Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/NRcWwubnTv8pcHVpHOdNFWUlOXg.roa
File: NRcWwubnTv8pcHVpHOdNFWUlOXg.roa (raw, json)
Hash identifier: lkTccmpivW1Ado7K6LvAdLSPe3v56jZoJ1qzdiLTJCo=
Subject key identifier: 35:17:16:C2:E6:E7:4E:FF:29:70:75:69:1C:E7:4D:15:65:25:39:78
Certificate issuer: /CN=ac89af60986e6d958322fb026c6b65aeec949a0d
Certificate serial: 019427485B75F1EEE87D50A6B477A961739F
Authority key identifier: AC:89:AF:60:98:6E:6D:95:83:22:FB:02:6C:6B:65:AE:EC:94:9A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rImvYJhubZWDIvsCbGtlruyUmg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/NRcWwubnTv8pcHVpHOdNFWUlOXg.roa
Signing time: Thu 02 Jan 2025 13:50:40 +0000
ROA not before: Thu 02 Jan 2025 13:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216458
IP address blocks: 2a13:ce40:6666::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:5b:75:f1:ee:e8:7d:50:a6:b4:77:a9:61:73:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac89af60986e6d958322fb026c6b65aeec949a0d
Validity
Not Before: Jan 2 13:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=351716c2e6e74eff297075691ce74d1565253978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4d:72:1c:60:c6:c6:fa:f6:89:1b:5b:e3:39:
6f:df:31:5b:c4:92:48:ce:00:15:0c:b8:96:2a:40:
98:a5:c3:43:d5:22:f6:2f:ea:17:ce:dd:99:9e:c5:
66:1e:88:30:b6:5e:ec:bf:d9:b9:03:ea:2c:4f:ba:
3a:9d:87:f2:bf:78:ac:dd:02:67:1a:97:47:02:4b:
57:ec:d4:1a:ae:d9:7a:ec:ba:4d:3f:ca:de:f8:8d:
c6:fb:fc:79:3c:8e:88:b8:52:ad:c8:90:bf:46:b3:
b5:54:f7:7f:f4:c0:e0:06:a7:88:60:2f:dc:2d:b0:
e0:cd:75:00:6a:86:2b:b1:b0:e4:1f:08:a4:d1:6d:
ba:36:63:a4:06:de:fb:f4:a4:12:b8:fd:f3:4b:e1:
ab:3e:b4:33:82:e7:10:98:93:b8:8c:68:ea:e0:61:
06:2a:d1:ab:c3:3a:b0:60:59:38:bc:fe:d4:2e:b8:
22:d7:10:b2:1d:e1:fa:ff:07:9f:48:12:8b:3f:4d:
1f:83:44:30:89:ec:b9:44:c6:91:4b:e6:b4:43:16:
12:c6:15:14:46:a9:d9:72:3c:c2:2c:ea:9f:a8:a0:
f1:4a:90:37:79:f9:19:2e:b1:a7:b9:81:ed:d7:c2:
a7:fe:f7:3b:ac:2f:87:f7:4a:82:3a:29:86:9e:e8:
c1:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:17:16:C2:E6:E7:4E:FF:29:70:75:69:1C:E7:4D:15:65:25:39:78
X509v3 Authority Key Identifier:
keyid:AC:89:AF:60:98:6E:6D:95:83:22:FB:02:6C:6B:65:AE:EC:94:9A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rImvYJhubZWDIvsCbGtlruyUmg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/NRcWwubnTv8pcHVpHOdNFWUlOXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/3ccb85-918b-4de8-bda2-9c8bba664ff0/1/rImvYJhubZWDIvsCbGtlruyUmg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ce40:6666::/48
