Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/j5y5olvUze_BsWvmrW2Rp3AFl_8.roa
File: j5y5olvUze_BsWvmrW2Rp3AFl_8.roa (raw, json)
Hash identifier: HK0sqaUPlbcibRBpYDrvm92HaEnRr6mrzoB/NQLwakE=
Subject key identifier: 8F:9C:B9:A2:5B:D4:CD:EF:C1:B1:6B:E6:AD:6D:91:A7:70:05:97:FF
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 019423D6F9C9C83972ABE83D0E22D4249578
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/j5y5olvUze_BsWvmrW2Rp3AFl_8.roa
Signing time: Wed 01 Jan 2025 21:47:58 +0000
ROA not before: Wed 01 Jan 2025 21:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:9440::/32 maxlen: 32
2a09:9442::/32 maxlen: 32
2a09:9443::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:f9:c9:c8:39:72:ab:e8:3d:0e:22:d4:24:95:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: Jan 1 21:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f9cb9a25bd4cdefc1b16be6ad6d91a7700597ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:72:f7:6a:f8:33:38:b0:e9:1b:87:31:62:6a:
9a:db:5c:5f:ee:db:a2:46:39:4c:e3:56:71:7f:4e:
d5:3a:90:4d:e3:43:a1:9a:ec:05:33:e3:ff:52:53:
ba:08:4c:d3:7e:f2:ce:19:8c:b5:e2:bb:c7:cb:1e:
49:b8:af:c1:08:e3:7b:5c:31:6e:e8:14:22:27:f9:
c2:09:ae:95:0c:d6:78:ef:8c:80:c9:95:0b:32:dc:
cc:c3:bc:2a:fd:df:0e:5b:bd:8e:be:77:09:6b:3c:
6a:0d:41:e0:62:dd:74:cb:2e:3b:fe:14:a1:57:7c:
85:43:7a:88:dc:c9:bf:b0:8b:66:58:63:f1:2a:22:
ba:59:62:bf:1d:44:a9:f3:0b:45:e6:b6:ce:c2:bd:
23:88:7a:e4:20:93:28:39:68:4c:9a:ef:41:98:f5:
32:2e:b8:20:8d:52:7a:9f:b5:d4:73:e3:a2:39:c4:
50:73:3d:a9:88:73:5d:63:61:c4:fe:45:bc:cd:43:
90:f4:20:a3:37:0f:b7:39:be:ed:38:f2:7c:b1:68:
b0:8f:a9:c6:a8:fc:e0:08:3d:60:d7:65:25:24:ab:
cd:74:c6:cc:ab:98:c3:f9:85:6a:b5:a4:ac:96:34:
c1:45:03:d3:26:c9:26:fa:2a:0a:6c:ac:26:d4:91:
00:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:9C:B9:A2:5B:D4:CD:EF:C1:B1:6B:E6:AD:6D:91:A7:70:05:97:FF
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/j5y5olvUze_BsWvmrW2Rp3AFl_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:9440::/32
2a09:9442::/31
Signature Algorithm: sha256WithRSAEncryption
ab:a0:5f:93:6a:85:c9:24:6a:48:d4:fa:eb:34:c5:dc:ea:4b:
a3:a2:65:d6:0e:2f:c1:56:b1:99:3c:f4:ca:0e:e2:30:d3:6d:
f2:4a:79:82:a4:2a:ad:5c:c9:93:89:2b:bf:e0:43:01:00:4e:
3a:e1:0b:b1:c4:6e:27:08:1d:bd:d1:3d:08:c7:2f:dc:f3:57:
d6:02:99:54:12:91:32:54:eb:3e:c1:ef:0b:d3:e9:b8:1a:54:
23:ed:e7:86:a8:55:98:24:01:a2:07:71:d3:67:4a:d7:b0:2d:
5a:bb:0a:c8:d8:99:5f:c8:56:fd:93:41:fe:f1:07:3a:5b:e1:
df:1c:7b:c5:e0:10:95:b2:4e:99:7c:12:82:5b:e4:3b:7b:5e:
da:08:66:5e:ef:0d:d4:aa:99:ef:ec:c9:1a:7d:fd:ea:ff:7c:
4c:40:8b:b1:0e:f2:6f:49:43:cb:1a:90:37:96:c8:d6:61:a4:
47:24:06:56:d5:8c:1c:fa:6e:5c:7c:6a:cf:be:35:52:45:42:
0a:5b:99:0f:b6:2d:b1:56:2e:86:24:70:f2:30:40:34:82:5b:
be:e4:42:0c:ce:66:b3:33:64:b9:f3:b7:17:e5:6b:75:6a:a1:
d9:bb:99:18:83:07:95:49:57:d7:24:9e:37:64:8a:ce:a3:34:
3c:7b:91:b7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQj1vnJyDlyq+g9DiLUJJV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwMTAxMjE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjljYjlhMjViZDRjZGVmYzFiMTZiZTZhZDZkOTFhNzcwMDU5N2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXL3avgzOLDpG4cxYmqa21xf7tui
RjlM41Zxf07VOpBN40OhmuwFM+P/UlO6CEzTfvLOGYy14rvHyx5JuK/BCON7XDFu
6BQiJ/nCCa6VDNZ474yAyZULMtzMw7wq/d8OW72OvncJazxqDUHgYt10yy47/hSh
V3yFQ3qI3Mm/sItmWGPxKiK6WWK/HUSp8wtF5rbOwr0jiHrkIJMoOWhMmu9BmPUy
LrggjVJ6n7XUc+OiOcRQcz2piHNdY2HE/kW8zUOQ9CCjNw+3Ob7tOPJ8sWiwj6nG
qPzgCD1g12UlJKvNdMbMq5jD+YVqtaSsljTBRQPTJskm+ioKbKwm1JEAcwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFI+cuaJb1M3vwbFr5q1tkadwBZf/MB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvajV5NW9sdlV6ZV9Cc1d2bXJXMlJwM0FGbF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgmUQAMF
ASoJlEIwDQYJKoZIhvcNAQELBQADggEBAKugX5NqhckkakjU+us0xdzqS6OiZdYO
L8FWsZk89MoO4jDTbfJKeYKkKq1cyZOJK7/gQwEATjrhC7HEbicIHb3RPQjHL9zz
V9YCmVQSkTJU6z7B7wvT6bgaVCPt54aoVZgkAaIHcdNnStewLVq7CsjYmV/IVv2T
Qf7xBzpb4d8ce8XgEJWyTpl8EoJb5Dt7XtoIZl7vDdSqme/syRp9/er/fExAi7EO
8m9JQ8sakDeWyNZhpEckBlbVjBz6blx8as++NVJFQgpbmQ+2LbFWLoYkcPIwQDSC
W77kQgzOZrMzZLnztxfla3Vqodm7mRiDB5VJV9cknjdkis6jNDx7kbc=
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:34:16 2025 by rpki-client