Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/ij75mLXi6GwTySbPGodwd4i9ALM.roa
File: ij75mLXi6GwTySbPGodwd4i9ALM.roa (raw, json)
Hash identifier: 5EGYA3Jpvq43I6VfAef9hWj1rZDohDdPmAsdMMICLrA=
Subject key identifier: 8A:3E:F9:98:B5:E2:E8:6C:13:C9:26:CF:1A:87:70:77:88:BD:00:B3
Certificate issuer: /CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Certificate serial: 01856E5D79729196C27E33AB14E185E0A888
Authority key identifier: DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/ij75mLXi6GwTySbPGodwd4i9ALM.roa
Signing time: Sun 01 Jan 2023 17:24:57 +0000
ROA not before: Sun 01 Jan 2023 17:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47869
IP address blocks: 2a0e:1c80:d::/48 maxlen: 48
2a0e:1c80:b::/48 maxlen: 48
2a0e:1c80:4::/48 maxlen: 48
2a0e:1c80:c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:79:72:91:96:c2:7e:33:ab:14:e1:85:e0:a8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Validity
Not Before: Jan 1 17:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a3ef998b5e2e86c13c926cf1a87707788bd00b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0c:c6:b6:d5:59:45:bc:33:ec:a4:ae:5f:28:
14:01:fc:4f:82:24:81:21:fc:6a:a0:69:bf:1f:16:
5b:ef:16:4f:e7:4e:5e:75:1d:45:84:cb:2d:ba:ee:
e0:7b:91:4d:f7:71:cf:ef:6e:db:c6:5c:34:5a:8f:
0b:53:65:ed:45:0c:96:dd:d2:d4:37:58:33:54:ea:
81:fa:cb:cc:59:a8:41:6e:b8:1b:1d:a9:9c:73:c6:
b4:b8:ff:5d:8f:b3:b8:d0:73:58:9b:87:00:4f:98:
0a:96:f7:0e:c1:74:48:be:09:65:3f:66:79:8a:ad:
5f:8c:aa:35:1d:46:66:b8:bf:d0:ca:fd:34:7d:b6:
3a:09:4d:4d:06:cd:bf:88:1e:5e:f2:82:80:b9:f1:
1a:d8:11:2d:21:c9:36:19:3f:2c:a9:78:53:51:03:
60:c8:6d:6e:ee:a9:c3:db:54:f3:77:ae:72:38:84:
94:54:3f:d5:f5:73:dd:c4:46:7e:c9:29:3e:17:64:
f8:ee:7d:87:ed:0e:f9:c4:c6:0c:71:e8:2a:1e:a8:
1e:69:5d:f5:14:04:cc:5f:87:ed:07:d6:10:18:86:
c7:8c:29:b7:70:86:78:ee:e1:2f:85:e5:7e:d7:80:
fc:e5:85:67:bf:15:49:a3:16:22:f5:08:c9:63:e8:
90:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:3E:F9:98:B5:E2:E8:6C:13:C9:26:CF:1A:87:70:77:88:BD:00:B3
X509v3 Authority Key Identifier:
keyid:DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/ij75mLXi6GwTySbPGodwd4i9ALM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/39cDtgrGhzJW5rSCa6J6ne7KLwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:4::/48
2a0e:1c80:b::-2a0e:1c80:d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:a6:1a:da:27:0a:41:55:1a:97:b9:8c:c6:1c:63:d1:dd:fe:
79:d1:b8:96:5c:b8:c1:2e:57:43:16:c4:3b:e1:da:b8:18:25:
95:01:b1:a3:b0:aa:92:f1:f7:3f:05:e2:e0:d9:d9:1a:48:f7:
99:a6:51:f0:af:06:4d:65:87:73:ce:4c:0f:a5:c9:4f:1a:1b:
cc:47:80:20:d7:98:6e:b0:64:a7:60:f3:b5:a0:f4:07:ab:78:
56:17:aa:5e:5b:6b:2d:d0:9d:82:b5:92:fa:4a:c4:f3:d6:45:
3a:40:ec:ce:21:0f:b9:ca:a3:17:7e:e4:f4:a6:76:e0:33:a0:
eb:20:92:8b:3d:73:0d:ee:ce:9f:b1:c3:ce:dd:ab:01:1a:58:
18:e5:fe:78:6b:39:4e:03:39:81:ce:9a:1a:e3:65:99:44:2d:
8d:f6:85:5f:a1:0b:e0:be:0d:1a:f5:50:c6:85:14:5b:cf:f4:
2e:13:d7:07:a3:f3:f4:42:67:f9:db:f7:c1:f0:e6:a5:e5:f0:
3a:41:de:bf:18:ed:27:df:55:37:ec:5f:4e:49:3f:44:6c:e5:
e1:3c:ab:6b:4f:0c:a5:23:7e:b9:ee:7e:97:0e:2c:39:65:39:
6d:7f:ca:22:75:be:91:38:7c:5b:c9:1c:63:c0:39:b2:40:79:
b2:a0:9b:17
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVuXXlykZbCfjOrFOGF4KiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDcwM2I2MGFjNjg3MzI1NmU2YjQ4MjZiYTI3YTlkZWVj
YTJmMGEwHhcNMjMwMTAxMTcyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTNlZjk5OGI1ZTJlODZjMTNjOTI2Y2YxYTg3NzA3Nzg4YmQwMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwzGttVZRbwz7KSuXygUAfxPgiSB
IfxqoGm/HxZb7xZP505edR1FhMstuu7ge5FN93HP727bxlw0Wo8LU2XtRQyW3dLU
N1gzVOqB+svMWahBbrgbHamcc8a0uP9dj7O40HNYm4cAT5gKlvcOwXRIvgllP2Z5
iq1fjKo1HUZmuL/Qyv00fbY6CU1NBs2/iB5e8oKAufEa2BEtIck2GT8sqXhTUQNg
yG1u7qnD21Tzd65yOISUVD/V9XPdxEZ+ySk+F2T47n2H7Q75xMYMcegqHqgeaV31
FATMX4ftB9YQGIbHjCm3cIZ47uEvheV+14D85YVnvxVJoxYi9QjJY+iQCQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIo++Zi14uhsE8kmzxqHcHeIvQCzMB8GA1UdIwQY
MBaAFN/XA7YKxocyVua0gmuiep3uyi8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDct
NTNmMDc4OGUxYTFiLzEvaWo3NW1MWGk2R3dUeVNiUEdvZHdkNGk5QUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDctNTNmMDc4OGUxYTFi
LzEvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcAKg4cgAAE
MBIDBwAqDhyAAAsDBwEqDhyAAAwwDQYJKoZIhvcNAQELBQADggEBAFemGtonCkFV
Gpe5jMYcY9Hd/nnRuJZcuMEuV0MWxDvh2rgYJZUBsaOwqpLx9z8F4uDZ2RpI95mm
UfCvBk1lh3POTA+lyU8aG8xHgCDXmG6wZKdg87Wg9AereFYXql5bay3QnYK1kvpK
xPPWRTpA7M4hD7nKoxd+5PSmduAzoOsgkos9cw3uzp+xw87dqwEaWBjl/nhrOU4D
OYHOmhrjZZlELY32hV+hC+C+DRr1UMaFFFvP9C4T1wej8/RCZ/nb98Hw5qXl8DpB
3r8Y7SffVTfsX05JP0Rs5eE8q2tPDKUjfrnufpcOLDllOW1/yiJ1vpE4fFvJHGPA
ObJAebKgmxc=
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:38:26 2025 by rpki-client