Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/13bc29-4ef3-421b-a30f-1344d02cfda8/1/prQrRYa7iRxtGVoZ-fOmbS6yQ1I.roa
File: prQrRYa7iRxtGVoZ-fOmbS6yQ1I.roa (raw, json)
Hash identifier: tnsyAKD0R4WdSHhtE37JrhpYKkCqh9rly9GAA3vquY4=
Subject key identifier: A6:B4:2B:45:86:BB:89:1C:6D:19:5A:19:F9:F3:A6:6D:2E:B2:43:52
Certificate issuer: /CN=a4917d885b675672fc8efb89d6e14e23675052d9
Certificate serial: 019423698EBD4E7389C5EF41C3704704512F
Authority key identifier: A4:91:7D:88:5B:67:56:72:FC:8E:FB:89:D6:E1:4E:23:67:50:52:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJF9iFtnVnL8jvuJ1uFOI2dQUtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/13bc29-4ef3-421b-a30f-1344d02cfda8/1/prQrRYa7iRxtGVoZ-fOmbS6yQ1I.roa
Signing time: Wed 01 Jan 2025 19:48:27 +0000
ROA not before: Wed 01 Jan 2025 19:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199195
IP address blocks: 2001:67c:c40::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:8e:bd:4e:73:89:c5:ef:41:c3:70:47:04:51:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4917d885b675672fc8efb89d6e14e23675052d9
Validity
Not Before: Jan 1 19:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a6b42b4586bb891c6d195a19f9f3a66d2eb24352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f8:b1:10:f7:6e:3c:cc:a3:2e:64:94:6c:8b:
d5:c2:b1:19:be:1b:30:8c:b9:75:ee:0e:fd:f1:7c:
1b:f2:32:31:0d:a7:4a:51:39:2f:ce:ae:d0:50:58:
a8:c2:96:51:66:5c:13:86:32:23:d0:a9:c2:4b:71:
e5:20:da:a5:22:3f:1b:b1:dc:c4:3c:c8:76:35:6b:
78:8c:60:45:f5:97:78:2b:b2:e6:5c:65:d2:fc:b3:
57:ee:6d:bf:ea:3d:7b:d4:bb:8e:80:4f:60:c7:6a:
51:64:9d:3e:05:6e:19:94:a3:09:13:7b:2c:28:8c:
3a:ff:46:ae:47:91:95:ac:d0:3f:cd:09:ff:71:90:
72:0e:67:63:30:6f:9a:9e:44:91:d2:b5:fc:c1:c2:
4a:c5:02:91:11:32:f0:94:2b:32:e6:dc:05:26:52:
39:29:a9:fa:35:ef:d8:2e:33:c7:bd:27:56:28:e3:
d2:96:74:a6:e3:6e:de:47:5e:46:bf:3b:72:14:3d:
dd:c1:d1:d9:34:b9:bc:2c:75:ff:8e:01:8e:c6:79:
76:ad:e5:98:33:6e:eb:ef:b9:81:56:ec:bd:b0:3a:
6c:6d:26:79:34:31:dd:4e:ea:71:8f:c5:27:73:7a:
d0:f0:24:29:ee:0b:e8:0f:c7:41:91:58:d3:2e:c4:
69:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B4:2B:45:86:BB:89:1C:6D:19:5A:19:F9:F3:A6:6D:2E:B2:43:52
X509v3 Authority Key Identifier:
keyid:A4:91:7D:88:5B:67:56:72:FC:8E:FB:89:D6:E1:4E:23:67:50:52:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJF9iFtnVnL8jvuJ1uFOI2dQUtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/13bc29-4ef3-421b-a30f-1344d02cfda8/1/prQrRYa7iRxtGVoZ-fOmbS6yQ1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/13bc29-4ef3-421b-a30f-1344d02cfda8/1/pJF9iFtnVnL8jvuJ1uFOI2dQUtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c40::/48
