Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5ef9e0-7a00-4fca-beaa-66b624eae78c/1/T2nJ8YsYUulSZb9GUXFmz8VHViw.roa
File: T2nJ8YsYUulSZb9GUXFmz8VHViw.roa (raw, json)
Hash identifier: 5XjZ7sWfLWF9S9IVh/StOJhbx3B86TdyvGGrjN3b+RI=
Subject key identifier: 4F:69:C9:F1:8B:18:52:E9:52:65:BF:46:51:71:66:CF:C5:47:56:2C
Certificate issuer: /CN=133eeb9f7aba19e03b1366dab0883f3653fc03be
Certificate serial: 01941F8C9E9D039FA33FA0D2AD01A0D85E62
Authority key identifier: 13:3E:EB:9F:7A:BA:19:E0:3B:13:66:DA:B0:88:3F:36:53:FC:03:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ez7rn3q6GeA7E2basIg_NlP8A74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5ef9e0-7a00-4fca-beaa-66b624eae78c/1/T2nJ8YsYUulSZb9GUXFmz8VHViw.roa
Signing time: Wed 01 Jan 2025 01:48:16 +0000
ROA not before: Wed 01 Jan 2025 01:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212518
IP address blocks: 2001:678:e8c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9e:9d:03:9f:a3:3f:a0:d2:ad:01:a0:d8:5e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=133eeb9f7aba19e03b1366dab0883f3653fc03be
Validity
Not Before: Jan 1 01:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f69c9f18b1852e95265bf46517166cfc547562c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cb:51:0e:82:a1:1f:c6:8a:6e:bb:cb:a9:6f:
a6:9b:5d:47:96:78:98:8f:6e:db:43:c3:39:2b:0c:
18:76:e3:c8:64:6d:b6:d9:a1:a4:49:4f:9b:e7:7c:
38:d4:bf:b6:c9:9b:6e:d4:ce:cb:c7:fd:a0:6e:41:
bb:c3:4e:a2:e6:e1:a7:15:cd:3c:97:c0:05:93:fb:
d0:8f:2f:77:6c:b2:d7:70:28:cb:36:df:db:df:04:
51:97:cb:44:50:e8:2d:90:18:2b:f0:44:1f:3b:97:
19:30:b1:ee:c6:b0:86:90:be:cd:58:3d:a7:da:48:
fa:53:fa:e0:66:c0:83:d3:3e:b7:cb:23:a3:69:98:
c6:b6:84:99:44:9e:e3:b5:97:1f:e4:ca:ad:57:95:
20:d7:9f:ef:11:3d:b0:e8:38:49:0d:a4:31:35:95:
39:92:c6:78:d1:b3:20:54:8b:cc:9d:2f:d1:f9:36:
e2:3b:5e:ed:14:0d:1b:0e:a5:04:e3:8e:a9:b4:df:
19:a9:69:6b:0d:5a:f5:16:b6:68:46:96:f2:ee:a2:
ee:eb:9a:58:df:8d:61:6a:a1:ad:e4:ad:33:fe:46:
d7:09:ba:33:c8:bc:72:25:c9:02:20:ac:ce:08:e4:
fd:25:2f:86:8a:8b:46:11:15:ef:6a:3a:94:35:38:
65:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:69:C9:F1:8B:18:52:E9:52:65:BF:46:51:71:66:CF:C5:47:56:2C
X509v3 Authority Key Identifier:
keyid:13:3E:EB:9F:7A:BA:19:E0:3B:13:66:DA:B0:88:3F:36:53:FC:03:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ez7rn3q6GeA7E2basIg_NlP8A74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5ef9e0-7a00-4fca-beaa-66b624eae78c/1/T2nJ8YsYUulSZb9GUXFmz8VHViw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5ef9e0-7a00-4fca-beaa-66b624eae78c/1/Ez7rn3q6GeA7E2basIg_NlP8A74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e8c::/48
