Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/aa8e43-6df0-47ef-adc5-30bdd2fe05b1/1/gHCDIdhOuUpwW3kY6kopG285_k0.roa
File: gHCDIdhOuUpwW3kY6kopG285_k0.roa (raw, json)
Hash identifier: 5xiT0kgNZs49N5lk+a3OABaCYPVOiGuQ90iKWrfQblE=
Subject key identifier: 80:70:83:21:D8:4E:B9:4A:70:5B:79:18:EA:4A:29:1B:6F:39:FE:4D
Certificate issuer: /CN=a82207fd50c45e96f2825ec772cf6b8dea3dfcb0
Certificate serial: 019425FDD188A0B5AD4CD6194936156A0292
Authority key identifier: A8:22:07:FD:50:C4:5E:96:F2:82:5E:C7:72:CF:6B:8D:EA:3D:FC:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCIH_VDEXpbygl7Hcs9rjeo9_LA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/aa8e43-6df0-47ef-adc5-30bdd2fe05b1/1/gHCDIdhOuUpwW3kY6kopG285_k0.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207886
IP address blocks: 2001:678:b70::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d1:88:a0:b5:ad:4c:d6:19:49:36:15:6a:02:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a82207fd50c45e96f2825ec772cf6b8dea3dfcb0
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80708321d84eb94a705b7918ea4a291b6f39fe4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:34:bb:2d:f3:b6:b0:f5:01:8b:c8:57:2e:b4:
2d:d5:de:64:8d:17:0d:5c:92:5e:cc:42:3a:d8:7c:
c4:58:93:59:81:96:d5:af:b8:c7:35:27:01:a2:aa:
39:9d:c9:76:58:d6:d8:55:cb:d8:4c:39:f0:e8:88:
45:6f:97:5b:7f:ec:ef:be:ff:ec:cc:e7:39:6f:e2:
1c:06:7e:c2:a8:e0:f3:0b:d4:17:cb:75:21:6f:e2:
18:f6:54:41:f0:cf:8d:92:96:43:d5:70:93:7e:9d:
72:1b:5e:91:03:85:3c:b9:74:88:98:a4:1e:0b:58:
9d:a5:94:3d:dd:5a:8f:50:39:58:bd:f5:73:10:3a:
b8:98:5f:bc:c7:75:ae:ca:88:e4:8e:a7:63:48:f0:
4a:ab:8f:16:e6:db:3d:cc:34:91:ff:ec:16:8e:9d:
93:df:7c:8a:f0:aa:b7:50:71:25:3b:93:35:06:55:
4f:09:00:db:b2:15:91:2b:ff:68:df:fd:19:fd:81:
96:d6:74:da:d8:69:cc:7b:06:dd:6e:4e:ff:ba:8c:
57:34:c7:ae:c6:cc:38:21:0d:e5:4d:9b:58:d0:2a:
37:a2:6c:7e:a2:a3:e3:44:75:94:a2:c6:37:22:d3:
51:ac:5c:0b:e3:0b:09:0d:20:cd:81:c3:49:90:c1:
3d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:70:83:21:D8:4E:B9:4A:70:5B:79:18:EA:4A:29:1B:6F:39:FE:4D
X509v3 Authority Key Identifier:
keyid:A8:22:07:FD:50:C4:5E:96:F2:82:5E:C7:72:CF:6B:8D:EA:3D:FC:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCIH_VDEXpbygl7Hcs9rjeo9_LA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aa8e43-6df0-47ef-adc5-30bdd2fe05b1/1/gHCDIdhOuUpwW3kY6kopG285_k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/aa8e43-6df0-47ef-adc5-30bdd2fe05b1/1/qCIH_VDEXpbygl7Hcs9rjeo9_LA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:b70::/48
