Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/TaFyA_yuFS97pLhaFyD2cw_w1Ww.roa
File: TaFyA_yuFS97pLhaFyD2cw_w1Ww.roa (raw, json)
Hash identifier: Zi7/itKdtRu4VQNXXM+cjcg2959LUhBqNqAHvORJ/d0=
Subject key identifier: 4D:A1:72:03:FC:AE:15:2F:7B:A4:B8:5A:17:20:F6:73:0F:F0:D5:6C
Certificate issuer: /CN=56bfb0ccb5d9bcb3974ab939e20c895d21f46c71
Certificate serial: 0194214461F0BF634DDAC6CA3F8752ED027B
Authority key identifier: 56:BF:B0:CC:B5:D9:BC:B3:97:4A:B9:39:E2:0C:89:5D:21:F4:6C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vr-wzLXZvLOXSrk54gyJXSH0bHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/TaFyA_yuFS97pLhaFyD2cw_w1Ww.roa
Signing time: Wed 01 Jan 2025 09:48:37 +0000
ROA not before: Wed 01 Jan 2025 09:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204671
IP address blocks: 2001:678:5e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:61:f0:bf:63:4d:da:c6:ca:3f:87:52:ed:02:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56bfb0ccb5d9bcb3974ab939e20c895d21f46c71
Validity
Not Before: Jan 1 09:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4da17203fcae152f7ba4b85a1720f6730ff0d56c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ab:2d:11:c0:6d:ff:31:2b:84:f1:37:b6:e4:
10:08:9d:8a:a8:25:4a:65:05:1e:44:3f:0e:1a:2d:
4b:41:99:98:1b:6b:b3:c3:9a:bf:75:80:68:28:2b:
c8:6c:66:92:42:cf:66:75:ef:6c:80:b9:66:29:7f:
0e:f6:ef:37:f4:27:ae:99:fd:fe:2f:28:bd:a4:8a:
cc:fc:5f:f1:1c:34:46:2b:9f:85:71:da:24:da:61:
ef:2b:e5:ab:78:95:c3:04:96:82:bb:0d:50:a0:cc:
3b:e8:0b:1d:d4:2c:0e:d8:50:05:04:ec:4c:d2:1b:
e1:86:3c:79:cf:2e:cd:9c:6e:d7:54:de:92:eb:ba:
32:36:07:2e:8a:f5:cf:ec:38:17:5c:8f:16:48:ab:
fc:32:9b:a3:7d:0c:8f:3c:fb:8d:bc:51:18:1f:77:
60:ae:1a:34:25:ff:c3:8d:a8:42:35:2f:2d:0a:19:
2e:84:db:84:b8:ad:17:e6:3d:8c:12:0f:e4:14:9b:
88:40:1d:eb:63:35:38:2c:a2:ff:d9:b6:be:6d:fa:
60:d1:be:b7:eb:69:de:7e:68:85:ba:e9:bb:31:81:
7f:d1:ed:62:49:9c:c0:12:ca:4c:35:96:96:59:8a:
14:c6:2c:21:6f:ad:d2:2d:0e:54:0c:bc:83:0b:92:
d8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A1:72:03:FC:AE:15:2F:7B:A4:B8:5A:17:20:F6:73:0F:F0:D5:6C
X509v3 Authority Key Identifier:
keyid:56:BF:B0:CC:B5:D9:BC:B3:97:4A:B9:39:E2:0C:89:5D:21:F4:6C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vr-wzLXZvLOXSrk54gyJXSH0bHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/TaFyA_yuFS97pLhaFyD2cw_w1Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5e6720-0f51-4014-ba1f-bda0bb885544/1/Vr-wzLXZvLOXSrk54gyJXSH0bHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5e0::/48
