8
oHJyZJqN+lO5SlzZFCzsd/FLl8bviKJV+NPA188XmJF0MNamKWmvAq3HoxgLfQ9w
PdV2+okIxHm16ecAkvwB7t2p6H93TGDTmn7J2TmHfrrhq5pmfB5f26iE5XDvrjt0
vSj1g4T3k+Z28kVraPjKv0CYN1L+LY+Gp18au4irvpP6ruKqlJRlqFhMbqEjbXPY
dq4eHgsl8Y252EjTcpyjJQJ+4QcgTURULZtFiJe7cRHiZU03
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:36 2025 by rpki-client