Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/II3EBAoNeaf77-RM4VruSq3UkpU.roa
File: II3EBAoNeaf77-RM4VruSq3UkpU.roa (raw, json)
Hash identifier: xSOe7S6zoVIo+wKM8dhTPPospHmlSD8UCbJF8ckxdl8=
Subject key identifier: 20:8D:C4:04:0A:0D:79:A7:FB:EF:E4:4C:E1:5A:EE:4A:AD:D4:92:95
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBC6788310D3999BE9A750DE90451A
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/II3EBAoNeaf77-RM4VruSq3UkpU.roa
Signing time: Wed 01 Jan 2025 17:48:33 +0000
ROA not before: Wed 01 Jan 2025 17:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50131
IP address blocks: 2a0c:9a40:808d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c6:78:83:10:d3:99:9b:e9:a7:50:de:90:45:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=208dc4040a0d79a7fbefe44ce15aee4aadd49295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8b:0d:de:ea:df:05:8e:1b:25:4e:c9:c5:93:
d2:46:4d:b3:b0:22:5f:77:9e:26:ef:53:78:40:13:
b1:94:06:6c:c9:07:68:bf:c3:1f:f0:02:2e:ae:aa:
fe:71:e6:9a:3d:99:7f:34:31:3c:d3:b1:71:73:f7:
10:36:51:f4:07:08:7a:aa:6b:ed:8c:4d:1d:75:65:
29:9f:a4:2f:b2:d8:65:be:fe:e9:ad:8c:83:6b:a7:
44:a4:53:10:70:14:49:09:0b:02:dc:d3:f8:8f:a3:
6a:f9:02:f6:7a:70:84:a1:8b:7a:c7:80:35:cf:c3:
29:ac:4a:a4:aa:d4:81:6d:fd:1a:9c:6f:76:93:8b:
40:85:b6:6d:8d:39:95:89:e4:6f:91:43:24:2a:4f:
0e:e4:a5:86:0f:49:53:a5:52:a8:4b:c5:79:3d:a9:
03:e9:6e:ef:2a:47:ae:fe:7a:33:42:a7:d5:be:8d:
8d:96:f0:7e:bd:9c:28:43:08:9a:d1:5c:a7:5d:86:
3c:19:51:08:91:67:37:eb:4e:9c:14:af:22:30:ae:
b8:0b:28:70:5c:a6:8d:ff:c9:5f:79:65:25:7f:fe:
86:35:4c:14:21:95:cb:80:12:17:6f:41:13:3b:b2:
fc:12:31:dc:ac:7e:c5:b4:86:50:cc:44:9a:20:9d:
5f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8D:C4:04:0A:0D:79:A7:FB:EF:E4:4C:E1:5A:EE:4A:AD:D4:92:95
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/II3EBAoNeaf77-RM4VruSq3UkpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:808d::/48
Signature Algorithm: sha256WithRSAEncryption
4e:12:57:c3:04:07:ef:ad:09:68:40:26:af:d3:c4:e8:75:24:
49:78:59:ee:1d:57:95:da:04:21:c5:5f:60:7e:8c:2d:c8:a5:
ad:57:b6:a8:e5:28:10:22:f9:a1:b4:0c:c3:1a:d2:15:3d:96:
e9:e2:ad:38:35:f3:2b:50:38:b3:24:a1:3f:d6:5e:b9:81:ee:
61:8d:dd:21:39:6b:27:3d:75:83:05:f0:40:d2:79:c4:c8:60:
07:7e:89:a5:6d:06:59:5a:34:92:3d:6f:f9:ec:c6:fb:c3:5b:
7f:b4:a5:45:79:25:7d:b9:ef:14:90:13:b6:2b:1f:58:b2:1f:
cc:7b:ba:95:94:bc:33:28:ee:bb:6c:70:b0:28:2b:60:61:6c:
bd:48:36:16:5b:e1:11:4e:71:7a:b2:38:87:41:d8:a7:8a:af:
2e:3f:b8:fd:12:6a:f3:fd:ed:3d:6a:c2:48:30:09:a2:42:cd:
dd:42:b4:b5:9d:22:0c:42:e0:b1:86:d1:82:fc:40:cd:01:39:
f2:fb:57:19:dc:0a:8e:3b:d7:d8:9c:1e:4e:d8:54:db:b1:a5:
04:19:bd:52:59:66:59:16:87:18:e8:65:3d:b0:4b:4c:10:64:
b2:56:77:a2:a4:2d:2b:fe:86:42:e9:94:95:da:7f:99:e9:78:
9d:a9:0d:10
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+8Z4gxDTmZvpp1DekEUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDhkYzQwNDBhMGQ3OWE3ZmJlZmU0NGNlMTVhZWU0YWFkZDQ5Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4sN3urfBY4bJU7JxZPSRk2zsCJf
d54m71N4QBOxlAZsyQdov8Mf8AIurqr+ceaaPZl/NDE807Fxc/cQNlH0Bwh6qmvt
jE0ddWUpn6Qvsthlvv7prYyDa6dEpFMQcBRJCQsC3NP4j6Nq+QL2enCEoYt6x4A1
z8MprEqkqtSBbf0anG92k4tAhbZtjTmVieRvkUMkKk8O5KWGD0lTpVKoS8V5PakD
6W7vKkeu/nozQqfVvo2NlvB+vZwoQwia0VynXYY8GVEIkWc3606cFK8iMK64Cyhw
XKaN/8lfeWUlf/6GNUwUIZXLgBIXb0ETO7L8EjHcrH7FtIZQzESaIJ1fewIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCCNxAQKDXmn++/kTOFa7kqt1JKVMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvSUkzRUJBb05lYWY3Ny1STTRWcnVTcTNVa3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQICN
MA0GCSqGSIb3DQEBCwUAA4IBAQBOElfDBAfvrQloQCav08TodSRJeFnuHVeV2gQh
xV9gfowtyKWtV7ao5SgQIvmhtAzDGtIVPZbp4q04NfMrUDizJKE/1l65ge5hjd0h
OWsnPXWDBfBA0nnEyGAHfomlbQZZWjSSPW/57Mb7w1t/tKVFeSV9ue8UkBO2Kx9Y
sh/Me7qVlLwzKO67bHCwKCtgYWy9SDYWW+ERTnF6sjiHQdiniq8uP7j9Emrz/e09
asJIMAmiQs3dQrS1nSIMQuCxhtGC/EDNATny+1cZ3AqOO9fYnB5O2FTbsaUEGb1S
WWZZFocY6GU9sEtMEGSyVneipC0r/oZC6ZSV2n+Z6XidqQ0Q
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:40:19 2025 by rpki-client