Signature Algorithm: sha256WithRSAEncryption
90:41:ce:1a:af:d1:80:10:4d:9f:91:0e:8c:d6:10:a6:3d:fd:
f6:30:7d:e6:4c:3a:d4:4d:e7:84:2d:e0:2c:af:23:b7:93:27:
07:3c:3e:c4:b8:a5:39:17:53:e9:3a:c0:98:2e:a5:e8:5f:df:
d0:bb:4f:21:14:41:fa:08:c1:99:93:c2:02:01:e6:c0:e7:d0:
b6:4d:57:b6:7c:de:35:65:b5:12:70:23:cf:f0:41:05:7e:80:
f8:c3:86:4b:fd:ed:02:f4:b7:bc:ec:af:7d:bf:f2:00:cd:a0:
3f:ef:dc:25:a0:66:95:6b:2e:d5:8c:a2:d5:66:bc:66:0f:d9:
30:c9:1b:e3:59:7c:89:6b:98:1f:1f:a9:23:40:6b:a1:59:52:
23:ce:2f:3b:ad:83:1a:b6:01:5d:57:e6:a4:53:eb:c8:32:c7:
90:d0:32:c8:e8:72:48:0d:aa:fb:06:7f:f3:58:73:ff:ed:87:
a5:52:6c:1e:c1:90:e4:f1:dd:27:6c:26:cb:92:b1:b0:5d:96:
db:82:bc:dc:da:53:da:1c:80:ea:c5:e5:67:25:42:90:2c:79:
99:33:dd:b7:ab:ce:8a:2e:92:f0:f1:30:f0:b1:c8:cc:28:1d:
41:21:8e:28:09:a7:7e:a5:b6:fb:b2:6e:b4:f2:e0:4d:17:50:
80:04:ac:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnSFt18e7ofVCmtHepYXOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjODlhZjYwOTg2ZTZkOTU4MzIyZmIwMjZjNmI2NWFlZWM5
NDlhMGQwHhcNMjUwMTAyMTM1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE3MTZjMmU2ZTc0ZWZmMjk3MDc1NjkxY2U3NGQxNTY1MjUzOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk1yHGDGxvr2iRtb4zlv3zFbxJJI
zgAVDLiWKkCYpcND1SL2L+oXzt2ZnsVmHogwtl7sv9m5A+osT7o6nYfyv3is3QJn
GpdHAktX7NQartl67LpNP8re+I3G+/x5PI6IuFKtyJC/RrO1VPd/9MDgBqeIYC/c
LbDgzXUAaoYrsbDkHwik0W26NmOkBt779KQSuP3zS+GrPrQzgucQmJO4jGjq4GEG
KtGrwzqwYFk4vP7ULrgi1xCyHeH6/wefSBKLP00fg0Qwiey5RMaRS+a0QxYSxhUU
RqnZcjzCLOqfqKDxSpA3efkZLrGnuYHt18Kn/vc7rC+H90qCOimGnujBvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDUXFsLm507/KXB1aRznTRVlJTl4MB8GA1UdIwQY
MBaAFKyJr2CYbm2VgyL7AmxrZa7slJoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckltdllKaHViWldESXZzQ2JHdGxydXlVbWcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zY2NiODUtOTE4Yi00ZGU4LWJkYTIt
OWM4YmJhNjY0ZmYwLzEvTlJjV3d1Ym5UdjhwY0hWcEhPZE5GV1VsT1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zY2NiODUtOTE4Yi00ZGU4LWJkYTItOWM4YmJhNjY0ZmYw
LzEvckltdllKaHViWldESXZzQ2JHdGxydXlVbWcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPOQGZm
MA0GCSqGSIb3DQEBCwUAA4IBAQCQQc4ar9GAEE2fkQ6M1hCmPf32MH3mTDrUTeeE
LeAsryO3kycHPD7EuKU5F1PpOsCYLqXoX9/Qu08hFEH6CMGZk8ICAebA59C2TVe2
fN41ZbUScCPP8EEFfoD4w4ZL/e0C9Le87K99v/IAzaA/79wloGaVay7VjKLVZrxm
D9kwyRvjWXyJa5gfH6kjQGuhWVIjzi87rYMatgFdV+akU+vIMseQ0DLI6HJIDar7
Bn/zWHP/7YelUmwewZDk8d0nbCbLkrGwXZbbgrzc2lPaHIDqxeVnJUKQLHmZM923
q86KLpLw8TDwscjMKB1BIY4oCad+pbb7sm608uBNF1CABKx+
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:00:06 2025 by rpki-client