Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Nhe42hsHlP2RBTZ7_kDi1_iiNfU.roa
File: Nhe42hsHlP2RBTZ7_kDi1_iiNfU.roa (raw, json)
Hash identifier: 1ChBAUPQiX4oKvnrR0PT43uzbwy03dsgNX67eormdRo=
Subject key identifier: 36:17:B8:DA:1B:07:94:FD:91:05:36:7B:FE:40:E2:D7:F8:A2:35:F5
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019424B26A21EEE02E4FAB4D3A2900C25E6D
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Nhe42hsHlP2RBTZ7_kDi1_iiNfU.roa
Signing time: Thu 02 Jan 2025 01:47:39 +0000
ROA not before: Thu 02 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204094
IP address blocks: 2a11:840:22::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:6a:21:ee:e0:2e:4f:ab:4d:3a:29:00:c2:5e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Jan 2 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3617b8da1b0794fd9105367bfe40e2d7f8a235f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5c:10:b8:3e:c4:dd:90:58:de:d1:26:e5:4b:
4c:4c:50:3c:69:3f:05:77:bc:3b:dc:2e:d0:b2:8c:
c5:fa:10:3c:6f:52:25:32:15:37:95:43:4d:75:dc:
b1:a5:85:82:d2:68:c9:84:fb:03:3d:c4:1d:64:2d:
83:ab:46:e4:9e:06:23:65:20:df:c2:25:86:72:68:
af:6f:38:3f:6c:d5:c1:cf:ef:0e:74:cb:22:8a:67:
ed:29:08:82:61:12:60:76:3c:10:83:0d:03:35:12:
ba:48:07:16:c6:05:61:ce:6b:d0:af:69:1f:f8:5d:
fd:00:3f:6a:81:86:6a:c8:4b:ec:d6:fb:69:78:cc:
0e:fd:32:ad:23:55:9e:5f:f6:1c:c7:ce:97:62:93:
3d:11:f9:0d:89:91:b7:af:0d:21:8f:a1:da:41:38:
57:5f:2e:3f:32:d5:c7:ae:c0:0e:3b:d5:23:c2:84:
a4:2d:e5:f6:4e:d1:09:49:27:07:e5:77:4e:73:9f:
a4:e1:df:6f:ee:a0:41:0e:8f:00:88:42:fc:54:5f:
5d:b0:85:fa:12:b3:18:0a:20:87:d7:82:74:4a:39:
f4:da:11:36:dc:67:73:f4:72:cd:a3:3b:91:15:9b:
d7:c8:ee:dd:54:cd:dc:be:c4:3e:35:fd:b4:88:6f:
9f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:17:B8:DA:1B:07:94:FD:91:05:36:7B:FE:40:E2:D7:F8:A2:35:F5
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/Nhe42hsHlP2RBTZ7_kDi1_iiNfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:840:22::/48
Signature Algorithm: sha256WithRSAEncryption
2c:47:cd:4c:bc:37:87:92:a3:14:60:47:08:ed:c7:a9:da:1c:
41:28:38:cb:79:c9:12:04:3c:8e:b3:cc:bb:33:32:97:ad:38:
b8:79:a0:be:ac:0f:ab:fe:39:a1:a0:97:50:b1:1a:77:0d:cc:
d4:eb:48:ae:9d:be:82:81:5c:0f:b7:c1:ae:1d:94:1a:c8:13:
b7:40:dc:8b:e0:a7:a6:c7:94:ef:b4:91:7a:ac:9f:cf:0e:5e:
3b:8f:80:25:cd:2d:8b:18:58:90:c8:93:fa:0d:40:6c:69:2b:
2e:8c:57:54:b2:7b:85:2d:cc:83:3e:3f:ab:57:14:18:0d:47:
7b:01:cd:31:36:e7:6d:e3:60:5e:c8:19:97:d4:11:0d:05:24:
78:25:ce:50:e8:0a:0f:47:11:6f:68:bc:c5:f3:95:ac:23:54:
6b:a1:29:8a:b2:1c:53:80:6e:1c:6e:81:f6:37:0c:14:e8:3b:
aa:0c:e2:8c:74:a1:41:72:b8:55:ef:1f:ac:97:bb:3c:9e:e9:
48:2d:02:d7:5c:09:4c:c5:3c:92:8f:97:e9:e3:02:6a:9b:db:
f8:d8:fb:61:8a:2e:48:89:09:ce:14:09:d4:7f:51:0e:c2:4b:
7e:91:7a:02:9a:33:dc:42:ca:56:df:31:66:bd:bd:4d:b5:ed:
82:45:f3:0d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQksmoh7uAuT6tNOikAwl5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwMTAyMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjE3YjhkYTFiMDc5NGZkOTEwNTM2N2JmZTQwZTJkN2Y4YTIzNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulwQuD7E3ZBY3tEm5UtMTFA8aT8F
d7w73C7QsozF+hA8b1IlMhU3lUNNddyxpYWC0mjJhPsDPcQdZC2Dq0bkngYjZSDf
wiWGcmivbzg/bNXBz+8OdMsiimftKQiCYRJgdjwQgw0DNRK6SAcWxgVhzmvQr2kf
+F39AD9qgYZqyEvs1vtpeMwO/TKtI1WeX/Ycx86XYpM9EfkNiZG3rw0hj6HaQThX
Xy4/MtXHrsAOO9UjwoSkLeX2TtEJSScH5XdOc5+k4d9v7qBBDo8AiEL8VF9dsIX6
ErMYCiCH14J0Sjn02hE23Gdz9HLNozuRFZvXyO7dVM3cvsQ+Nf20iG+fzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDYXuNobB5T9kQU2e/5A4tf4ojX1MB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvTmhlNDJoc0hsUDJSQlRaN19rRGkxX2lpTmZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEIQAAi
MA0GCSqGSIb3DQEBCwUAA4IBAQAsR81MvDeHkqMUYEcI7cep2hxBKDjLeckSBDyO
s8y7MzKXrTi4eaC+rA+r/jmhoJdQsRp3DczU60iunb6CgVwPt8GuHZQayBO3QNyL
4Kemx5TvtJF6rJ/PDl47j4AlzS2LGFiQyJP6DUBsaSsujFdUsnuFLcyDPj+rVxQY
DUd7Ac0xNudt42BeyBmX1BENBSR4Jc5Q6AoPRxFvaLzF85WsI1RroSmKshxTgG4c
boH2NwwU6DuqDOKMdKFBcrhV7x+sl7s8nulILQLXXAlMxTySj5fp4wJqm9v42Pth
ii5IiQnOFAnUf1EOwkt+kXoCmjPcQspW3zFmvb1Nte2CRfMN
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:41:07 2025 by rpki-client