Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/mjDoFz4eHyi_j3f9O8pUYP3JsY0.roa
File: mjDoFz4eHyi_j3f9O8pUYP3JsY0.roa (raw, json)
Hash identifier: 2+YlsZR42nnbb9KjpTYXIUqIvFdsI2xFIsW6avZLprs=
Subject key identifier: 9A:30:E8:17:3E:1E:1F:28:BF:8F:77:FD:3B:CA:54:60:FD:C9:B1:8D
Certificate issuer: /CN=4121c7fb04153829d96a1c038f0df714da595404
Certificate serial: 019424449088AE11ECBABDCF9F3457D6EA53
Authority key identifier: 41:21:C7:FB:04:15:38:29:D9:6A:1C:03:8F:0D:F7:14:DA:59:54:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSHH-wQVOCnZahwDjw33FNpZVAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/mjDoFz4eHyi_j3f9O8pUYP3JsY0.roa
Signing time: Wed 01 Jan 2025 23:47:40 +0000
ROA not before: Wed 01 Jan 2025 23:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213032
IP address blocks: 2001:678:dc4::/48 maxlen: 48
2001:678:dc8::/48 maxlen: 48
2001:67c:27c4::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:90:88:ae:11:ec:ba:bd:cf:9f:34:57:d6:ea:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4121c7fb04153829d96a1c038f0df714da595404
Validity
Not Before: Jan 1 23:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a30e8173e1e1f28bf8f77fd3bca5460fdc9b18d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b4:35:f5:a6:9e:5d:0f:24:b5:ea:a5:90:5a:
12:e5:ac:78:91:49:61:06:ee:88:0d:e1:7b:5d:1f:
ef:04:d0:3d:67:0f:25:20:98:0a:7b:49:6b:da:16:
b5:52:6e:ae:33:1c:7f:7f:47:3e:9a:25:32:ca:80:
17:b9:a8:7d:56:dc:2c:c9:6e:7b:d6:49:4b:9e:70:
99:07:6b:9b:5c:df:d9:23:91:6e:4a:c4:04:27:57:
4d:16:85:e1:8d:8e:40:a2:ce:54:a3:3d:3f:99:58:
a1:d9:26:2a:35:9d:df:ca:ec:0c:7a:19:7e:c7:ae:
41:ec:e5:5b:4a:f6:05:ac:ea:a1:33:d9:6a:7f:99:
d8:6b:9d:88:3b:6d:9c:bb:97:f5:bf:2d:91:b6:ac:
ec:5e:1e:2a:cc:6a:da:56:fd:ef:6a:d6:d0:4f:87:
91:59:f9:19:e4:25:51:6c:01:87:ba:3b:05:00:5d:
ba:bf:48:77:eb:7a:91:3b:09:82:c5:96:1d:95:9a:
74:cc:d1:58:6f:f1:49:f3:f6:24:88:d9:4a:c2:46:
8b:49:4d:95:ab:1d:d9:fe:31:a4:00:5c:c8:50:05:
2f:99:0a:eb:6b:aa:7c:38:c9:ca:39:2f:b9:de:73:
79:c0:81:1a:13:88:6d:d9:50:48:7e:c7:da:03:0d:
84:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:30:E8:17:3E:1E:1F:28:BF:8F:77:FD:3B:CA:54:60:FD:C9:B1:8D
X509v3 Authority Key Identifier:
keyid:41:21:C7:FB:04:15:38:29:D9:6A:1C:03:8F:0D:F7:14:DA:59:54:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSHH-wQVOCnZahwDjw33FNpZVAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/mjDoFz4eHyi_j3f9O8pUYP3JsY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/05e109-2347-4a7c-8adb-d1981dd446cf/1/QSHH-wQVOCnZahwDjw33FNpZVAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:dc4::/48
