Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/180954-8a43-4acc-8a7b-0aeac670c71e/1/RcsdF1twYJezgr8yrtMpdKX_i-I.roa
File: RcsdF1twYJezgr8yrtMpdKX_i-I.roa (raw, json)
Hash identifier: eUwQ3KjdQolC1TEdBZkoGCLFeL0MsnJZDlHFt9oWWQw=
Subject key identifier: 45:CB:1D:17:5B:70:60:97:B3:82:BF:32:AE:D3:29:74:A5:FF:8B:E2
Certificate issuer: /CN=5e66815a4631d0e797c1f366e47bf15115c9a4fb
Certificate serial: 01942068025DAA1F265EBE6C6708EA56E566
Authority key identifier: 5E:66:81:5A:46:31:D0:E7:97:C1:F3:66:E4:7B:F1:51:15:C9:A4:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XmaBWkYx0OeXwfNm5HvxURXJpPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/180954-8a43-4acc-8a7b-0aeac670c71e/1/RcsdF1twYJezgr8yrtMpdKX_i-I.roa
Signing time: Wed 01 Jan 2025 05:47:54 +0000
ROA not before: Wed 01 Jan 2025 05:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212469
IP address blocks: 2001:67c:1354::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:02:5d:aa:1f:26:5e:be:6c:67:08:ea:56:e5:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e66815a4631d0e797c1f366e47bf15115c9a4fb
Validity
Not Before: Jan 1 05:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45cb1d175b706097b382bf32aed32974a5ff8be2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:43:8f:13:55:ec:51:bb:42:bc:41:14:6b:78:
fe:22:bb:36:ca:3d:ea:60:ea:ba:06:71:02:10:ec:
16:e0:a3:5c:0b:bb:3c:00:69:d9:16:d5:79:58:83:
cf:74:2c:4a:6b:04:34:07:92:30:69:30:23:6f:5b:
43:08:85:61:7f:14:ae:84:40:da:d0:40:4e:ee:2a:
8e:e6:93:54:5e:d7:88:a1:20:65:a5:eb:92:34:b4:
56:64:50:a4:c0:6a:33:c9:01:39:fe:f9:b6:0c:5c:
07:5a:37:9f:b6:1e:3c:e1:19:a9:1c:aa:e0:8d:df:
e3:d4:b9:d6:13:b9:64:9b:06:48:e4:87:db:75:52:
d4:d5:74:fd:3c:1f:e2:66:96:72:55:ef:c1:6d:5b:
ab:2d:1c:6e:8c:b9:2c:60:1b:0d:68:e9:b5:c8:0f:
f4:fc:d1:00:66:70:9b:07:e7:e1:49:2b:32:b4:ce:
a1:2e:d4:7d:bc:c5:c8:de:83:b9:e7:9a:f9:c0:34:
58:81:73:71:1c:bd:ed:87:13:d3:d0:90:f8:b6:2c:
5d:16:b6:62:db:8e:4b:1d:f0:47:97:87:2e:07:e6:
e6:8b:07:93:1f:5c:61:eb:32:bc:ee:36:9b:c3:f2:
8e:a0:fb:9a:2e:cc:39:3b:53:82:72:70:b3:2d:83:
cb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CB:1D:17:5B:70:60:97:B3:82:BF:32:AE:D3:29:74:A5:FF:8B:E2
X509v3 Authority Key Identifier:
keyid:5E:66:81:5A:46:31:D0:E7:97:C1:F3:66:E4:7B:F1:51:15:C9:A4:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XmaBWkYx0OeXwfNm5HvxURXJpPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/180954-8a43-4acc-8a7b-0aeac670c71e/1/RcsdF1twYJezgr8yrtMpdKX_i-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/180954-8a43-4acc-8a7b-0aeac670c71e/1/XmaBWkYx0OeXwfNm5HvxURXJpPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1354::/48