Signature Algorithm: sha256WithRSAEncryption
37:9e:9a:19:7c:8b:31:fa:ca:0a:30:1d:09:93:3b:11:ab:8c:
6c:e7:30:15:9f:9b:13:75:34:a0:34:cd:57:e7:08:fb:ef:5a:
19:69:54:79:8b:04:61:17:ba:b4:36:31:76:ab:dd:f6:c7:54:
0f:db:e2:bb:f4:2b:52:e7:b2:27:ef:23:38:22:63:c6:3d:24:
f4:04:04:8d:a5:80:f9:fd:88:6d:8d:9e:36:dd:7f:73:a8:43:
88:2a:fe:5c:5a:ff:32:03:f5:bc:1f:e7:04:96:0f:56:44:b7:
eb:ac:8d:d6:59:55:93:e9:76:78:81:ae:b7:17:fc:05:d8:94:
03:7e:04:2c:dd:71:8a:2f:95:7f:cb:27:84:78:fd:cd:ad:f2:
20:e4:29:d7:0d:5d:88:8a:1b:7c:85:96:93:70:07:6c:90:90:
a8:cd:e9:e3:83:ca:01:ab:9b:56:53:07:8c:b4:0e:a7:99:31:
95:ac:67:e7:b4:81:e9:a5:22:e7:f3:21:e4:aa:aa:b5:74:18:
f7:77:2c:a4:d3:0e:6a:82:01:43:30:2a:79:5d:7b:cd:7a:e2:
ad:da:67:b3:a9:26:f9:56:8a:78:6d:f8:64:5a:51:b3:33:81:
3b:f2:19:aa:db:ba:f1:64:bf:98:06:32:37:8c:5f:a2:a5:1a:
82:31:ce:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjaY69TnOJxe9Bw3BHBFEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTE3ZDg4NWI2NzU2NzJmYzhlZmI4OWQ2ZTE0ZTIzNjc1
MDUyZDkwHhcNMjUwMTAxMTk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI0MmI0NTg2YmI4OTFjNmQxOTVhMTlmOWYzYTY2ZDJlYjI0MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/ixEPduPMyjLmSUbIvVwrEZvhsw
jLl17g798Xwb8jIxDadKUTkvzq7QUFiowpZRZlwThjIj0KnCS3HlINqlIj8bsdzE
PMh2NWt4jGBF9Zd4K7LmXGXS/LNX7m2/6j171LuOgE9gx2pRZJ0+BW4ZlKMJE3ss
KIw6/0auR5GVrNA/zQn/cZByDmdjMG+ankSR0rX8wcJKxQKRETLwlCsy5twFJlI5
Kan6Ne/YLjPHvSdWKOPSlnSm427eR15GvztyFD3dwdHZNLm8LHX/jgGOxnl2reWY
M27r77mBVuy9sDpsbSZ5NDHdTupxj8Unc3rQ8CQp7gvoD8dBkVjTLsRpsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKa0K0WGu4kcbRlaGfnzpm0uskNSMB8GA1UdIwQY
MBaAFKSRfYhbZ1Zy/I77idbhTiNnUFLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEpGOWlGdG5Wbkw4anZ1SjF1Rk9JMmRRVXRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xM2JjMjktNGVmMy00MjFiLWEzMGYt
MTM0NGQwMmNmZGE4LzEvcHJRclJZYTdpUnh0R1ZvWi1mT21iUzZ5UTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8xM2JjMjktNGVmMy00MjFiLWEzMGYtMTM0NGQwMmNmZGE4
LzEvcEpGOWlGdG5Wbkw4anZ1SjF1Rk9JMmRRVXRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAxA
MA0GCSqGSIb3DQEBCwUAA4IBAQA3npoZfIsx+soKMB0JkzsRq4xs5zAVn5sTdTSg
NM1X5wj771oZaVR5iwRhF7q0NjF2q932x1QP2+K79CtS57In7yM4ImPGPST0BASN
pYD5/YhtjZ423X9zqEOIKv5cWv8yA/W8H+cElg9WRLfrrI3WWVWT6XZ4ga63F/wF
2JQDfgQs3XGKL5V/yyeEeP3NrfIg5CnXDV2Iiht8hZaTcAdskJCozenjg8oBq5tW
UweMtA6nmTGVrGfntIHppSLn8yHkqqq1dBj3dyyk0w5qggFDMCp5XXvNeuKt2mez
qSb5Vop4bfhkWlGzM4E78hmq27rxZL+YBjI3jF+ipRqCMc6C
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:18:53 2025 by rpki-client