Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/djgyGcMhqliiDUtwIvZaJr87Lpc.roa
File: djgyGcMhqliiDUtwIvZaJr87Lpc.roa (raw, json)
Hash identifier: OR+D7a6hS/i5PgaSkVTIYAfFqT1n30JIUnkQ2IsZoPI=
Subject key identifier: 76:38:32:19:C3:21:AA:58:A2:0D:4B:70:22:F6:5A:26:BF:3B:2E:97
Certificate issuer: /CN=43e6eca34dc70c1f1bf1c4dd1b0a82093b354b72
Certificate serial: 01856D9D231BE894BA2AB5EC96A6DBDCBB94
Authority key identifier: 43:E6:EC:A3:4D:C7:0C:1F:1B:F1:C4:DD:1B:0A:82:09:3B:35:4B:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q-bso03HDB8b8cTdGwqCCTs1S3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/djgyGcMhqliiDUtwIvZaJr87Lpc.roa
Signing time: Sun 01 Jan 2023 13:54:52 +0000
ROA not before: Sun 01 Jan 2023 13:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 2a12:7b80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:9d:23:1b:e8:94:ba:2a:b5:ec:96:a6:db:dc:bb:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43e6eca34dc70c1f1bf1c4dd1b0a82093b354b72
Validity
Not Before: Jan 1 13:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76383219c321aa58a20d4b7022f65a26bf3b2e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ef:90:23:43:be:a3:2e:10:a9:12:6c:95:e9:
7a:5a:53:e7:8e:0c:66:66:1f:88:80:c4:5e:10:75:
b0:7c:56:6d:9f:0e:5b:31:86:3c:9b:9f:08:c6:ef:
22:b5:f1:d0:b2:9f:43:6b:5f:d1:7b:a6:22:e7:cd:
6b:ce:4c:5e:f8:10:0a:c9:0b:df:5f:fa:2b:10:0d:
89:ae:51:9d:7c:8e:9b:1f:97:18:6c:02:d8:36:41:
32:a2:73:24:ed:1e:97:06:c9:9a:af:07:48:e1:6e:
a0:53:5d:dd:fb:ae:4c:ac:f1:05:38:80:66:22:29:
03:68:59:9d:02:7e:39:13:2b:26:9f:6d:30:68:ee:
77:18:53:1e:a1:98:a8:15:83:3a:b3:3a:1f:3e:77:
7c:c9:04:3d:5f:28:61:f5:31:50:8c:25:1f:33:c2:
20:3e:b2:16:2b:bf:f2:58:df:e5:01:cc:33:94:48:
0d:7f:17:72:7d:df:3e:77:92:a0:39:75:ce:c8:5f:
af:9a:de:a2:79:b7:2e:9f:6e:4b:fd:70:a1:23:ac:
1d:06:2d:02:fa:0a:05:9d:f4:ac:51:c5:8e:d6:31:
9a:08:2d:17:cf:04:e2:8c:97:be:fb:09:f3:12:db:
fa:43:5f:2b:87:f0:7f:7f:de:8e:a1:e9:ee:ee:9e:
c6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:38:32:19:C3:21:AA:58:A2:0D:4B:70:22:F6:5A:26:BF:3B:2E:97
X509v3 Authority Key Identifier:
keyid:43:E6:EC:A3:4D:C7:0C:1F:1B:F1:C4:DD:1B:0A:82:09:3B:35:4B:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q-bso03HDB8b8cTdGwqCCTs1S3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/djgyGcMhqliiDUtwIvZaJr87Lpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/db02f4-3908-4674-a0c4-0364cbe9bab8/1/Q-bso03HDB8b8cTdGwqCCTs1S3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7b80::/29
