Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cYm4DQxEwqbrAc6K3wvkm6wVk8s.roa
File: cYm4DQxEwqbrAc6K3wvkm6wVk8s.roa (raw, json)
Hash identifier: HmFBbQAOl3HcXW8gV00xMu+Sw3LmIbVfajJc8KIdiHc=
Subject key identifier: 71:89:B8:0D:0C:44:C2:A6:EB:01:CE:8A:DF:0B:E4:9B:AC:15:93:CB
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBCFBC271AF9CA3B56C46AC738A8C3
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cYm4DQxEwqbrAc6K3wvkm6wVk8s.roa
Signing time: Wed 01 Jan 2025 17:48:35 +0000
ROA not before: Wed 01 Jan 2025 17:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197715
IP address blocks: 2a0c:9a40:83e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:cf:bc:27:1a:f9:ca:3b:56:c4:6a:c7:38:a8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7189b80d0c44c2a6eb01ce8adf0be49bac1593cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:05:4a:50:6b:8d:7b:d6:ef:87:9f:80:42:22:
5d:0a:8a:49:ff:fc:21:ae:4c:b4:a3:4a:30:97:0b:
f4:ee:3e:89:e7:8b:87:c7:06:39:d7:60:75:40:5b:
c9:ef:f6:72:c1:f7:bd:2c:0b:0d:fa:b6:01:fc:9b:
84:c9:21:f2:d9:3d:b5:61:61:aa:26:52:ae:56:93:
62:00:a2:c0:29:8f:89:15:0f:88:05:20:02:12:58:
c1:c3:6f:66:53:0d:07:77:48:88:d5:31:6d:3f:bd:
68:c2:7e:9b:7d:e4:28:25:20:be:a1:cb:5f:ff:eb:
7d:71:3f:45:ee:cd:61:0e:76:40:f6:aa:d5:a8:3d:
e8:63:2b:c0:00:d5:d7:e5:ef:bc:19:e0:09:f3:f0:
80:9c:22:6f:18:c1:99:ce:28:56:15:ff:88:29:f0:
d9:58:ac:12:4a:8a:ba:e3:99:22:cf:e0:16:43:78:
05:fe:8f:09:4e:3f:0d:bf:c7:1f:ed:f6:60:50:9f:
00:c4:bf:5f:4d:25:06:3a:df:8a:91:43:8c:f1:63:
44:87:65:ba:16:e8:9a:ee:93:75:15:46:30:51:5c:
b7:f0:92:89:25:c9:22:b6:f3:64:e2:f4:fb:65:63:
d6:0c:16:1e:fb:51:49:56:ab:a1:7b:05:72:4e:fa:
41:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:89:B8:0D:0C:44:C2:A6:EB:01:CE:8A:DF:0B:E4:9B:AC:15:93:CB
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cYm4DQxEwqbrAc6K3wvkm6wVk8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:83e0::/48
Signature Algorithm: sha256WithRSAEncryption
14:27:48:bd:f1:7e:0d:05:9b:7f:c1:6f:e9:1e:4f:0e:41:5f:
24:96:18:2a:bd:2f:03:81:f8:ba:29:8a:38:ff:56:54:5b:09:
68:78:14:d9:58:5a:74:1a:ed:36:0e:11:4d:20:27:be:56:82:
6d:8e:45:de:32:a6:d5:c3:60:4f:66:2d:9d:ce:98:5f:8f:1a:
32:c6:04:21:d0:94:3a:59:e2:4e:68:c8:1c:ea:fe:c5:fd:33:
27:1c:8c:8a:cf:67:a7:e4:c9:85:92:04:00:e3:b3:ad:8f:97:
c6:55:e7:f1:dc:24:e9:53:bd:00:0c:3c:c9:bf:cb:72:6a:80:
a6:07:6d:47:fa:06:18:f8:67:36:9c:2c:00:97:f7:c5:99:e7:
3b:a1:e7:36:cb:47:95:45:33:ab:bb:7d:46:a3:b0:b6:59:62:
79:14:74:9f:8d:25:c8:1b:e1:ce:7a:e2:52:ff:63:29:7a:0e:
ee:a3:2d:78:e0:4e:60:9f:16:07:65:68:3f:5d:a9:4a:23:ca:
fb:e5:f6:2f:f0:14:99:e1:f2:91:8d:2c:26:e5:29:02:6d:42:
93:cb:96:b2:e0:d9:75:0d:71:32:1e:38:45:c0:5f:7c:5c:40:
13:98:25:92:d5:67:b0:dc:23:71:7e:63:4e:fa:8f:07:e2:1f:
57:97:72:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+8+8Jxr5yjtWxGrHOKjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTg5YjgwZDBjNDRjMmE2ZWIwMWNlOGFkZjBiZTQ5YmFjMTU5M2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwVKUGuNe9bvh5+AQiJdCopJ//wh
rky0o0owlwv07j6J54uHxwY512B1QFvJ7/Zywfe9LAsN+rYB/JuEySHy2T21YWGq
JlKuVpNiAKLAKY+JFQ+IBSACEljBw29mUw0Hd0iI1TFtP71own6bfeQoJSC+octf
/+t9cT9F7s1hDnZA9qrVqD3oYyvAANXX5e+8GeAJ8/CAnCJvGMGZzihWFf+IKfDZ
WKwSSoq645kiz+AWQ3gF/o8JTj8Nv8cf7fZgUJ8AxL9fTSUGOt+KkUOM8WNEh2W6
Fuia7pN1FUYwUVy38JKJJckitvNk4vT7ZWPWDBYe+1FJVquhewVyTvpBGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHGJuA0MRMKm6wHOit8L5JusFZPLMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvY1ltNERReEV3cWJyQWM2SzN3dmttNndWazhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIPg
MA0GCSqGSIb3DQEBCwUAA4IBAQAUJ0i98X4NBZt/wW/pHk8OQV8klhgqvS8Dgfi6
KYo4/1ZUWwloeBTZWFp0Gu02DhFNICe+VoJtjkXeMqbVw2BPZi2dzphfjxoyxgQh
0JQ6WeJOaMgc6v7F/TMnHIyKz2en5MmFkgQA47Otj5fGVefx3CTpU70ADDzJv8ty
aoCmB21H+gYY+Gc2nCwAl/fFmec7oec2y0eVRTOru31Go7C2WWJ5FHSfjSXIG+HO
euJS/2Mpeg7uoy144E5gnxYHZWg/XalKI8r75fYv8BSZ4fKRjSwm5SkCbUKTy5ay
4Nl1DXEyHjhFwF98XEATmCWS1Wew3CNxfmNO+o8H4h9Xl3KQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:37:07 2025 by rpki-client