Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/JNEydf2lKXnao8GrKqno19jXP6w.roa
File: JNEydf2lKXnao8GrKqno19jXP6w.roa (raw, json)
Hash identifier: +0xX0M+yF7B+qU3xPS7RZz2tcDVRNPquvsVNbfH8B2E=
Subject key identifier: 24:D1:32:75:FD:A5:29:79:DA:A3:C1:AB:2A:A9:E8:D7:D8:D7:3F:AC
Certificate issuer: /CN=d90482763070955e7ea87e2ca37b891b864b2577
Certificate serial: 0194221F68C372CB006D88D14CF228490F89
Authority key identifier: D9:04:82:76:30:70:95:5E:7E:A8:7E:2C:A3:7B:89:1B:86:4B:25:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2QSCdjBwlV5-qH4so3uJG4ZLJXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/JNEydf2lKXnao8GrKqno19jXP6w.roa
Signing time: Wed 01 Jan 2025 13:47:51 +0000
ROA not before: Wed 01 Jan 2025 13:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209642
IP address blocks: 2a14:7540::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:68:c3:72:cb:00:6d:88:d1:4c:f2:28:49:0f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90482763070955e7ea87e2ca37b891b864b2577
Validity
Not Before: Jan 1 13:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24d13275fda52979daa3c1ab2aa9e8d7d8d73fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:29:5b:3e:1b:f6:34:4f:28:4f:0b:01:6f:5b:
e7:36:78:84:ac:af:c0:c2:6b:fa:3e:c1:24:48:2d:
09:3f:8a:b0:17:c2:8b:1b:41:9a:22:50:48:53:81:
31:18:a5:a5:ca:3a:13:18:56:1a:20:c4:ce:ad:57:
b7:76:ba:61:0b:72:47:6b:b1:14:a3:e1:db:5c:91:
c9:ce:d3:a1:13:d8:7a:cd:e8:c4:ec:ab:0d:1a:5c:
a6:07:eb:74:c9:a7:51:f3:3f:b0:54:5b:e2:ba:fb:
bf:03:ec:37:93:a2:06:da:69:4a:21:6c:21:c7:a6:
78:bb:36:ea:03:1a:65:5d:97:ed:a1:df:fd:75:85:
d2:8d:33:ad:71:60:f5:5e:04:6d:ea:8c:8b:37:c3:
44:23:f9:f5:55:97:e7:0a:f0:84:a2:39:75:63:31:
13:31:02:44:a2:d2:bd:c5:77:1c:1b:ba:74:7b:86:
e4:ab:3e:a6:16:88:35:a0:c7:81:80:8c:5f:33:12:
25:0f:74:86:2c:23:ee:9e:14:6b:5e:3f:2c:78:8f:
76:b3:f5:13:fc:57:c8:e4:d6:12:63:f6:4f:4e:f3:
a0:2b:c7:f3:66:5b:19:5a:0d:44:88:b3:0c:8c:79:
17:b8:78:ad:f9:4a:d8:9f:15:be:8b:d8:a2:81:af:
7e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D1:32:75:FD:A5:29:79:DA:A3:C1:AB:2A:A9:E8:D7:D8:D7:3F:AC
X509v3 Authority Key Identifier:
keyid:D9:04:82:76:30:70:95:5E:7E:A8:7E:2C:A3:7B:89:1B:86:4B:25:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2QSCdjBwlV5-qH4so3uJG4ZLJXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/JNEydf2lKXnao8GrKqno19jXP6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/94c2bb-e80a-4f2c-8208-a9b2766773aa/1/2QSCdjBwlV5-qH4so3uJG4ZLJXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7540::/40
