Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/59yFoczf3z7r04UWV6_jzPbGNC0.roa
File: 59yFoczf3z7r04UWV6_jzPbGNC0.roa (raw, json)
Hash identifier: euDxWah3NwX6FD1AM44Z3Vv7N97Qw45h3T1o4cUWfnA=
Subject key identifier: E7:DC:85:A1:CC:DF:DF:3E:EB:D3:85:16:57:AF:E3:CC:F6:C6:34:2D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBCF360F964DD9CB7AC5B7A2ED4759
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/59yFoczf3z7r04UWV6_jzPbGNC0.roa
Signing time: Wed 01 Jan 2025 17:48:35 +0000
ROA not before: Wed 01 Jan 2025 17:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197464
IP address blocks: 2a0c:9a40:8580::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:cf:36:0f:96:4d:d9:cb:7a:c5:b7:a2:ed:47:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7dc85a1ccdfdf3eebd3851657afe3ccf6c6342d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:92:78:21:34:19:94:7f:2a:3f:a2:f3:81:d1:
92:41:a2:49:0b:b3:98:3e:17:73:c0:4e:ac:82:82:
d9:74:c8:dd:99:f5:73:6d:af:b8:6e:3e:d2:f8:15:
f6:29:c4:c7:9c:74:7b:e4:56:04:4a:6a:e8:1f:d7:
b5:9d:17:61:8a:34:e4:c8:f5:7f:6c:93:0d:9f:ab:
0c:a1:eb:28:ea:b2:57:c5:21:13:5b:6e:cd:77:ff:
76:3d:89:63:01:bf:f4:65:64:c1:52:80:11:2e:07:
7a:76:78:27:9d:e3:c0:35:7b:07:bd:16:d6:63:6f:
b1:ec:e5:ea:b0:bb:42:56:ae:52:34:7b:62:87:8e:
ef:5f:fd:fe:9b:37:6c:2b:68:d6:ce:93:ef:3a:8f:
54:45:6f:bc:09:87:91:d4:b0:e2:dd:44:19:43:5a:
2e:4d:60:4b:3b:e2:ab:0a:a4:ab:82:60:a6:a7:5a:
ab:9a:c9:03:a4:80:a7:ba:0d:0c:b0:dd:f4:3f:fb:
98:6b:9a:8c:6e:3f:c2:87:f2:d7:5c:48:cf:55:e8:
cc:04:f0:d2:40:a9:6e:35:36:23:01:54:88:3d:b8:
70:13:e4:f2:59:83:c3:9c:9d:bc:f2:67:59:61:d9:
14:98:f7:9e:41:58:bb:33:0a:5a:f4:c3:1b:e6:8c:
31:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DC:85:A1:CC:DF:DF:3E:EB:D3:85:16:57:AF:E3:CC:F6:C6:34:2D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/59yFoczf3z7r04UWV6_jzPbGNC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8580::/44
Signature Algorithm: sha256WithRSAEncryption
73:3d:ea:f1:92:28:1a:0c:26:6a:d2:9b:59:ee:cd:f1:e8:da:
fe:2a:cb:d8:df:04:35:e4:42:b7:1a:49:ac:55:57:f8:c8:d4:
8e:b3:83:11:14:5b:b3:17:12:e4:86:38:ff:59:cc:80:a6:08:
22:e9:11:e0:7a:19:e0:1b:62:df:e3:11:9a:f2:6d:47:ea:12:
ba:ce:65:96:d4:ad:86:38:81:10:a9:69:a0:84:17:a1:3c:b6:
b8:b4:3c:07:43:2a:36:51:2e:34:fe:a6:33:de:58:8a:18:4e:
f9:1e:36:d1:b8:fa:bd:3f:4d:3b:14:fb:f0:6e:85:c2:ce:e8:
ea:d4:50:d2:b7:18:f2:37:c9:0e:43:c6:d4:69:93:20:67:2c:
0a:df:a3:2b:85:8d:c9:1c:03:74:b1:16:2b:f1:f4:9d:eb:a4:
7d:ba:bd:be:b1:38:59:3d:41:f8:03:c5:0b:d3:7c:33:00:4d:
8a:d3:69:e6:2a:6d:32:af:7f:a0:b5:de:d7:6a:dc:e6:48:50:
0f:cb:31:39:a5:81:29:88:bf:e9:c1:71:65:0e:22:2a:2e:b1:
c4:a2:7c:e8:6b:4d:4a:19:f4:e8:62:79:f7:73:87:df:4a:66:
7d:eb:fa:18:ed:68:2f:bb:5e:75:65:03:31:6a:1f:01:44:82:
db:fa:16:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+882D5ZN2ct6xbei7UdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RjODVhMWNjZGZkZjNlZWJkMzg1MTY1N2FmZTNjY2Y2YzYzNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJJ4ITQZlH8qP6LzgdGSQaJJC7OY
PhdzwE6sgoLZdMjdmfVzba+4bj7S+BX2KcTHnHR75FYESmroH9e1nRdhijTkyPV/
bJMNn6sMoeso6rJXxSETW27Nd/92PYljAb/0ZWTBUoARLgd6dngnnePANXsHvRbW
Y2+x7OXqsLtCVq5SNHtih47vX/3+mzdsK2jWzpPvOo9URW+8CYeR1LDi3UQZQ1ou
TWBLO+KrCqSrgmCmp1qrmskDpICnug0MsN30P/uYa5qMbj/Ch/LXXEjPVejMBPDS
QKluNTYjAVSIPbhwE+TyWYPDnJ288mdZYdkUmPeeQVi7Mwpa9MMb5owxcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOfchaHM398+69OFFlev48z2xjQtMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvNTl5Rm9jemYzejdyMDRVV1Y2X2p6UGJHTkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIWA
MA0GCSqGSIb3DQEBCwUAA4IBAQBzPerxkigaDCZq0ptZ7s3x6Nr+KsvY3wQ15EK3
GkmsVVf4yNSOs4MRFFuzFxLkhjj/WcyApggi6RHgehngG2Lf4xGa8m1H6hK6zmWW
1K2GOIEQqWmghBehPLa4tDwHQyo2US40/qYz3liKGE75HjbRuPq9P007FPvwboXC
zujq1FDStxjyN8kOQ8bUaZMgZywK36MrhY3JHAN0sRYr8fSd66R9ur2+sThZPUH4
A8UL03wzAE2K02nmKm0yr3+gtd7XatzmSFAPyzE5pYEpiL/pwXFlDiIqLrHEonzo
a01KGfToYnn3c4ffSmZ96/oY7Wgvu151ZQMxah8BRILb+haE
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:01:31 2025 by rpki-client