Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/udnLbj1GW_jApe0hb8F0qJDW66c.roa
File: udnLbj1GW_jApe0hb8F0qJDW66c.roa (raw, json)
Hash identifier: FxuqTx+sal4Wy1C2ZZbhgHq/5/BA0XmtEBR/NYDT5B4=
Subject key identifier: B9:D9:CB:6E:3D:46:5B:F8:C0:A5:ED:21:6F:C1:74:A8:90:D6:EB:A7
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258ED65C641BF9193999D553C82BBE14
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/udnLbj1GW_jApe0hb8F0qJDW66c.roa
Signing time: Thu 02 Jan 2025 05:48:25 +0000
ROA not before: Thu 02 Jan 2025 05:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205825
IP address blocks: 2a0e:aa07:e03a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:d6:5c:64:1b:f9:19:39:99:d5:53:c8:2b:be:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b9d9cb6e3d465bf8c0a5ed216fc174a890d6eba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ab:22:6e:61:5d:86:15:bf:64:c1:7d:78:f5:
41:2b:ec:42:2f:e0:bf:cf:0b:db:4a:4f:24:aa:22:
40:00:7a:b7:f0:e6:0d:b1:7b:71:a4:60:2e:c4:60:
dd:16:e1:0d:6d:5d:8a:f3:b1:37:02:97:f6:99:55:
0a:a7:63:91:fe:ef:24:61:a1:70:bc:4d:3f:a7:84:
df:f2:94:53:f1:a5:c3:b5:c7:11:ec:dd:98:b6:a9:
e1:53:95:7e:17:42:7c:40:2f:c1:1a:d9:b4:05:2b:
4b:2a:37:83:e5:93:bc:c1:78:ae:47:d2:2b:7d:d7:
75:84:82:15:28:de:ac:78:5c:f6:7d:5f:d5:a3:39:
a1:3d:29:d6:17:71:10:24:23:f2:7b:84:1c:99:47:
1f:31:83:54:af:d6:d5:c4:81:2c:9d:01:4d:fd:a5:
65:32:79:88:f4:18:53:6b:ac:36:44:c3:03:6c:ca:
4e:05:07:62:f6:b5:fc:56:9f:c4:89:d9:e7:10:27:
b1:f2:eb:f8:3f:cf:07:0a:a4:c4:00:63:b4:83:8f:
64:a0:e1:95:10:79:76:e7:df:32:b8:61:10:88:e2:
99:56:8b:33:7e:78:93:fa:31:61:3e:db:04:df:a7:
1c:9d:08:6d:97:a6:50:8c:54:fc:e5:6f:f6:00:9d:
51:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D9:CB:6E:3D:46:5B:F8:C0:A5:ED:21:6F:C1:74:A8:90:D6:EB:A7
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/udnLbj1GW_jApe0hb8F0qJDW66c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e03a::/48
Signature Algorithm: sha256WithRSAEncryption
2b:b9:41:65:de:e5:27:1e:04:9d:61:d1:74:7f:b8:6a:61:8e:
f5:35:25:df:a6:94:13:39:20:c4:16:66:9c:1b:5f:d3:93:cf:
bc:c5:6a:3e:f8:67:b1:d3:61:62:6e:72:4e:65:0d:59:7b:26:
33:c9:f0:de:95:38:84:c2:c7:32:bc:4f:a1:8a:63:57:99:b0:
2b:9e:ae:97:3b:9b:87:da:29:be:e9:13:de:31:cc:2f:6f:2a:
53:07:ca:65:97:ab:2f:00:e1:98:86:1d:bb:f9:32:04:dd:99:
d3:0d:a8:51:3d:50:c7:3c:a9:1a:be:a9:fb:50:f7:73:47:63:
9c:9b:34:d6:b3:63:6c:fd:c9:d6:b0:45:70:7a:7f:16:f7:24:
91:a6:c9:95:db:5d:4c:f7:8c:09:4a:0a:16:03:df:1d:3d:eb:
11:b1:21:6f:01:06:e4:3a:f0:ca:8b:76:47:01:42:1d:fc:9c:
dd:db:cb:32:06:90:63:d5:27:14:68:7d:ae:a0:36:db:6a:b4:
57:67:f1:2a:46:4d:88:71:33:f3:af:48:d0:7a:59:a6:8f:a0:
7d:44:bc:50:c0:37:76:6e:12:8f:df:9f:2d:5c:5a:04:59:48:
7c:3d:69:8d:54:34:f3:c8:2a:30:d9:09:09:9e:ea:3b:be:5e:
24:4f:23:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljtZcZBv5GTmZ1VPIK74UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQ5Y2I2ZTNkNDY1YmY4YzBhNWVkMjE2ZmMxNzRhODkwZDZlYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKsibmFdhhW/ZMF9ePVBK+xCL+C/
zwvbSk8kqiJAAHq38OYNsXtxpGAuxGDdFuENbV2K87E3Apf2mVUKp2OR/u8kYaFw
vE0/p4Tf8pRT8aXDtccR7N2YtqnhU5V+F0J8QC/BGtm0BStLKjeD5ZO8wXiuR9Ir
fdd1hIIVKN6seFz2fV/VozmhPSnWF3EQJCPye4QcmUcfMYNUr9bVxIEsnQFN/aVl
MnmI9BhTa6w2RMMDbMpOBQdi9rX8Vp/EidnnECex8uv4P88HCqTEAGO0g49koOGV
EHl2598yuGEQiOKZVoszfniT+jFhPtsE36ccnQhtl6ZQjFT85W/2AJ1RYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLnZy249Rlv4wKXtIW/BdKiQ1uunMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvdWRuTGJqMUdXX2pBcGUwaGI4RjBxSkRXNjZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+A6
MA0GCSqGSIb3DQEBCwUAA4IBAQAruUFl3uUnHgSdYdF0f7hqYY71NSXfppQTOSDE
FmacG1/Tk8+8xWo++Gex02FibnJOZQ1ZeyYzyfDelTiEwscyvE+himNXmbArnq6X
O5uH2im+6RPeMcwvbypTB8pll6svAOGYhh27+TIE3ZnTDahRPVDHPKkavqn7UPdz
R2OcmzTWs2Ns/cnWsEVwen8W9ySRpsmV211M94wJSgoWA98dPesRsSFvAQbkOvDK
i3ZHAUId/Jzd28syBpBj1ScUaH2uoDbbarRXZ/EqRk2IcTPzr0jQelmmj6B9RLxQ
wDd2bhKP358tXFoEWUh8PWmNVDTzyCow2QkJnuo7vl4kTyNh
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:15:41 2025 by rpki-client