2001:678:dc8::/48
2001:67c:27c4::/48
Signature Algorithm: sha256WithRSAEncryption
64:86:37:d2:4d:32:68:c6:bf:ac:56:cb:d8:90:14:b6:d4:f3:
17:b0:66:25:e4:d6:2f:18:2d:83:f9:99:57:de:f3:ee:66:4b:
2a:a5:db:6e:a2:06:07:7a:eb:8f:e7:db:d9:97:5c:b6:bb:e5:
dc:f8:56:20:66:5c:d3:9c:5b:3e:45:eb:e0:c6:51:11:42:d7:
05:56:41:42:e0:b8:55:d8:11:a3:bd:0a:f7:65:29:76:72:0a:
f7:f4:e1:ac:d0:ee:73:10:e3:ec:dd:8b:9a:b0:71:cf:a0:d8:
9e:20:56:44:da:0a:e1:a8:cd:01:b4:01:9a:c2:3f:14:2b:ca:
58:a7:d7:dc:b2:d2:e4:2f:e5:d5:c7:49:a2:c1:af:5f:df:4f:
bb:9b:97:82:49:0f:84:82:1d:b8:a6:e5:ed:c2:64:b2:6e:43:
9a:43:8d:9c:71:29:d9:16:e1:14:60:1e:dd:71:b2:60:de:4a:
9f:63:88:8b:d5:8a:81:af:5d:f5:7a:da:7a:71:59:f1:0a:ce:
9d:41:76:a2:e7:55:95:50:37:f9:55:65:56:4b:84:d2:bf:b7:
8f:1c:72:44:dd:91:81:7b:49:85:7d:7e:1a:48:ff:61:5e:c3:
3d:cc:53:0c:1f:8a:b6:15:82:da:2e:5c:a3:44:e1:69:13:d7:
ef:48:69:87
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRJCIrhHsur3PnzRX1upTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjFjN2ZiMDQxNTM4MjlkOTZhMWMwMzhmMGRmNzE0ZGE1
OTU0MDQwHhcNMjUwMTAxMjM0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTMwZTgxNzNlMWUxZjI4YmY4Zjc3ZmQzYmNhNTQ2MGZkYzliMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7Q19aaeXQ8kteqlkFoS5ax4kUlh
Bu6IDeF7XR/vBNA9Zw8lIJgKe0lr2ha1Um6uMxx/f0c+miUyyoAXuah9VtwsyW57
1klLnnCZB2ubXN/ZI5FuSsQEJ1dNFoXhjY5Aos5Uoz0/mVih2SYqNZ3fyuwMehl+
x65B7OVbSvYFrOqhM9lqf5nYa52IO22cu5f1vy2RtqzsXh4qzGraVv3vatbQT4eR
WfkZ5CVRbAGHujsFAF26v0h363qROwmCxZYdlZp0zNFYb/FJ8/YkiNlKwkaLSU2V
qx3Z/jGkAFzIUAUvmQrra6p8OMnKOS+53nN5wIEaE4ht2VBIfsfaAw2EVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJow6Bc+Hh8ov493/TvKVGD9ybGNMB8GA1UdIwQY
MBaAFEEhx/sEFTgp2WocA48N9xTaWVQEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNISC13UVZPQ25aYWh3RGp3MzNGTnBaVkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNWUxMDktMjM0Ny00YTdjLThhZGIt
ZDE5ODFkZDQ0NmNmLzEvbWpEb0Z6NGVIeWlfajNmOU84cFVZUDNKc1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wNWUxMDktMjM0Ny00YTdjLThhZGItZDE5ODFkZDQ0NmNm
LzEvUVNISC13UVZPQ25aYWh3RGp3MzNGTnBaVkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGeA3E
AwcAIAEGeA3IAwcAIAEGfCfEMA0GCSqGSIb3DQEBCwUAA4IBAQBkhjfSTTJoxr+s
VsvYkBS21PMXsGYl5NYvGC2D+ZlX3vPuZksqpdtuogYHeuuP59vZl1y2u+Xc+FYg
ZlzTnFs+RevgxlERQtcFVkFC4LhV2BGjvQr3ZSl2cgr39OGs0O5zEOPs3YuasHHP
oNieIFZE2grhqM0BtAGawj8UK8pYp9fcstLkL+XVx0miwa9f30+7m5eCSQ+Egh24
puXtwmSybkOaQ42ccSnZFuEUYB7dcbJg3kqfY4iL1YqBr131etp6cVnxCs6dQXai
51WVUDf5VWVWS4TSv7ePHHJE3ZGBe0mFfX4aSP9hXsM9zFMMH4q2FYLaLlyjROFp
E9fvSGmH
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:52:11 2025 by rpki-client