Signature Algorithm: sha256WithRSAEncryption
5c:7b:91:19:0c:a0:47:4f:13:fe:dc:09:ce:2a:4e:4d:86:82:
07:75:1e:36:c8:dc:66:f6:5d:b5:90:d4:21:4b:a7:7e:a6:12:
00:5f:10:70:b3:91:44:59:db:46:2d:00:2f:6e:4c:2e:ca:6a:
b4:35:8b:e8:51:86:3d:01:dd:3b:0c:eb:bd:f0:a0:db:75:ce:
f1:0b:7e:81:91:c0:cc:a1:c7:99:e7:19:6b:6f:8f:00:4e:b6:
ea:6c:de:22:ea:bc:55:3e:dd:48:34:2c:fe:d8:da:cd:94:44:
bd:8b:c7:8f:ad:5d:3f:34:ee:82:e1:36:31:6b:ab:77:e9:d6:
bb:0a:43:ff:fe:9d:e4:28:da:24:30:b2:a1:fa:6d:5b:48:d9:
a1:17:d9:38:9a:52:c7:83:34:72:11:d2:22:dc:cd:8d:c2:b6:
d1:8a:da:bb:4c:7d:75:a1:30:c4:ce:c1:4f:2b:ed:c7:67:ad:
3a:86:4c:1e:cf:69:47:c8:79:22:c8:5c:6b:f6:57:d9:a3:7d:
df:5d:d5:35:57:d3:78:0f:51:09:dd:24:43:61:96:ed:5f:c8:
4e:76:1b:f6:d1:d0:23:29:f7:61:14:89:8d:b9:25:3a:98:0b:
9f:37:8c:6b:65:3f:3f:a8:67:16:99:72:f9:79:36:34:e7:75:
5c:d2:db:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjJ6dA5+jP6DSrQGg2F5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzM2VlYjlmN2FiYTE5ZTAzYjEzNjZkYWIwODgzZjM2NTNm
YzAzYmUwHhcNMjUwMTAxMDE0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjY5YzlmMThiMTg1MmU5NTI2NWJmNDY1MTcxNjZjZmM1NDc1NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsctRDoKhH8aKbrvLqW+mm11HlniY
j27bQ8M5KwwYduPIZG222aGkSU+b53w41L+2yZtu1M7Lx/2gbkG7w06i5uGnFc08
l8AFk/vQjy93bLLXcCjLNt/b3wRRl8tEUOgtkBgr8EQfO5cZMLHuxrCGkL7NWD2n
2kj6U/rgZsCD0z63yyOjaZjGtoSZRJ7jtZcf5MqtV5Ug15/vET2w6DhJDaQxNZU5
ksZ40bMgVIvMnS/R+TbiO17tFA0bDqUE446ptN8ZqWlrDVr1FrZoRpby7qLu65pY
341haqGt5K0z/kbXCbozyLxyJckCIKzOCOT9JS+GiotGERXvajqUNThlnwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE9pyfGLGFLpUmW/RlFxZs/FR1YsMB8GA1UdIwQY
MBaAFBM+6596uhngOxNm2rCIPzZT/AO+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXo3cm4zcTZHZUE3RTJiYXNJZ19ObFA4QTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZWY5ZTAtN2EwMC00ZmNhLWJlYWEt
NjZiNjI0ZWFlNzhjLzEvVDJuSjhZc1lVdWxTWmI5R1VYRm16OFZIVml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZWY5ZTAtN2EwMC00ZmNhLWJlYWEtNjZiNjI0ZWFlNzhj
LzEvRXo3cm4zcTZHZUE3RTJiYXNJZ19ObFA4QTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA6M
MA0GCSqGSIb3DQEBCwUAA4IBAQBce5EZDKBHTxP+3AnOKk5NhoIHdR42yNxm9l21
kNQhS6d+phIAXxBws5FEWdtGLQAvbkwuymq0NYvoUYY9Ad07DOu98KDbdc7xC36B
kcDMoceZ5xlrb48ATrbqbN4i6rxVPt1INCz+2NrNlES9i8ePrV0/NO6C4TYxa6t3
6da7CkP//p3kKNokMLKh+m1bSNmhF9k4mlLHgzRyEdIi3M2NwrbRitq7TH11oTDE
zsFPK+3HZ606hkwez2lHyHkiyFxr9lfZo33fXdU1V9N4D1EJ3SRDYZbtX8hOdhv2
0dAjKfdhFImNuSU6mAufN4xrZT8/qGcWmXL5eTY053Vc0tuF
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:16:19 2025 by rpki-client