Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/aXV5kzULQJHA1VUsLrGC_utDEj0.roa
File: aXV5kzULQJHA1VUsLrGC_utDEj0.roa (raw, json)
Hash identifier: RZpdD5Ev/tGEsucM1kAhxW3ZutosK7NRBatofOS2+jE=
Subject key identifier: 69:75:79:93:35:0B:40:91:C0:D5:55:2C:2E:B1:82:FE:EB:43:12:3D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0195758624A9C4C0B79EC9D4EC8127BAC59E
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/aXV5kzULQJHA1VUsLrGC_utDEj0.roa
Signing time: Sat 08 Mar 2025 11:31:20 +0000
ROA not before: Sat 08 Mar 2025 11:31:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151338
IP address blocks: 2a0c:9a40:9f00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:75:86:24:a9:c4:c0:b7:9e:c9:d4:ec:81:27:ba:c5:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Mar 8 11:31:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69757993350b4091c0d5552c2eb182feeb43123d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:1d:38:a1:a9:f1:4b:51:90:05:18:3c:c2:
62:55:01:47:2f:66:fa:40:eb:e5:16:b9:98:b0:a8:
86:ed:8e:de:44:0d:9e:01:ba:72:37:36:9d:bd:a7:
99:6c:95:e5:c9:d9:63:98:d0:b9:6c:f8:60:5a:a8:
08:f9:ad:62:4a:03:82:b3:a3:46:1b:ba:71:44:cf:
4f:04:17:7a:4a:d9:f0:b0:1c:ad:fb:6e:c6:a7:89:
1e:14:87:b4:39:5a:6b:99:98:4e:ae:b5:c6:35:6c:
e4:de:bf:ea:ed:5a:83:ea:ef:00:07:7c:9f:23:a4:
ac:e1:87:7d:0d:20:71:41:0d:c8:62:b0:1a:44:70:
99:a2:5a:d2:07:a4:00:dc:63:f2:55:03:bf:8d:81:
68:8b:29:7d:e1:dd:9d:a1:25:4a:ed:fa:5c:42:82:
c2:fb:7b:81:0f:e4:92:79:13:74:51:91:e2:00:05:
ad:85:43:1e:33:75:4e:6e:68:b9:5f:93:c6:8d:ac:
36:33:2f:c2:5b:56:a7:85:b9:ac:76:4b:97:15:ea:
09:3c:19:8d:5b:d5:01:42:9e:a2:e0:5f:1b:5e:1d:
4e:68:93:f0:f3:1f:7d:b6:79:86:b6:85:b3:a4:d8:
c9:86:5d:b1:41:eb:23:10:fa:cf:f5:60:99:ad:10:
ca:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:75:79:93:35:0B:40:91:C0:D5:55:2C:2E:B1:82:FE:EB:43:12:3D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/aXV5kzULQJHA1VUsLrGC_utDEj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9f00::/40
Signature Algorithm: sha256WithRSAEncryption
8e:a1:8c:ea:bb:94:f1:69:50:9d:ee:bf:e7:3c:a5:6f:1b:a7:
1e:4e:4a:62:08:c0:78:59:6a:0e:fa:ab:d5:cd:32:14:d3:a0:
cc:c0:70:ae:67:a8:73:d0:a4:8f:bb:34:ff:2a:47:42:0b:4a:
91:b0:60:e5:8c:8a:b2:07:33:39:c6:ee:c2:ce:25:aa:c6:3c:
68:76:e2:aa:7d:d1:60:63:e7:47:7d:62:60:59:14:3e:8d:e4:
fb:2f:2f:ee:97:ea:14:ae:fc:8c:1b:77:0c:27:c5:8d:74:13:
d4:3d:ca:5d:06:38:20:d4:54:df:e1:dd:d2:3f:d2:90:d6:75:
cb:70:ad:47:7d:e3:7c:9f:2c:c3:cf:6b:cb:f5:d0:cc:f7:fd:
ed:cc:6c:0d:c3:45:ac:e0:e3:8a:0b:87:a2:12:fe:2b:8d:5b:
78:6f:06:eb:5a:ad:be:13:59:07:75:d3:f5:e9:a4:05:26:dc:
bf:5f:88:2d:95:f5:d6:1f:df:92:0d:93:d4:3d:ab:9f:d2:38:
e7:87:53:f0:76:44:a6:47:74:58:57:1d:37:50:92:26:90:cb:
5f:0a:81:6c:67:23:c2:c2:de:65:2d:50:07:13:a2:7b:13:ca:
3c:49:40:cf:1c:aa:6f:eb:a0:f5:ac:48:ca:28:e9:ad:2d:9b:
90:c4:a3:4d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZV1hiSpxMC3nsnU7IEnusWeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMzA4MTEzMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc1Nzk5MzM1MGI0MDkxYzBkNTU1MmMyZWIxODJmZWViNDMxMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx0dOKGp8UtRkAUYPMJiVQFHL2b6
QOvlFrmYsKiG7Y7eRA2eAbpyNzadvaeZbJXlydljmNC5bPhgWqgI+a1iSgOCs6NG
G7pxRM9PBBd6StnwsByt+27Gp4keFIe0OVprmZhOrrXGNWzk3r/q7VqD6u8AB3yf
I6Ss4Yd9DSBxQQ3IYrAaRHCZolrSB6QA3GPyVQO/jYFoiyl94d2doSVK7fpcQoLC
+3uBD+SSeRN0UZHiAAWthUMeM3VObmi5X5PGjaw2My/CW1anhbmsdkuXFeoJPBmN
W9UBQp6i4F8bXh1OaJPw8x99tnmGtoWzpNjJhl2xQesjEPrP9WCZrRDK6wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGl1eZM1C0CRwNVVLC6xgv7rQxI9MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvYVhWNWt6VUxRSkhBMVZVc0xyR0NfdXRERWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJ8w
DQYJKoZIhvcNAQELBQADggEBAI6hjOq7lPFpUJ3uv+c8pW8bpx5OSmIIwHhZag76
q9XNMhTToMzAcK5nqHPQpI+7NP8qR0ILSpGwYOWMirIHMznG7sLOJarGPGh24qp9
0WBj50d9YmBZFD6N5PsvL+6X6hSu/IwbdwwnxY10E9Q9yl0GOCDUVN/h3dI/0pDW
dctwrUd943yfLMPPa8v10Mz3/e3MbA3DRazg44oLh6IS/iuNW3hvButarb4TWQd1
0/XppAUm3L9fiC2V9dYf35INk9Q9q5/SOOeHU/B2RKZHdFhXHTdQkiaQy18KgWxn
I8LC3mUtUAcTonsTyjxJQM8cqm/roPWsSMoo6a0tm5DEo00=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:18:36 2025 by rpki-client