Signature Algorithm: sha256WithRSAEncryption
59:bd:87:99:5b:33:ee:17:02:d2:81:12:16:e1:56:a4:e3:80:
0e:6f:b1:db:a6:b8:2b:fa:3f:c8:61:99:4d:af:ea:70:ae:33:
d9:06:a6:2a:90:c2:84:c5:82:32:97:8c:b4:7c:7f:6e:24:51:
3a:9e:d3:69:f2:63:a7:76:70:ee:57:06:e3:10:08:26:76:22:
56:04:43:0f:89:44:15:2d:8f:af:49:22:fd:d6:ec:c7:32:b7:
83:4e:a6:26:2a:60:1a:0e:8a:c5:0f:34:4c:dd:49:24:c7:48:
5d:95:47:fe:4b:20:1c:5d:e7:6b:cd:60:48:0a:bc:dc:ba:6b:
de:3b:e8:87:33:e5:b0:ac:e0:69:4c:df:0e:d0:07:22:13:3e:
d7:ea:c9:16:f3:53:82:b2:3a:15:b6:7f:3e:12:e5:4a:d6:43:
3f:6c:ac:9d:96:20:18:4d:07:c3:d3:d5:13:fa:2b:a7:8a:59:
21:53:ba:64:cb:e0:29:e7:ab:7b:0a:6a:89:0c:01:9c:0f:6f:
0d:67:11:b8:41:f1:0b:fb:39:b6:38:84:29:f0:08:0e:71:28:
a7:33:8d:78:6d:53:f2:01:6e:4f:01:16:e8:e6:2c:38:59:2f:
ee:d0:54:77:69:f7:86:d0:c3:51:10:a2:58:9f:6f:6d:30:26:
f3:cf:18:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRGHwv2NN2sbKP4dS7QJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YmZiMGNjYjVkOWJjYjM5NzRhYjkzOWUyMGM4OTVkMjFm
NDZjNzEwHhcNMjUwMTAxMDk0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGExNzIwM2ZjYWUxNTJmN2JhNGI4NWExNzIwZjY3MzBmZjBkNTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6stEcBt/zErhPE3tuQQCJ2KqCVK
ZQUeRD8OGi1LQZmYG2uzw5q/dYBoKCvIbGaSQs9mde9sgLlmKX8O9u839Ceumf3+
Lyi9pIrM/F/xHDRGK5+Fcdok2mHvK+WreJXDBJaCuw1QoMw76Asd1CwO2FAFBOxM
0hvhhjx5zy7NnG7XVN6S67oyNgcuivXP7DgXXI8WSKv8MpujfQyPPPuNvFEYH3dg
rho0Jf/DjahCNS8tChkuhNuEuK0X5j2MEg/kFJuIQB3rYzU4LKL/2ba+bfpg0b63
62nefmiFuum7MYF/0e1iSZzAEspMNZaWWYoUxiwhb63SLQ5UDLyDC5LYrwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE2hcgP8rhUve6S4Whcg9nMP8NVsMB8GA1UdIwQY
MBaAFFa/sMy12byzl0q5OeIMiV0h9GxxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnItd3pMWFp2TE9YU3JrNTRneUpYU0gwYkhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81ZTY3MjAtMGY1MS00MDE0LWJhMWYt
YmRhMGJiODg1NTQ0LzEvVGFGeUFfeXVGUzk3cExoYUZ5RDJjd193MVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81ZTY3MjAtMGY1MS00MDE0LWJhMWYtYmRhMGJiODg1NTQ0
LzEvVnItd3pMWFp2TE9YU3JrNTRneUpYU0gwYkhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAXg
MA0GCSqGSIb3DQEBCwUAA4IBAQBZvYeZWzPuFwLSgRIW4Vak44AOb7Hbprgr+j/I
YZlNr+pwrjPZBqYqkMKExYIyl4y0fH9uJFE6ntNp8mOndnDuVwbjEAgmdiJWBEMP
iUQVLY+vSSL91uzHMreDTqYmKmAaDorFDzRM3Ukkx0hdlUf+SyAcXedrzWBICrzc
umveO+iHM+WwrOBpTN8O0AciEz7X6skW81OCsjoVtn8+EuVK1kM/bKydliAYTQfD
09UT+iunilkhU7pky+Ap56t7CmqJDAGcD28NZxG4QfEL+zm2OIQp8AgOcSinM414
bVPyAW5PARbo5iw4WS/u0FR3afeG0MNREKJYn29tMCbzzxjA
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:26:40 2025 by rpki-client