Signature Algorithm: sha256WithRSAEncryption
0f:70:e0:bf:b7:e0:76:49:a9:52:0e:0f:f1:66:26:87:f3:7f:
cd:92:b6:f7:d2:18:c6:98:15:61:fa:ae:d8:f7:0c:7c:5d:08:
a8:e8:eb:fd:9d:b0:ce:1f:72:12:e6:e2:27:f2:d6:3a:ee:b4:
ed:d9:97:e0:f4:ca:48:85:3a:24:ca:07:a0:a8:f9:5f:a5:79:
0b:77:95:34:13:11:59:bd:88:fe:ec:c1:73:49:3e:49:6c:75:
13:02:59:0d:a5:7f:dc:33:b2:b1:5e:41:c0:8c:e0:b1:db:2a:
51:d1:ee:a6:02:00:64:92:a8:f2:d3:24:5e:bd:56:22:7b:58:
d9:7e:e0:1f:4d:34:35:9d:ce:1e:45:74:96:b1:ef:85:f2:c9:
17:5f:08:22:b3:09:f8:53:f6:78:80:20:d4:8e:6d:ed:84:a1:
cb:d1:46:7d:d4:99:3d:fd:a7:36:7d:ef:bf:f9:90:ff:fd:22:
d9:ac:e4:98:92:f2:f7:7f:20:75:74:6d:da:0d:c7:18:7a:e3:
32:e8:1c:a6:8f:bf:25:73:18:63:5f:3c:e7:5f:6d:b8:64:20:
38:9b:d4:94:a0:26:79:42:24:25:d3:7c:dc:ca:26:63:f9:89:
9c:cf:f7:10:2b:4d:16:25:a9:76:f7:f3:c2:4f:aa:bb:0c:6f:
93:33:48:38
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQiH2jDcssAbYjRTPIoSQ+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MDQ4Mjc2MzA3MDk1NWU3ZWE4N2UyY2EzN2I4OTFiODY0
YjI1NzcwHhcNMjUwMTAxMTM0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQxMzI3NWZkYTUyOTc5ZGFhM2MxYWIyYWE5ZThkN2Q4ZDczZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArylbPhv2NE8oTwsBb1vnNniErK/A
wmv6PsEkSC0JP4qwF8KLG0GaIlBIU4ExGKWlyjoTGFYaIMTOrVe3drphC3JHa7EU
o+HbXJHJztOhE9h6zejE7KsNGlymB+t0yadR8z+wVFviuvu/A+w3k6IG2mlKIWwh
x6Z4uzbqAxplXZftod/9dYXSjTOtcWD1XgRt6oyLN8NEI/n1VZfnCvCEojl1YzET
MQJEotK9xXccG7p0e4bkqz6mFog1oMeBgIxfMxIlD3SGLCPunhRrXj8seI92s/UT
/FfI5NYSY/ZPTvOgK8fzZlsZWg1EiLMMjHkXuHit+UrYnxW+i9iiga9+qQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCTRMnX9pSl52qPBqyqp6NfY1z+sMB8GA1UdIwQY
MBaAFNkEgnYwcJVefqh+LKN7iRuGSyV3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlFTQ2RqQndsVjUtcUg0c28zdUpHNFpMSlhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85NGMyYmItZTgwYS00ZjJjLTgyMDgt
YTliMjc2Njc3M2FhLzEvSk5FeWRmMmxLWG5hbzhHcktxbm8xOWpYUDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85NGMyYmItZTgwYS00ZjJjLTgyMDgtYTliMjc2Njc3M2Fh
LzEvMlFTQ2RqQndsVjUtcUg0c28zdUpHNFpMSlhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1QAAw
DQYJKoZIhvcNAQELBQADggEBAA9w4L+34HZJqVIOD/FmJofzf82StvfSGMaYFWH6
rtj3DHxdCKjo6/2dsM4fchLm4ify1jrutO3Zl+D0ykiFOiTKB6Co+V+leQt3lTQT
EVm9iP7swXNJPklsdRMCWQ2lf9wzsrFeQcCM4LHbKlHR7qYCAGSSqPLTJF69ViJ7
WNl+4B9NNDWdzh5FdJax74XyyRdfCCKzCfhT9niAINSObe2EocvRRn3UmT39pzZ9
77/5kP/9Itms5JiS8vd/IHV0bdoNxxh64zLoHKaPvyVzGGNfPOdfbbhkIDib1JSg
JnlCJCXTfNzKJmP5iZzP9xArTRYlqXb388JPqrsMb5MzSDg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:38:38 2025 by rpki-client