Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/lJMqmo9D9dRnYRlieF0kv0mPPKE.roa
File: lJMqmo9D9dRnYRlieF0kv0mPPKE.roa (raw, json)
Hash identifier: 2rLW4fzqa7s5IPc3OOLLEKlkayzskgNWawx1uIblY9k=
Subject key identifier: 94:93:2A:9A:8F:43:F5:D4:67:61:19:62:78:5D:24:BF:49:8F:3C:A1
Certificate issuer: /CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Certificate serial: 0187875EFB90A17A2AF44A3A17C534BBB2C4
Authority key identifier: DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/lJMqmo9D9dRnYRlieF0kv0mPPKE.roa
Signing time: Sun 16 Apr 2023 00:02:41 +0000
ROA not before: Sun 16 Apr 2023 00:02:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23734
IP address blocks: 2a0e:1c80:1b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:87:5e:fb:90:a1:7a:2a:f4:4a:3a:17:c5:34:bb:b2:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd703b60ac6873256e6b4826ba27a9deeca2f0a
Validity
Not Before: Apr 16 00:02:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94932a9a8f43f5d467611962785d24bf498f3ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:57:1e:5a:2a:4a:70:a1:b4:01:f2:76:0e:32:
5d:5f:a0:53:82:d4:2c:f0:03:b2:50:b1:cc:d7:a0:
d2:c9:33:13:5a:73:03:3f:de:70:c2:59:4b:85:64:
da:1f:97:2b:3e:bd:4d:b4:c1:96:b5:24:2b:0d:a7:
8b:8e:dd:14:4e:05:99:e6:91:d4:4a:48:c6:70:7a:
dc:99:66:23:68:51:16:a6:87:52:9e:0c:f8:a1:a2:
ae:87:d5:79:77:08:be:4e:ee:93:39:25:ea:e1:93:
6e:ea:fd:28:dc:f6:90:21:e7:78:fc:df:a9:a9:c7:
57:1a:62:da:21:e4:56:4e:da:53:4b:3b:e8:d3:a3:
89:28:8f:c6:28:df:c3:91:06:d4:75:bd:f0:1c:b6:
46:cc:23:bf:da:97:80:fa:78:d3:32:22:00:19:aa:
c6:45:71:d6:06:cf:f4:76:c3:83:08:bc:ed:ad:0d:
bc:f8:1f:9f:c6:39:34:e8:13:1a:0e:c7:1d:25:ed:
2a:9f:9a:fd:64:d8:48:6d:49:6e:16:3b:e1:5d:80:
74:70:30:eb:0d:37:81:31:8e:53:3a:f3:46:28:14:
a8:b8:54:b7:64:e5:15:e2:df:a2:fa:7d:bc:94:14:
ff:fc:1b:aa:ce:74:a2:b5:fd:23:9d:a8:7c:3e:ea:
3f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:93:2A:9A:8F:43:F5:D4:67:61:19:62:78:5D:24:BF:49:8F:3C:A1
X509v3 Authority Key Identifier:
keyid:DF:D7:03:B6:0A:C6:87:32:56:E6:B4:82:6B:A2:7A:9D:EE:CA:2F:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39cDtgrGhzJW5rSCa6J6ne7KLwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/lJMqmo9D9dRnYRlieF0kv0mPPKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f678bd-4fe0-4ae0-80d7-53f0788e1a1b/1/39cDtgrGhzJW5rSCa6J6ne7KLwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:1b::/48
