Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P7mWpxd-zzPXUSfVHQ9a7r8gN8Q.roa
File: P7mWpxd-zzPXUSfVHQ9a7r8gN8Q.roa (raw, json)
Hash identifier: m9ucc+LfusznTLrS7kTm7GTm6r6drO9gvIr1qkrBD7M=
Subject key identifier: 3F:B9:96:A7:17:7E:CF:33:D7:51:27:D5:1D:0F:5A:EE:BF:20:37:C4
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBFF84F3803F431F1D053B4696759D
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P7mWpxd-zzPXUSfVHQ9a7r8gN8Q.roa
Signing time: Wed 01 Jan 2025 17:48:47 +0000
ROA not before: Wed 01 Jan 2025 17:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216340
IP address blocks: 2a0c:9a40:8300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ff:84:f3:80:3f:43:1f:1d:05:3b:46:96:75:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fb996a7177ecf33d75127d51d0f5aeebf2037c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3f:18:fb:81:36:63:ca:df:ff:9e:70:d8:c7:
3f:c6:08:b6:8f:38:8d:a3:c4:57:bd:de:58:68:4e:
1f:45:a0:1a:f4:d8:f7:ef:f6:5f:1c:eb:0c:6f:8a:
a7:58:0d:c8:be:60:33:4d:9d:c8:97:e6:9e:a1:bc:
43:bc:49:66:e0:c4:3d:2a:9c:7e:60:b7:2f:71:ef:
09:16:34:59:56:07:81:1d:9a:75:14:30:42:39:80:
12:7f:db:fc:11:b4:0f:e1:31:df:51:13:dd:6e:d9:
7a:43:b4:1c:c8:33:22:5e:87:95:38:2c:cc:7d:2c:
89:7c:a2:32:23:91:42:f6:a2:63:35:6b:d0:a5:21:
55:67:8e:25:7f:67:87:d8:6f:b5:8b:db:86:46:e5:
44:7a:88:1d:0a:7f:69:4c:82:82:f7:39:e1:08:e6:
b2:f6:a1:2c:0e:93:41:d8:46:54:7c:98:68:53:25:
5e:57:92:36:0b:a4:57:27:18:86:b3:54:47:e7:58:
49:39:3e:10:0b:b4:9c:e5:fe:84:88:2b:e5:40:ed:
af:f4:1f:1a:08:c9:28:76:79:fa:8a:85:44:88:a3:
eb:d7:b9:f1:c0:84:54:36:32:b9:b0:bc:95:c8:ae:
46:66:60:cd:90:54:28:63:d8:7e:79:b9:52:8c:2a:
6e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:B9:96:A7:17:7E:CF:33:D7:51:27:D5:1D:0F:5A:EE:BF:20:37:C4
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/P7mWpxd-zzPXUSfVHQ9a7r8gN8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8300::/48
Signature Algorithm: sha256WithRSAEncryption
a2:28:5d:8a:8e:2e:f3:9d:22:5a:a6:bd:01:6f:92:d0:5d:11:
d6:21:fb:bf:38:51:fc:78:24:75:08:80:99:5d:03:85:f4:85:
8f:84:59:45:5d:13:ea:d1:4a:02:0f:72:7d:00:9c:07:fe:34:
3b:f1:4b:a0:07:ac:05:cd:4d:cc:b5:51:59:c8:53:36:d4:fa:
7a:e9:c9:33:9c:c1:b0:2f:d2:81:7d:0c:ce:38:b8:d5:23:28:
85:3c:c4:06:dd:e5:85:fc:be:54:ec:30:63:f4:6b:7d:0b:ce:
04:0d:8d:56:1b:b6:8b:56:da:66:64:72:e6:ce:69:48:46:df:
54:e0:28:8f:af:03:1b:b9:5e:e5:f6:f1:11:2b:3a:be:b0:f6:
16:93:8c:78:ac:b4:3f:87:6c:27:59:d0:68:e7:ac:69:89:d4:
06:36:29:77:0e:15:47:06:9e:47:73:7d:09:8e:4f:af:3a:2a:
46:71:02:2d:44:a7:a5:9a:c8:bc:b1:ef:02:4a:cd:37:62:18:
46:5a:1b:2c:63:91:50:fb:85:88:87:28:08:4a:58:f3:8c:44:
3b:7f:51:7a:e9:9a:51:58:a0:4f:ba:c9:04:90:d2:04:14:34:
a9:78:34:b0:af:b7:63:13:ed:1c:e1:2b:61:d2:29:f8:bb:25:
fc:cf:12:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/+E84A/Qx8dBTtGlnWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmI5OTZhNzE3N2VjZjMzZDc1MTI3ZDUxZDBmNWFlZWJmMjAzN2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD8Y+4E2Y8rf/55w2Mc/xgi2jziN
o8RXvd5YaE4fRaAa9Nj37/ZfHOsMb4qnWA3IvmAzTZ3Il+aeobxDvElm4MQ9Kpx+
YLcvce8JFjRZVgeBHZp1FDBCOYASf9v8EbQP4THfURPdbtl6Q7QcyDMiXoeVOCzM
fSyJfKIyI5FC9qJjNWvQpSFVZ44lf2eH2G+1i9uGRuVEeogdCn9pTIKC9znhCOay
9qEsDpNB2EZUfJhoUyVeV5I2C6RXJxiGs1RH51hJOT4QC7Sc5f6EiCvlQO2v9B8a
CMkodnn6ioVEiKPr17nxwIRUNjK5sLyVyK5GZmDNkFQoY9h+eblSjCpuiQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD+5lqcXfs8z11En1R0PWu6/IDfEMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvUDdtV3B4ZC16elBYVVNmVkhROWE3cjhnTjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIMA
MA0GCSqGSIb3DQEBCwUAA4IBAQCiKF2Kji7znSJapr0Bb5LQXRHWIfu/OFH8eCR1
CICZXQOF9IWPhFlFXRPq0UoCD3J9AJwH/jQ78UugB6wFzU3MtVFZyFM21Pp66ckz
nMGwL9KBfQzOOLjVIyiFPMQG3eWF/L5U7DBj9Gt9C84EDY1WG7aLVtpmZHLmzmlI
Rt9U4CiPrwMbuV7l9vERKzq+sPYWk4x4rLQ/h2wnWdBo56xpidQGNil3DhVHBp5H
c30Jjk+vOipGcQItRKelmsi8se8CSs03YhhGWhssY5FQ+4WIhygISljzjEQ7f1F6
6ZpRWKBPuskEkNIEFDSpeDSwr7djE+0c4Sth0in4uyX8zxLj
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:31:57 2025 by rpki-client