Signature Algorithm: sha256WithRSAEncryption
8e:9f:34:57:2f:bd:9a:c1:bd:93:0a:ec:39:d0:5f:cf:e4:2e:
ca:d0:e5:66:7f:a9:11:3e:29:98:3e:8f:50:34:5f:0b:d8:5f:
a5:14:c5:40:49:ab:9b:ee:67:8f:6a:cb:4c:d2:79:70:12:e9:
d0:cd:40:e4:56:6d:e6:17:2b:39:e5:db:55:02:50:03:a4:18:
f8:aa:7f:75:98:cd:e8:67:63:5d:25:8a:ca:80:6a:cf:7f:69:
a5:96:2b:4f:d8:cb:52:25:16:57:74:b0:2d:fc:5e:52:de:18:
5f:df:6d:4e:60:27:39:c9:d9:d0:00:2c:ab:2f:2c:cb:82:a9:
6a:1f:d8:11:2c:87:02:de:e5:32:26:48:63:fd:b7:01:ea:b4:
e6:34:4a:27:76:38:4a:b5:41:30:7f:24:77:36:52:a0:d7:1a:
8d:0f:7d:a8:8f:71:83:18:e8:f2:37:f6:4f:24:38:6d:63:ec:
d7:e0:a0:5c:f3:48:76:f1:eb:ba:6f:3e:26:04:5f:44:32:54:
84:5e:db:37:ea:58:d9:10:e0:2f:6d:c1:7a:7f:8c:b1:c4:5a:
8e:53:79:df:cc:ba:60:c1:c4:4e:97:21:8d:b4:10:b9:37:2a:
5d:92:81:7d:c4:67:60:0b:66:e5:79:b3:eb:76:2d:e6:e9:1b:
53:40:2d:e9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtnSMb6JS6KrXslqbb3LuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZTZlY2EzNGRjNzBjMWYxYmYxYzRkZDFiMGE4MjA5M2Iz
NTRiNzIwHhcNMjMwMTAxMTM1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjM4MzIxOWMzMjFhYTU4YTIwZDRiNzAyMmY2NWEyNmJmM2IyZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn++QI0O+oy4QqRJslel6WlPnjgxm
Zh+IgMReEHWwfFZtnw5bMYY8m58Ixu8itfHQsp9Da1/Re6Yi581rzkxe+BAKyQvf
X/orEA2JrlGdfI6bH5cYbALYNkEyonMk7R6XBsmarwdI4W6gU13d+65MrPEFOIBm
IikDaFmdAn45Eysmn20waO53GFMeoZioFYM6szofPnd8yQQ9Xyhh9TFQjCUfM8Ig
PrIWK7/yWN/lAcwzlEgNfxdyfd8+d5KgOXXOyF+vmt6iebcun25L/XChI6wdBi0C
+goFnfSsUcWO1jGaCC0XzwTijJe++wnzEtv6Q18rh/B/f96Ooenu7p7GxwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHY4MhnDIapYog1LcCL2Wia/Oy6XMB8GA1UdIwQY
MBaAFEPm7KNNxwwfG/HE3RsKggk7NUtyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUS1ic28wM0hEQjhiOGNUZEd3cUNDVHMxUzNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kYjAyZjQtMzkwOC00Njc0LWEwYzQt
MDM2NGNiZTliYWI4LzEvZGpneUdjTWhxbGlpRFV0d0l2WmFKcjg3THBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kYjAyZjQtMzkwOC00Njc0LWEwYzQtMDM2NGNiZTliYWI4
LzEvUS1ic28wM0hEQjhiOGNUZEd3cUNDVHMxUzNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJ7gDAN
BgkqhkiG9w0BAQsFAAOCAQEAjp80Vy+9msG9kwrsOdBfz+QuytDlZn+pET4pmD6P
UDRfC9hfpRTFQEmrm+5nj2rLTNJ5cBLp0M1A5FZt5hcrOeXbVQJQA6QY+Kp/dZjN
6GdjXSWKyoBqz39ppZYrT9jLUiUWV3SwLfxeUt4YX99tTmAnOcnZ0AAsqy8sy4Kp
ah/YESyHAt7lMiZIY/23Aeq05jRKJ3Y4SrVBMH8kdzZSoNcajQ99qI9xgxjo8jf2
TyQ4bWPs1+CgXPNIdvHrum8+JgRfRDJUhF7bN+pY2RDgL23Ben+MscRajlN538y6
YMHETpchjbQQuTcqXZKBfcRnYAtm5Xmz63Yt5ukbU0At6Q==
-----END CERTIFICATE-----
Generated at Mon May 12 17:09:45 2025 by rpki-client