Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e9cbf3-3a5d-4b74-86d3-cb0f2455cbd6/1/irNcQLmJh11TGBELw5uQP7kOVJE.roa
File: irNcQLmJh11TGBELw5uQP7kOVJE.roa (raw, json)
Hash identifier: R7pIQc58X7S0CJk6seUtKX1n/5bjuhfl7ShC4vfuTCg=
Subject key identifier: 8A:B3:5C:40:B9:89:87:5D:53:18:11:0B:C3:9B:90:3F:B9:0E:54:91
Certificate issuer: /CN=d2bb66fbdeaafff43b9650b1f6cbe4f29edaf58c
Certificate serial: 019423D726320524377D75CC2F230C71E471
Authority key identifier: D2:BB:66:FB:DE:AA:FF:F4:3B:96:50:B1:F6:CB:E4:F2:9E:DA:F5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rtm-96q__Q7llCx9svk8p7a9Yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e9cbf3-3a5d-4b74-86d3-cb0f2455cbd6/1/irNcQLmJh11TGBELw5uQP7kOVJE.roa
Signing time: Wed 01 Jan 2025 21:48:10 +0000
ROA not before: Wed 01 Jan 2025 21:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8873
IP address blocks: 2001:678:848::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:26:32:05:24:37:7d:75:cc:2f:23:0c:71:e4:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2bb66fbdeaafff43b9650b1f6cbe4f29edaf58c
Validity
Not Before: Jan 1 21:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ab35c40b989875d5318110bc39b903fb90e5491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ab:8a:41:0f:4c:2f:ba:d1:ab:eb:42:b3:96:
86:21:df:a7:cd:64:b3:8d:b1:3e:6e:6c:2a:f4:c0:
3e:69:87:ca:15:10:44:e3:77:c6:2e:8c:55:01:2c:
2b:0b:3d:b3:ee:55:48:1f:65:bc:27:5e:d6:92:93:
36:06:32:6e:11:43:3b:4a:6e:ec:48:e7:a6:b0:53:
0f:a8:0f:ed:4f:db:66:7e:3d:ad:4d:3b:72:e3:91:
3d:76:e3:77:37:11:cb:d4:73:40:9f:d2:b1:6b:97:
9a:10:5f:5a:c6:c4:bf:2c:a7:2c:8f:6b:77:51:a1:
ef:0f:74:09:1d:91:53:20:36:c6:da:37:f7:d9:5b:
d7:68:83:10:ef:17:3c:95:63:9b:ee:3d:12:51:03:
60:35:ac:8d:8c:d6:11:c9:6e:4b:be:06:54:a5:14:
2b:11:ec:9c:21:1f:a3:94:e3:cb:e3:6e:2b:21:5e:
f9:60:e3:13:01:89:ed:95:b6:cd:cd:8f:de:24:86:
e2:a8:2c:c2:81:bd:31:37:c4:df:b6:e1:fb:c5:b9:
c2:4b:2a:78:fb:ce:d0:7c:ca:d2:55:84:e8:cb:31:
ec:11:d0:d9:5b:cd:71:70:11:1c:c8:23:36:0c:7d:
94:36:ae:96:e5:10:2e:1b:14:57:4c:12:fd:b1:a6:
87:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B3:5C:40:B9:89:87:5D:53:18:11:0B:C3:9B:90:3F:B9:0E:54:91
X509v3 Authority Key Identifier:
keyid:D2:BB:66:FB:DE:AA:FF:F4:3B:96:50:B1:F6:CB:E4:F2:9E:DA:F5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rtm-96q__Q7llCx9svk8p7a9Yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e9cbf3-3a5d-4b74-86d3-cb0f2455cbd6/1/irNcQLmJh11TGBELw5uQP7kOVJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e9cbf3-3a5d-4b74-86d3-cb0f2455cbd6/1/0rtm-96q__Q7llCx9svk8p7a9Yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:848::/48