Signature Algorithm: sha256WithRSAEncryption
57:45:10:b6:ac:21:39:22:2b:39:13:05:32:86:81:e3:66:24:
a2:e1:b9:d3:f2:aa:40:e2:48:73:be:a6:e8:d8:91:ab:83:31:
9f:67:cd:74:c9:f9:02:79:2a:a5:2f:bb:ad:d3:b6:fe:f9:36:
24:b5:ea:4f:ff:68:3d:8b:02:c5:dc:43:36:c3:73:c7:31:0f:
4c:e6:44:2c:5a:c7:74:81:d7:51:89:9c:49:dc:e9:3b:bd:dd:
9a:46:5c:49:05:50:cc:54:17:66:30:26:16:a4:93:94:73:5b:
a0:a3:99:f6:23:52:82:e7:45:96:81:f3:ef:6f:15:1e:c8:85:
12:e3:08:3f:1e:92:5e:b2:e3:7c:b4:92:82:29:c9:99:04:be:
3c:d0:7a:9d:ef:c0:df:83:ae:8f:6e:2a:a5:2f:43:be:b2:fe:
74:17:58:d0:a3:f3:0c:1f:1e:86:f3:b8:71:c2:ea:66:18:f9:
32:b5:75:a1:59:b3:19:bc:09:6f:77:ee:e2:39:2b:30:1b:12:
2e:e5:6d:dd:f0:ee:d8:85:75:dc:42:7e:28:ad:59:fe:a9:99:
ca:e2:33:a9:be:72:7e:80:f5:b1:21:7b:0b:92:73:cc:b2:a6:
68:94:89:e2:50:ad:c4:4b:55:dc:db:44:28:29:e6:ed:be:76:
c8:58:28:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/dGIoLWtTNYZSTYVagKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjIwN2ZkNTBjNDVlOTZmMjgyNWVjNzcyY2Y2YjhkZWEz
ZGZjYjAwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDcwODMyMWQ4NGViOTRhNzA1Yjc5MThlYTRhMjkxYjZmMzlmZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TS7LfO2sPUBi8hXLrQt1d5kjRcN
XJJezEI62HzEWJNZgZbVr7jHNScBoqo5ncl2WNbYVcvYTDnw6IhFb5dbf+zvvv/s
zOc5b+IcBn7CqODzC9QXy3Uhb+IY9lRB8M+NkpZD1XCTfp1yG16RA4U8uXSImKQe
C1idpZQ93VqPUDlYvfVzEDq4mF+8x3WuyojkjqdjSPBKq48W5ts9zDSR/+wWjp2T
33yK8Kq3UHElO5M1BlVPCQDbshWRK/9o3/0Z/YGW1nTa2GnMewbdbk7/uoxXNMeu
xsw4IQ3lTZtY0Co3omx+oqPjRHWUosY3ItNRrFwL4wsJDSDNgcNJkME9OQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIBwgyHYTrlKcFt5GOpKKRtvOf5NMB8GA1UdIwQY
MBaAFKgiB/1QxF6W8oJex3LPa43qPfywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNJSF9WREVYcGJ5Z2w3SGNzOXJqZW85X0xBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYThlNDMtNmRmMC00N2VmLWFkYzUt
MzBiZGQyZmUwNWIxLzEvZ0hDRElkaE91VXB3VzNrWTZrb3BHMjg1X2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYThlNDMtNmRmMC00N2VmLWFkYzUtMzBiZGQyZmUwNWIx
LzEvcUNJSF9WREVYcGJ5Z2w3SGNzOXJqZW85X0xBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAtw
MA0GCSqGSIb3DQEBCwUAA4IBAQBXRRC2rCE5Iis5EwUyhoHjZiSi4bnT8qpA4khz
vqbo2JGrgzGfZ810yfkCeSqlL7ut07b++TYktepP/2g9iwLF3EM2w3PHMQ9M5kQs
Wsd0gddRiZxJ3Ok7vd2aRlxJBVDMVBdmMCYWpJOUc1ugo5n2I1KC50WWgfPvbxUe
yIUS4wg/HpJesuN8tJKCKcmZBL480Hqd78Dfg66PbiqlL0O+sv50F1jQo/MMHx6G
87hxwupmGPkytXWhWbMZvAlvd+7iOSswGxIu5W3d8O7YhXXcQn4orVn+qZnK4jOp
vnJ+gPWxIXsLknPMsqZolIniUK3ES1Xc20QoKebtvnbIWCgT
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:05:30 2025 by rpki-client