Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/N1rTidaACgh8Wl5J2g45GZumvQs.roa
File: N1rTidaACgh8Wl5J2g45GZumvQs.roa (raw, json)
Hash identifier: btCaFx/Jws6uzlXHydN6cLSWM9L6FDcS4ymcYrWP048=
Subject key identifier: 37:5A:D3:89:D6:80:0A:08:7C:5A:5E:49:DA:0E:39:19:9B:A6:BD:0B
Certificate issuer: /CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Certificate serial: 0194DFB0151A0685C96E918CA2B2195A846D
Authority key identifier: 75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/N1rTidaACgh8Wl5J2g45GZumvQs.roa
Signing time: Fri 07 Feb 2025 09:14:06 +0000
ROA not before: Fri 07 Feb 2025 09:14:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a0f:9c03::/32 maxlen: 32
2a11:5184::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:b0:15:1a:06:85:c9:6e:91:8c:a2:b2:19:5a:84:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757cefe36b3fcc68a42c0aff81d144980f32777f
Validity
Not Before: Feb 7 09:14:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=375ad389d6800a087c5a5e49da0e39199ba6bd0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:90:71:d5:38:2a:cd:87:e3:68:f8:6b:f9:a9:
c1:e5:5f:53:94:c4:94:b9:42:73:39:d9:96:ce:b9:
ed:de:19:57:aa:22:1d:ce:52:f8:26:59:f3:5e:8f:
57:2e:36:02:3f:96:8e:3f:15:60:71:3c:57:66:66:
dd:84:b8:a8:7f:e6:26:f0:73:d0:da:2d:84:3b:c2:
b1:cf:1b:4d:9f:ab:7e:cc:3e:9a:ca:5d:85:e9:da:
20:1f:6f:43:82:c9:a7:ff:f0:4a:79:50:47:12:e2:
c2:6e:f3:4f:40:82:12:50:78:ed:93:3f:ba:a9:71:
5a:ac:23:1c:7e:d6:7a:f0:30:02:3a:59:34:f8:12:
fe:2c:8a:5d:a5:03:8b:73:f4:61:be:65:0a:62:17:
47:55:53:80:50:6d:fb:31:5f:81:ef:bd:61:55:de:
12:cb:5b:82:39:9f:e7:78:40:15:db:65:f1:d6:43:
6e:0d:5a:9d:c5:3e:55:f5:5b:28:07:43:b2:44:84:
cf:9c:fe:45:bf:d0:f0:19:38:d2:59:4b:7a:52:2a:
7b:59:b6:ad:e6:e3:da:8d:3d:d3:ae:f0:7a:49:63:
0a:79:c1:98:ed:5a:17:46:36:99:f2:4e:ce:39:cd:
e7:11:90:48:29:46:f3:dc:33:e5:a9:67:7b:bd:3b:
92:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5A:D3:89:D6:80:0A:08:7C:5A:5E:49:DA:0E:39:19:9B:A6:BD:0B
X509v3 Authority Key Identifier:
keyid:75:7C:EF:E3:6B:3F:CC:68:A4:2C:0A:FF:81:D1:44:98:0F:32:77:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXzv42s_zGikLAr_gdFEmA8yd38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/N1rTidaACgh8Wl5J2g45GZumvQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/972db6-770f-4462-9fc7-ee9b9517f2ec/1/dXzv42s_zGikLAr_gdFEmA8yd38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:9c03::/32
2a11:5184::/32