Signature Algorithm: sha256WithRSAEncryption
77:00:86:b3:24:b7:2d:47:e7:8e:36:99:f7:02:2e:63:2a:2b:
11:c5:36:b1:27:d3:4d:4e:fb:85:44:65:a9:58:e9:94:06:08:
44:e4:0f:9f:03:50:51:a1:f4:98:18:a1:8a:a6:6f:d5:07:1a:
4e:b9:b1:23:93:37:e6:3d:45:64:55:f9:60:f9:70:c3:52:bd:
0b:e0:a1:c5:7a:ac:ef:2b:cc:d2:ba:b9:31:45:c4:1f:46:0c:
4b:38:28:a6:f7:c9:22:7c:87:c8:cf:b2:86:9b:be:d8:a3:ed:
cb:8b:05:15:b4:ce:e8:fb:33:19:81:c5:88:23:2a:91:7e:41:
7e:ce:84:10:aa:ef:40:4a:70:44:a6:c9:fb:35:b7:04:6a:78:
c5:e4:54:5d:95:98:f4:54:da:20:97:1a:9b:13:e8:f2:d9:db:
df:46:52:2b:eb:98:03:cf:a9:9f:07:6a:96:59:45:ee:dc:8f:
b9:de:cd:53:ba:10:b7:d2:4b:ec:9d:ab:d8:81:f8:fb:dd:aa:
2a:e7:29:c5:19:e9:79:47:7f:af:cf:fc:06:54:80:91:85:4a:
69:8a:6e:64:17:94:12:98:63:f5:73:cf:96:1d:64:ba:58:a9:
8a:f1:13:53:74:16:67:f1:c9:2a:d3:00:e9:0c:55:bb:cd:96:
6f:75:9e:e0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQj1yYyBSQ3fXXMLyMMceRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYmI2NmZiZGVhYWZmZjQzYjk2NTBiMWY2Y2JlNGYyOWVk
YWY1OGMwHhcNMjUwMTAxMjE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWIzNWM0MGI5ODk4NzVkNTMxODExMGJjMzliOTAzZmI5MGU1NDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKuKQQ9ML7rRq+tCs5aGId+nzWSz
jbE+bmwq9MA+aYfKFRBE43fGLoxVASwrCz2z7lVIH2W8J17WkpM2BjJuEUM7Sm7s
SOemsFMPqA/tT9tmfj2tTTty45E9duN3NxHL1HNAn9Kxa5eaEF9axsS/LKcsj2t3
UaHvD3QJHZFTIDbG2jf32VvXaIMQ7xc8lWOb7j0SUQNgNayNjNYRyW5LvgZUpRQr
EeycIR+jlOPL424rIV75YOMTAYntlbbNzY/eJIbiqCzCgb0xN8TftuH7xbnCSyp4
+87QfMrSVYToyzHsEdDZW81xcBEcyCM2DH2UNq6W5RAuGxRXTBL9saaHSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIqzXEC5iYddUxgRC8ObkD+5DlSRMB8GA1UdIwQY
MBaAFNK7Zvveqv/0O5ZQsfbL5PKe2vWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJ0bS05NnFfX1E3bGxDeDlzdms4cDdhOVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9lOWNiZjMtM2E1ZC00Yjc0LTg2ZDMt
Y2IwZjI0NTVjYmQ2LzEvaXJOY1FMbUpoMTFUR0JFTHc1dVFQN2tPVkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9lOWNiZjMtM2E1ZC00Yjc0LTg2ZDMtY2IwZjI0NTVjYmQ2
LzEvMHJ0bS05NnFfX1E3bGxDeDlzdms4cDdhOVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAhI
MA0GCSqGSIb3DQEBCwUAA4IBAQB3AIazJLctR+eONpn3Ai5jKisRxTaxJ9NNTvuF
RGWpWOmUBghE5A+fA1BRofSYGKGKpm/VBxpOubEjkzfmPUVkVflg+XDDUr0L4KHF
eqzvK8zSurkxRcQfRgxLOCim98kifIfIz7KGm77Yo+3LiwUVtM7o+zMZgcWIIyqR
fkF+zoQQqu9ASnBEpsn7NbcEanjF5FRdlZj0VNoglxqbE+jy2dvfRlIr65gDz6mf
B2qWWUXu3I+53s1TuhC30kvsnavYgfj73aoq5ynFGel5R3+vz/wGVICRhUppim5k
F5QSmGP1c8+WHWS6WKmK8RNTdBZn8ckq0wDpDFW7zZZvdZ7g
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:58:42 2025 by rpki-client