Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cta5ZYrtFdDptXih3gERIA-hxmI.roa
File: cta5ZYrtFdDptXih3gERIA-hxmI.roa (raw, json)
Hash identifier: mlVwxcW/gtkAoIjE8jn9CBKaX6h5m7OVP4VrVO1TCkI=
Subject key identifier: 72:D6:B9:65:8A:ED:15:D0:E9:B5:78:A1:DE:01:11:20:0F:A1:C6:62
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBE689C5D1E6722774653A32BDAE8E
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cta5ZYrtFdDptXih3gERIA-hxmI.roa
Signing time: Wed 01 Jan 2025 17:48:41 +0000
ROA not before: Wed 01 Jan 2025 17:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210633
IP address blocks: 2a0c:9a40:8170::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e6:89:c5:d1:e6:72:27:74:65:3a:32:bd:ae:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72d6b9658aed15d0e9b578a1de0111200fa1c662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a4:d2:15:d5:51:d5:5e:69:81:12:95:69:d1:
14:57:90:5e:0b:48:6e:3f:46:40:fe:48:b3:34:11:
06:aa:34:ba:99:1b:08:5a:d1:11:51:8d:bb:c7:90:
5a:79:c5:b7:e3:66:ec:8e:51:2b:08:d7:f4:ca:e9:
96:56:f2:8c:82:b2:fe:32:6d:48:05:74:10:81:aa:
74:61:9d:96:ad:04:88:90:8f:a8:e2:42:c4:2f:c2:
db:68:08:31:4c:f2:59:9e:75:e2:80:76:34:2d:99:
1c:8a:03:4a:5c:6b:f0:e1:66:75:2b:ca:58:ed:53:
af:61:0c:64:76:c9:1d:1d:8e:8d:a3:e2:70:78:8c:
db:37:d0:2b:0c:57:98:15:b4:d8:89:c6:2a:26:00:
50:6c:cf:6f:e6:2e:f2:30:74:f0:69:d3:7a:fc:e4:
fe:b4:31:4e:25:91:53:19:e4:4a:ce:c3:13:f4:6f:
2c:96:55:59:3d:60:5f:52:25:29:cf:ac:58:06:62:
b8:be:b2:fa:f8:8d:70:71:5c:66:3a:7f:b0:a5:53:
04:9e:15:b1:aa:89:86:33:10:51:ac:bd:9a:bb:0f:
a6:0c:41:9b:e2:dd:a8:6b:3b:38:c7:01:c0:2a:07:
10:68:26:ac:cf:4b:13:60:f4:cb:06:ea:16:bc:11:
a7:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D6:B9:65:8A:ED:15:D0:E9:B5:78:A1:DE:01:11:20:0F:A1:C6:62
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/cta5ZYrtFdDptXih3gERIA-hxmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8170::/48
Signature Algorithm: sha256WithRSAEncryption
4e:e4:b0:6a:51:5d:9f:66:b7:63:80:77:3a:4c:d3:fb:b5:eb:
38:cc:86:06:bf:74:ab:3c:87:b6:36:cc:52:5b:b4:f0:58:49:
59:2b:cb:e3:c5:ed:f6:6a:d6:77:74:55:e4:09:40:82:9d:03:
fb:b3:a6:3c:fc:2c:7e:67:be:1d:b3:b9:a8:58:e4:7a:68:a8:
fb:30:34:38:b9:2a:c0:34:f9:dc:ca:ed:07:05:d3:f2:fd:eb:
b7:24:68:d7:e5:16:73:a5:d2:5c:d0:d9:f8:b2:4f:b1:29:8a:
b4:c9:b5:7d:ee:82:43:64:75:60:5c:3a:6a:29:b1:5f:20:df:
15:7a:d8:67:51:6f:13:e7:c2:a0:84:af:c9:bf:fd:c6:18:01:
aa:54:44:8a:33:08:f1:bc:4e:2b:a0:b9:a8:67:f7:d0:a3:36:
4b:9d:a2:f2:36:b6:44:6d:8f:eb:1c:29:af:e9:00:61:22:7a:
2a:7a:41:5f:f0:01:e2:6e:e6:30:54:ce:b1:9a:9b:4a:aa:de:
7e:9a:dc:77:a7:90:be:66:6e:a0:cf:36:4c:ac:20:50:dd:58:
d6:bd:7f:d9:46:8d:c6:a4:3b:83:af:1f:40:21:20:8d:94:e9:
80:06:a6:8e:f7:e3:69:e1:98:30:ca:63:d7:89:fd:e1:c4:5a:
b8:f7:8e:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi++aJxdHmcid0ZToyva6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ2Yjk2NThhZWQxNWQwZTliNTc4YTFkZTAxMTEyMDBmYTFjNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aTSFdVR1V5pgRKVadEUV5BeC0hu
P0ZA/kizNBEGqjS6mRsIWtERUY27x5BaecW342bsjlErCNf0yumWVvKMgrL+Mm1I
BXQQgap0YZ2WrQSIkI+o4kLEL8LbaAgxTPJZnnXigHY0LZkcigNKXGvw4WZ1K8pY
7VOvYQxkdskdHY6No+JweIzbN9ArDFeYFbTYicYqJgBQbM9v5i7yMHTwadN6/OT+
tDFOJZFTGeRKzsMT9G8sllVZPWBfUiUpz6xYBmK4vrL6+I1wcVxmOn+wpVMEnhWx
qomGMxBRrL2auw+mDEGb4t2oazs4xwHAKgcQaCasz0sTYPTLBuoWvBGnEQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHLWuWWK7RXQ6bV4od4BESAPocZiMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvY3RhNVpZcnRGZERwdFhpaDNnRVJJQS1oeG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIFw
MA0GCSqGSIb3DQEBCwUAA4IBAQBO5LBqUV2fZrdjgHc6TNP7tes4zIYGv3SrPIe2
NsxSW7TwWElZK8vjxe32atZ3dFXkCUCCnQP7s6Y8/Cx+Z74ds7moWOR6aKj7MDQ4
uSrANPncyu0HBdPy/eu3JGjX5RZzpdJc0Nn4sk+xKYq0ybV97oJDZHVgXDpqKbFf
IN8VethnUW8T58KghK/Jv/3GGAGqVESKMwjxvE4roLmoZ/fQozZLnaLyNrZEbY/r
HCmv6QBhInoqekFf8AHibuYwVM6xmptKqt5+mtx3p5C+Zm6gzzZMrCBQ3VjWvX/Z
Ro3GpDuDrx9AISCNlOmABqaO9+Np4ZgwymPXif3hxFq4944Z
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:15:49 2025 by rpki-client