Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/egiuQKi8pr64nTrCAPbAZypV0ZU.roa
File: egiuQKi8pr64nTrCAPbAZypV0ZU.roa (raw, json)
Hash identifier: DxhscGNFlV1SfBzigPHOPXoJo5Jjra211pN0o1cY2rw=
Subject key identifier: 7A:08:AE:40:A8:BC:A6:BE:B8:9D:3A:C2:00:F6:C0:67:2A:55:D1:95
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 019537CAF5B397871404D98331940582A0D3
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/egiuQKi8pr64nTrCAPbAZypV0ZU.roa
Signing time: Mon 24 Feb 2025 11:50:02 +0000
ROA not before: Mon 24 Feb 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:da41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:ca:f5:b3:97:87:14:04:d9:83:31:94:05:82:a0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Feb 24 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a08ae40a8bca6beb89d3ac200f6c0672a55d195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:14:63:dd:41:09:c1:7a:05:82:df:f7:d9:bc:
dc:cc:7f:81:31:46:9c:ed:0d:4e:a6:37:3c:bd:61:
86:5a:6e:46:fe:5e:a9:0f:bd:eb:95:fc:cb:3e:cf:
bc:63:4f:3e:06:4e:04:64:ab:c7:f1:b4:73:b4:af:
a9:41:3d:59:52:fb:41:e9:4a:3e:35:a9:a8:15:15:
44:52:c3:d8:d5:fc:45:8a:d3:a0:ad:23:9d:30:89:
a3:57:c6:c2:71:40:c4:d6:b8:a6:75:8b:08:81:1e:
f2:e7:95:03:55:bd:b0:bf:3d:76:e3:25:10:20:76:
03:bd:2a:9c:19:7b:ee:4c:d4:a7:59:d7:5a:58:97:
da:01:47:86:db:1d:b1:f8:33:d1:47:7d:2e:fb:f1:
4d:e3:47:6f:eb:5d:75:9e:6d:33:ca:04:41:c6:ef:
d6:10:d9:05:d8:72:96:b1:7a:ce:42:54:6a:c3:da:
5e:17:d6:a1:ec:f3:ad:5e:6d:96:91:85:67:ce:a1:
52:f5:7d:c7:b2:ee:87:e2:c7:91:b6:d6:89:87:69:
20:10:86:a0:65:60:48:24:5a:ef:50:87:09:ac:70:
87:cf:b5:df:45:05:8f:7f:f3:1f:31:5c:ae:78:0e:
58:04:95:f8:a7:2c:bc:57:36:d8:66:64:8f:9b:af:
76:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:08:AE:40:A8:BC:A6:BE:B8:9D:3A:C2:00:F6:C0:67:2A:55:D1:95
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/egiuQKi8pr64nTrCAPbAZypV0ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:da41::/32
Signature Algorithm: sha256WithRSAEncryption
54:55:c9:42:91:59:eb:5a:0a:d6:42:72:0c:e5:f2:e6:32:c7:
91:87:d2:d6:59:a3:87:18:6a:6c:50:75:b3:81:6b:f8:6d:b7:
8e:3b:6f:1a:13:80:95:ff:84:f4:55:de:43:be:91:50:fe:eb:
1d:54:42:ee:03:ab:90:15:51:1d:73:7c:3a:8a:f9:20:76:68:
e7:45:67:73:1e:03:f1:3f:65:da:94:49:c2:cd:d7:4b:04:8d:
43:94:08:8f:b8:b6:e7:73:ee:bd:c1:69:cd:11:4e:ba:ab:cd:
f4:bb:1f:f6:d3:9a:64:c9:17:11:a3:44:fc:9b:15:ae:45:e8:
c1:01:f7:83:04:6a:35:12:a1:5e:c7:6d:c0:2f:77:f0:43:37:
2d:e5:36:d7:04:c5:1c:c1:9b:0f:7a:80:8b:05:a3:94:10:bd:
c0:2c:6c:62:4d:9e:85:80:09:c5:9e:3d:16:e9:94:55:67:d8:
c7:cb:1d:e9:7d:4a:71:ff:d2:06:4f:11:f1:1d:40:a0:c9:d0:
8e:e2:d1:26:f7:06:2a:0a:2e:d8:8c:1e:df:21:60:81:f5:1a:
58:7d:df:ba:c0:fc:72:c1:4b:21:cd:69:c7:3c:93:6e:5e:cb:
80:f1:f4:41:18:d1:77:81:9c:c0:7d:1e:9c:58:bd:f8:00:ab:
8f:b7:a6:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZU3yvWzl4cUBNmDMZQFgqDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwMjI0MTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTA4YWU0MGE4YmNhNmJlYjg5ZDNhYzIwMGY2YzA2NzJhNTVkMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxRj3UEJwXoFgt/32bzczH+BMUac
7Q1Opjc8vWGGWm5G/l6pD73rlfzLPs+8Y08+Bk4EZKvH8bRztK+pQT1ZUvtB6Uo+
NamoFRVEUsPY1fxFitOgrSOdMImjV8bCcUDE1rimdYsIgR7y55UDVb2wvz124yUQ
IHYDvSqcGXvuTNSnWddaWJfaAUeG2x2x+DPRR30u+/FN40dv6111nm0zygRBxu/W
ENkF2HKWsXrOQlRqw9peF9ah7POtXm2WkYVnzqFS9X3Hsu6H4seRttaJh2kgEIag
ZWBIJFrvUIcJrHCHz7XfRQWPf/MfMVyueA5YBJX4pyy8VzbYZmSPm692qwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHoIrkCovKa+uJ06wgD2wGcqVdGVMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvZWdpdVFLaThwcjY0blRyQ0FQYkFaeXBWMFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgnaQTAN
BgkqhkiG9w0BAQsFAAOCAQEAVFXJQpFZ61oK1kJyDOXy5jLHkYfS1lmjhxhqbFB1
s4Fr+G23jjtvGhOAlf+E9FXeQ76RUP7rHVRC7gOrkBVRHXN8Oor5IHZo50Vncx4D
8T9l2pRJws3XSwSNQ5QIj7i253PuvcFpzRFOuqvN9Lsf9tOaZMkXEaNE/JsVrkXo
wQH3gwRqNRKhXsdtwC938EM3LeU21wTFHMGbD3qAiwWjlBC9wCxsYk2ehYAJxZ49
FumUVWfYx8sd6X1Kcf/SBk8R8R1AoMnQjuLRJvcGKgou2Iwe3yFggfUaWH3fusD8
csFLIc1pxzyTbl7LgPH0QRjRd4GcwH0enFi9+ACrj7emwQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:31:27 2025 by rpki-client