Signature Algorithm: sha256WithRSAEncryption
9c:b3:e5:62:a8:2d:7e:b7:98:e7:b8:11:60:cc:70:ea:7e:6a:
e5:f5:52:10:73:cf:ff:a4:b7:af:a1:07:8e:47:f7:c8:49:bc:
a5:f4:79:09:88:e3:c7:d3:23:50:5c:6a:ea:2a:d8:26:4e:53:
26:b2:b7:f1:51:91:8e:4f:8a:41:ee:80:52:f2:a3:38:30:71:
ef:fa:92:70:a0:b4:ce:37:5f:7c:91:d0:8b:be:2a:00:eb:ea:
12:07:41:c4:23:d9:27:de:1f:9e:50:a2:9e:d9:47:ff:82:68:
22:33:e6:57:f5:63:7d:56:5e:05:a8:25:ac:f0:a9:1f:de:96:
28:d7:c4:b4:a3:89:be:f2:ee:70:20:b4:89:76:ef:f1:c0:34:
36:9b:98:78:85:f7:b0:78:f7:fd:55:3e:70:95:7f:5b:8b:88:
b3:d5:77:01:c8:b4:d9:63:80:6f:18:c2:65:4b:59:2f:d7:f8:
bb:e5:8b:e0:41:3d:e1:ee:17:84:ea:69:24:48:83:a5:8e:a3:
c2:0c:e0:b2:60:12:25:e2:cc:77:1b:3d:48:a9:1d:99:11:17:
5f:e9:05:03:2e:ad:b1:79:20:46:0e:fd:a6:b0:75:f5:9a:d4:
66:3c:cd:13:3e:60:a9:86:05:2e:1a:69:c8:f1:c8:71:49:6e:
34:75:2d:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYeHXvuQoXoq9Eo6F8U0u7LEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDcwM2I2MGFjNjg3MzI1NmU2YjQ4MjZiYTI3YTlkZWVj
YTJmMGEwHhcNMjMwNDE2MDAwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDkzMmE5YThmNDNmNWQ0Njc2MTE5NjI3ODVkMjRiZjQ5OGYzY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFceWipKcKG0AfJ2DjJdX6BTgtQs
8AOyULHM16DSyTMTWnMDP95wwllLhWTaH5crPr1NtMGWtSQrDaeLjt0UTgWZ5pHU
SkjGcHrcmWYjaFEWpodSngz4oaKuh9V5dwi+Tu6TOSXq4ZNu6v0o3PaQIed4/N+p
qcdXGmLaIeRWTtpTSzvo06OJKI/GKN/DkQbUdb3wHLZGzCO/2peA+njTMiIAGarG
RXHWBs/0dsODCLztrQ28+B+fxjk06BMaDscdJe0qn5r9ZNhIbUluFjvhXYB0cDDr
DTeBMY5TOvNGKBSouFS3ZOUV4t+i+n28lBT//BuqznSitf0jnah8Puo/cwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJSTKpqPQ/XUZ2EZYnhdJL9JjzyhMB8GA1UdIwQY
MBaAFN/XA7YKxocyVua0gmuiep3uyi8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDct
NTNmMDc4OGUxYTFiLzEvbEpNcW1vOUQ5ZFJuWVJsaWVGMGt2MG1QUEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mNjc4YmQtNGZlMC00YWUwLTgwZDctNTNmMDc4OGUxYTFi
LzEvMzljRHRnckdoekpXNXJTQ2E2SjZuZTdLTHdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cgAAb
MA0GCSqGSIb3DQEBCwUAA4IBAQCcs+ViqC1+t5jnuBFgzHDqfmrl9VIQc8//pLev
oQeOR/fISbyl9HkJiOPH0yNQXGrqKtgmTlMmsrfxUZGOT4pB7oBS8qM4MHHv+pJw
oLTON198kdCLvioA6+oSB0HEI9kn3h+eUKKe2Uf/gmgiM+ZX9WN9Vl4FqCWs8Kkf
3pYo18S0o4m+8u5wILSJdu/xwDQ2m5h4hfewePf9VT5wlX9bi4iz1XcByLTZY4Bv
GMJlS1kv1/i75YvgQT3h7heE6mkkSIOljqPCDOCyYBIl4sx3Gz1IqR2ZERdf6QUD
Lq2xeSBGDv2msHX1mtRmPM0TPmCphgUuGmnI8chxSW40dS2r
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:37:49 2025 by rpki-client