Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/X56Izhm4IvD77tNQDsvzKUhMtqs.roa
File: X56Izhm4IvD77tNQDsvzKUhMtqs.roa (raw, json)
Hash identifier: 9jDqIEwkatTfL3OHbgMEgRZkPKQ5c+4Pr+bUpy345ZE=
Subject key identifier: 5F:9E:88:CE:19:B8:22:F0:FB:EE:D3:50:0E:CB:F3:29:48:4C:B6:AB
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBD4492BC5F16E79C59F9D90195C23
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/X56Izhm4IvD77tNQDsvzKUhMtqs.roa
Signing time: Wed 01 Jan 2025 17:48:36 +0000
ROA not before: Wed 01 Jan 2025 17:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199707
IP address blocks: 2a0c:9a40:8aa0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d4:49:2b:c5:f1:6e:79:c5:9f:9d:90:19:5c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f9e88ce19b822f0fbeed3500ecbf329484cb6ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:86:81:c4:6c:30:8b:b5:b9:01:c9:5f:63:82:
ac:af:f3:87:2f:82:95:39:90:cb:7c:11:af:86:1b:
c6:dd:88:5f:93:a9:f6:7d:a9:c2:bf:fa:85:d1:f0:
93:ee:31:7a:bd:c5:d0:b3:d4:d7:ba:84:4b:0c:8e:
ea:0f:f5:04:ab:a0:e8:06:88:3e:d2:e4:ef:65:fa:
2e:28:7f:19:14:c2:ce:78:dd:b1:af:b5:fa:f9:73:
40:ee:2e:1a:3c:34:c1:1b:cf:a0:72:85:40:9b:98:
55:b0:8a:0c:5c:01:83:34:3f:2b:e9:58:44:e0:65:
a3:dd:d1:5a:77:56:2b:39:77:18:e9:51:1d:35:a0:
ea:86:75:32:52:6a:7a:dd:3a:be:ca:72:54:d6:d9:
4e:45:d4:a4:cf:a2:74:29:98:18:e5:20:3c:8f:53:
a2:fd:c3:19:93:70:2c:5a:45:0c:10:56:d6:83:dd:
4d:80:83:d2:4b:8c:19:6c:3b:f1:0b:62:d4:f8:0e:
14:3e:96:63:43:0f:b3:41:23:18:a0:ca:78:57:17:
24:7c:ef:74:9e:5d:ed:41:18:13:ca:36:6b:6c:2e:
a6:b8:0b:ab:53:ec:2a:03:5e:8a:ac:3e:e9:11:2c:
30:08:93:ed:49:04:f6:19:29:3e:0e:83:e2:ae:fe:
9d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9E:88:CE:19:B8:22:F0:FB:EE:D3:50:0E:CB:F3:29:48:4C:B6:AB
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/X56Izhm4IvD77tNQDsvzKUhMtqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8aa0::/44
Signature Algorithm: sha256WithRSAEncryption
5f:5e:25:ee:1b:7f:e9:f3:35:65:18:7e:15:7b:e7:a5:95:7c:
6f:89:29:21:ac:b4:e0:0b:88:0d:92:9d:6f:10:f6:16:d2:e4:
68:1b:b7:1b:19:e1:b4:ef:6f:08:36:5a:3e:dc:de:85:87:59:
d3:03:3e:80:93:f8:88:42:82:39:5c:58:00:63:c7:e8:f3:f6:
f3:77:03:cd:8b:fb:20:1f:1e:a3:b2:5e:c5:07:40:f1:7e:bb:
44:a5:73:a2:a8:cf:d1:0b:29:85:7a:e8:0e:85:4b:dc:06:a3:
a8:e2:c5:62:50:09:a3:a5:f3:26:d6:6d:ac:ab:f6:a1:5f:6f:
5e:a2:f2:16:5f:7e:9d:d5:84:a8:29:c2:80:ef:83:87:88:8a:
46:d7:64:52:6f:85:59:76:0b:d5:42:44:5e:09:47:25:e6:2a:
57:34:e6:22:00:6f:20:8b:95:dc:77:da:91:cc:24:35:2a:ab:
54:2a:d7:e8:fd:78:67:fb:18:14:5f:ee:80:99:dd:47:43:9f:
53:57:62:6c:e5:41:1f:f8:4f:2f:67:c7:3d:50:18:7b:ae:6d:
98:80:51:ca:0f:0d:4c:92:ce:a6:de:80:57:38:a8:c8:a6:ee:
a2:b9:3a:fd:9a:83:36:f8:7b:cf:9d:3d:81:ab:65:53:5f:49:
92:f1:24:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+9RJK8XxbnnFn52QGVwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjllODhjZTE5YjgyMmYwZmJlZWQzNTAwZWNiZjMyOTQ4NGNiNmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoaBxGwwi7W5AclfY4Ksr/OHL4KV
OZDLfBGvhhvG3Yhfk6n2fanCv/qF0fCT7jF6vcXQs9TXuoRLDI7qD/UEq6DoBog+
0uTvZfouKH8ZFMLOeN2xr7X6+XNA7i4aPDTBG8+gcoVAm5hVsIoMXAGDND8r6VhE
4GWj3dFad1YrOXcY6VEdNaDqhnUyUmp63Tq+ynJU1tlORdSkz6J0KZgY5SA8j1Oi
/cMZk3AsWkUMEFbWg91NgIPSS4wZbDvxC2LU+A4UPpZjQw+zQSMYoMp4VxckfO90
nl3tQRgTyjZrbC6muAurU+wqA16KrD7pESwwCJPtSQT2GSk+DoPirv6dIwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFF+eiM4ZuCLw++7TUA7L8ylITLarMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvWDU2SXpobTRJdkQ3N3ROUURzdnpLVWhNdHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIqg
MA0GCSqGSIb3DQEBCwUAA4IBAQBfXiXuG3/p8zVlGH4Ve+ellXxviSkhrLTgC4gN
kp1vEPYW0uRoG7cbGeG0728INlo+3N6Fh1nTAz6Ak/iIQoI5XFgAY8fo8/bzdwPN
i/sgHx6jsl7FB0DxfrtEpXOiqM/RCymFeugOhUvcBqOo4sViUAmjpfMm1m2sq/ah
X29eovIWX36d1YSoKcKA74OHiIpG12RSb4VZdgvVQkReCUcl5ipXNOYiAG8gi5Xc
d9qRzCQ1KqtUKtfo/Xhn+xgUX+6Amd1HQ59TV2Js5UEf+E8vZ8c9UBh7rm2YgFHK
Dw1Mks6m3oBXOKjIpu6iuTr9moM2+HvPnT2Bq2VTX0mS8SRK
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:28:10 2025 by rpki-client