Signature Algorithm: sha256WithRSAEncryption
84:71:84:b2:e9:d3:5e:ba:81:96:8a:61:b6:4e:df:61:2c:8e:
ed:7c:16:98:b7:39:fd:0e:6f:3a:f5:74:c4:c9:11:0b:a5:3e:
d1:47:52:28:24:52:9c:01:fd:03:84:f9:a1:2a:d0:ab:88:e5:
07:a9:df:3d:65:fb:d7:7f:aa:63:8a:87:0e:07:52:ae:91:ae:
ee:3f:35:d0:9e:25:ff:f0:1c:4f:87:79:91:59:6c:d1:db:c8:
56:2a:87:25:79:fe:5d:07:7a:fc:c1:3f:3c:d9:3b:fa:5f:04:
e6:dd:ee:b8:8c:08:a0:e9:84:f9:cd:4e:c7:a4:2e:c4:32:50:
f3:e1:de:11:fc:7a:89:1d:22:c4:ee:0a:d9:40:94:ee:c7:e3:
3e:5a:d6:80:bb:30:d8:78:b6:5b:09:a6:d2:99:79:37:75:fc:
45:aa:77:28:28:bd:62:c3:0f:71:91:be:65:d2:8f:df:b0:c4:
76:55:0e:62:3b:a2:79:c9:e7:8a:29:b0:95:c3:6e:d4:68:b3:
38:52:23:41:d2:85:40:28:29:57:59:84:99:4d:0c:bf:d6:c5:
4f:29:cd:35:0a:28:28:bc:1c:2c:82:60:98:d0:3b:4d:1b:e2:
cc:ce:97:65:fd:1d:2d:ca:51:0c:04:23:2b:55:98:84:01:4b:
8c:1b:c8:be
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTfsBUaBoXJbpGMorIZWoRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2NlZmUzNmIzZmNjNjhhNDJjMGFmZjgxZDE0NDk4MGYz
Mjc3N2YwHhcNMjUwMjA3MDkxNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzVhZDM4OWQ2ODAwYTA4N2M1YTVlNDlkYTBlMzkxOTliYTZiZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZBx1TgqzYfjaPhr+anB5V9TlMSU
uUJzOdmWzrnt3hlXqiIdzlL4JlnzXo9XLjYCP5aOPxVgcTxXZmbdhLiof+Ym8HPQ
2i2EO8KxzxtNn6t+zD6ayl2F6dogH29Dgsmn//BKeVBHEuLCbvNPQIISUHjtkz+6
qXFarCMcftZ68DACOlk0+BL+LIpdpQOLc/RhvmUKYhdHVVOAUG37MV+B771hVd4S
y1uCOZ/neEAV22Xx1kNuDVqdxT5V9VsoB0OyRITPnP5Fv9DwGTjSWUt6Uip7Wbat
5uPajT3TrvB6SWMKecGY7VoXRjaZ8k7OOc3nEZBIKUbz3DPlqWd7vTuSYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDda04nWgAoIfFpeSdoOORmbpr0LMB8GA1UdIwQY
MBaAFHV87+NrP8xopCwK/4HRRJgPMnd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzct
ZWU5Yjk1MTdmMmVjLzEvTjFyVGlkYUFDZ2g4V2w1SjJnNDVHWnVtdlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC85NzJkYjYtNzcwZi00NDYyLTlmYzctZWU5Yjk1MTdmMmVj
LzEvZFh6djQyc196R2lrTEFyX2dkRkVtQTh5ZDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKg+cAwMF
ACoRUYQwDQYJKoZIhvcNAQELBQADggEBAIRxhLLp0166gZaKYbZO32Esju18Fpi3
Of0Obzr1dMTJEQulPtFHUigkUpwB/QOE+aEq0KuI5Qep3z1l+9d/qmOKhw4HUq6R
ru4/NdCeJf/wHE+HeZFZbNHbyFYqhyV5/l0HevzBPzzZO/pfBObd7riMCKDphPnN
TsekLsQyUPPh3hH8eokdIsTuCtlAlO7H4z5a1oC7MNh4tlsJptKZeTd1/EWqdygo
vWLDD3GRvmXSj9+wxHZVDmI7onnJ54opsJXDbtRoszhSI0HShUAoKVdZhJlNDL/W
xU8pzTUKKCi8HCyCYJjQO00b4szOl2X9HS3KUQwEIytVmIQBS4wbyL4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:48:39 2025 by rpki-client