Signature Algorithm: sha256WithRSAEncryption
5c:34:ea:a8:b5:70:45:ae:12:ad:b1:6c:1c:60:1c:d9:cf:19:
a0:d9:d9:6f:db:4c:0f:80:27:25:07:e9:5d:a7:1d:a6:ef:e9:
1e:9d:73:9e:33:26:9e:c6:4c:6b:13:f8:76:58:2e:87:70:4b:
61:07:48:2e:b9:f2:22:46:91:2b:49:c5:dc:d2:48:b2:9e:48:
4a:84:9d:0a:84:54:40:af:d8:c8:51:36:3b:e7:6e:b6:fe:aa:
1d:81:5c:d2:d0:46:60:8e:46:ec:f5:3d:a1:8e:e0:0b:cb:74:
55:52:2d:db:7b:76:47:21:57:f2:b5:32:e6:c7:39:ad:c5:87:
8a:9d:f9:02:89:23:a5:d7:62:c8:65:22:a2:5d:79:99:16:ea:
24:9e:2c:3e:0d:26:03:32:51:42:8e:e6:63:17:b3:e8:2a:46:
fe:99:f7:d3:60:a2:cf:34:28:58:3d:af:5e:9d:46:61:68:d5:
99:d1:92:73:15:f9:ce:6f:47:98:10:db:d8:59:9e:0c:ad:74:
e5:a5:87:0e:2d:81:75:fa:db:f4:f5:c6:a9:f2:5c:da:17:33:
c5:3c:93:df:cb:3a:18:23:77:37:23:3b:d6:34:52:9c:e7:36:
9c:b5:70:d6:d8:b3:bf:a3:51:d5:78:44:e0:e0:0f:c1:23:10:
a0:f7:d4:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgaAJdqh8mXr5sZwjqVuVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNjY4MTVhNDYzMWQwZTc5N2MxZjM2NmU0N2JmMTUxMTVj
OWE0ZmIwHhcNMjUwMTAxMDU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWNiMWQxNzViNzA2MDk3YjM4MmJmMzJhZWQzMjk3NGE1ZmY4YmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEOPE1XsUbtCvEEUa3j+Irs2yj3q
YOq6BnECEOwW4KNcC7s8AGnZFtV5WIPPdCxKawQ0B5IwaTAjb1tDCIVhfxSuhEDa
0EBO7iqO5pNUXteIoSBlpeuSNLRWZFCkwGozyQE5/vm2DFwHWjefth484RmpHKrg
jd/j1LnWE7lkmwZI5IfbdVLU1XT9PB/iZpZyVe/BbVurLRxujLksYBsNaOm1yA/0
/NEAZnCbB+fhSSsytM6hLtR9vMXI3oO555r5wDRYgXNxHL3thxPT0JD4tixdFrZi
245LHfBHl4cuB+bmiweTH1xh6zK87jabw/KOoPuaLsw5O1OCcnCzLYPLNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEXLHRdbcGCXs4K/Mq7TKXSl/4viMB8GA1UdIwQY
MBaAFF5mgVpGMdDnl8HzZuR78VEVyaT7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG1hQldrWXgwT2VYd2ZObTVIdnhVUlhKcFBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8xODA5NTQtOGE0My00YWNjLThhN2It
MGFlYWM2NzBjNzFlLzEvUmNzZEYxdHdZSmV6Z3I4eXJ0TXBkS1hfaS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8xODA5NTQtOGE0My00YWNjLThhN2ItMGFlYWM2NzBjNzFl
LzEvWG1hQldrWXgwT2VYd2ZObTVIdnhVUlhKcFBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBNU
MA0GCSqGSIb3DQEBCwUAA4IBAQBcNOqotXBFrhKtsWwcYBzZzxmg2dlv20wPgCcl
B+ldpx2m7+kenXOeMyaexkxrE/h2WC6HcEthB0guufIiRpErScXc0kiynkhKhJ0K
hFRAr9jIUTY75262/qodgVzS0EZgjkbs9T2hjuALy3RVUi3be3ZHIVfytTLmxzmt
xYeKnfkCiSOl12LIZSKiXXmZFuokniw+DSYDMlFCjuZjF7PoKkb+mffTYKLPNChY
Pa9enUZhaNWZ0ZJzFfnOb0eYENvYWZ4MrXTlpYcOLYF1+tv09cap8lzaFzPFPJPf
yzoYI3c3IzvWNFKc5zactXDW2LO/o1HVeETg4A/BIxCg99TB
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:11:47 2025 by rpki-client