Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BDSvuAOQFB9zdqebAraWJeyr-XE.roa
File: BDSvuAOQFB9zdqebAraWJeyr-XE.roa (raw, json)
Hash identifier: HtayPabDrehITr0EWxb1iA0rFvYoYwi7Hk60w4heQrs=
Subject key identifier: 04:34:AF:B8:03:90:14:1F:73:76:A7:9B:02:B6:96:25:EC:AB:F9:71
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBD6E9F0AE760129F44EF89763BBA3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BDSvuAOQFB9zdqebAraWJeyr-XE.roa
Signing time: Wed 01 Jan 2025 17:48:37 +0000
ROA not before: Wed 01 Jan 2025 17:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200372
IP address blocks: 2a0c:9a40:8a80::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d6:e9:f0:ae:76:01:29:f4:4e:f8:97:63:bb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0434afb80390141f7376a79b02b69625ecabf971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:db:78:44:37:9f:62:6a:12:d9:12:8e:3b:a8:
16:b4:e9:19:b5:ab:24:ed:33:43:c0:4e:47:3d:ea:
f0:83:e8:77:ff:31:ce:d3:c5:85:fe:3c:64:b0:e4:
98:38:c9:22:aa:8a:cf:d4:ea:66:04:e7:f6:40:d3:
86:ae:15:27:eb:18:a9:34:01:61:51:20:31:fb:a9:
fd:d6:54:87:35:e0:2f:aa:a3:8d:f3:71:20:a2:0e:
ec:06:6e:78:e3:e7:75:73:5c:69:89:52:6e:e0:16:
ad:63:9b:ce:be:55:25:86:5b:17:25:a4:2c:00:3f:
15:d8:e9:1c:3c:89:4d:dc:8f:60:df:62:31:57:de:
61:5c:96:f0:cb:9b:19:7a:ea:da:92:b2:5b:4a:2d:
5c:73:f2:fd:c2:3f:00:85:f3:7f:21:47:3d:07:da:
27:74:42:a9:3d:91:f6:d3:42:26:ab:32:51:ac:6e:
33:39:ec:7f:2e:ec:f7:c2:dc:92:3b:25:f5:29:83:
db:6b:dd:53:05:75:25:ce:54:b6:66:41:7c:eb:00:
24:be:1c:5b:5a:4b:83:92:1e:83:03:88:9b:7e:cc:
97:1d:4d:65:1a:6e:76:e1:ac:22:28:7d:07:4a:ea:
69:77:c4:7e:e1:ea:ae:cd:06:86:db:50:31:d0:0d:
0b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:34:AF:B8:03:90:14:1F:73:76:A7:9B:02:B6:96:25:EC:AB:F9:71
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/BDSvuAOQFB9zdqebAraWJeyr-XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8a80::/44
Signature Algorithm: sha256WithRSAEncryption
cd:5c:4d:9e:91:42:d4:bc:bf:1f:40:97:a5:92:6e:df:3e:26:
d3:62:a0:d1:11:73:6a:ae:98:eb:b9:b9:c7:81:da:67:9a:c1:
9d:48:0c:9d:81:58:51:02:2a:d3:d7:b0:af:ee:94:f8:db:fc:
d8:32:3e:67:ed:77:5a:33:73:ed:12:05:f9:59:a8:58:6e:1b:
0b:3d:33:7b:cb:f1:d2:5d:55:33:b1:3d:a3:73:fb:bc:63:e4:
97:7d:2e:ee:fe:a8:87:42:41:85:5b:21:31:11:74:16:9e:a7:
97:45:18:b8:50:c4:df:93:dc:b7:29:ca:29:c1:66:0c:c2:09:
4f:d9:73:24:10:e8:36:13:ea:60:14:14:50:c4:76:c4:a4:80:
bb:06:59:10:64:bb:f1:93:ed:14:8e:ae:00:8b:c8:83:cc:a5:
3b:89:55:e7:11:ac:68:b0:b7:75:92:2e:da:a6:cc:77:41:eb:
ea:b5:d4:eb:12:c9:88:bb:f5:7d:ae:88:1b:52:fe:05:09:1b:
cd:ba:78:6d:46:4b:ec:a3:68:55:ea:fe:00:10:e7:e7:3d:d8:
05:24:0e:39:7f:c8:93:1a:24:4a:43:67:cf:53:8e:23:24:e7:
44:aa:56:7a:b2:5c:41:a8:9c:b3:f9:50:2f:65:64:8b:28:66:
59:32:5e:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+9bp8K52ASn0TviXY7ujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM0YWZiODAzOTAxNDFmNzM3NmE3OWIwMmI2OTYyNWVjYWJmOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtt4RDefYmoS2RKOO6gWtOkZtask
7TNDwE5HPerwg+h3/zHO08WF/jxksOSYOMkiqorP1OpmBOf2QNOGrhUn6xipNAFh
USAx+6n91lSHNeAvqqON83Egog7sBm544+d1c1xpiVJu4BatY5vOvlUlhlsXJaQs
AD8V2OkcPIlN3I9g32IxV95hXJbwy5sZeurakrJbSi1cc/L9wj8AhfN/IUc9B9on
dEKpPZH200ImqzJRrG4zOex/Luz3wtySOyX1KYPba91TBXUlzlS2ZkF86wAkvhxb
WkuDkh6DA4ibfsyXHU1lGm524awiKH0HSuppd8R+4equzQaG21Ax0A0LHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAQ0r7gDkBQfc3anmwK2liXsq/lxMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvQkRTdnVBT1FGQjl6ZHFlYkFyYVdKZXlyLVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIqA
MA0GCSqGSIb3DQEBCwUAA4IBAQDNXE2ekULUvL8fQJelkm7fPibTYqDREXNqrpjr
ubnHgdpnmsGdSAydgVhRAirT17Cv7pT42/zYMj5n7XdaM3PtEgX5WahYbhsLPTN7
y/HSXVUzsT2jc/u8Y+SXfS7u/qiHQkGFWyExEXQWnqeXRRi4UMTfk9y3KcopwWYM
wglP2XMkEOg2E+pgFBRQxHbEpIC7BlkQZLvxk+0Ujq4Ai8iDzKU7iVXnEaxosLd1
ki7apsx3QevqtdTrEsmIu/V9rogbUv4FCRvNunhtRkvso2hV6v4AEOfnPdgFJA45
f8iTGiRKQ2fPU44jJOdEqlZ6slxBqJyz+VAvZWSLKGZZMl5C
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:25:42 2025 by rpki-client