Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/fX9fwJiLdsqw5i293erIj5hZsk4.roa
File: fX9fwJiLdsqw5i293erIj5hZsk4.roa (raw, json)
Hash identifier: vURn1OdYvoIxsAxSI9HcNQsmeDZOBq2qpnPJb5EWCsY=
Subject key identifier: 7D:7F:5F:C0:98:8B:76:CA:B0:E6:2D:BD:DD:EA:C8:8F:98:59:B2:4E
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBD70E618CE6EF40B269C671F89A05
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/fX9fwJiLdsqw5i293erIj5hZsk4.roa
Signing time: Wed 01 Jan 2025 17:48:37 +0000
ROA not before: Wed 01 Jan 2025 17:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200529
IP address blocks: 2a0c:9a46:700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d7:0e:61:8c:e6:ef:40:b2:69:c6:71:f8:9a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d7f5fc0988b76cab0e62dbdddeac88f9859b24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b7:93:64:3d:7f:34:f1:4b:09:75:e3:6e:e0:
e7:41:ab:f9:26:ec:cc:fc:56:9e:1a:8e:02:1c:fb:
9c:89:0a:e8:18:f6:ba:9a:37:11:e3:a6:2d:52:fe:
80:19:ff:58:5d:e7:87:3c:d9:15:45:f7:8a:e4:20:
77:1c:57:be:c2:c2:be:38:5d:b3:39:c6:41:b1:e8:
c1:09:6c:eb:cd:25:b5:6a:0a:d9:da:63:c7:e0:68:
e3:b6:49:b9:0e:bc:3a:7e:35:d0:cd:59:ed:d5:77:
4c:df:de:d3:0b:dd:88:52:ef:68:9a:6a:3f:30:43:
cf:28:6c:fa:42:e5:29:f2:3e:6f:16:6e:76:6f:b8:
3e:24:c3:2b:fd:1a:b1:76:33:7f:fb:a7:9a:a0:e5:
6d:14:c6:03:46:9b:d3:1e:90:d7:f7:07:7b:0a:c9:
60:9a:51:d4:99:7c:89:c9:a3:f2:85:56:28:7c:1c:
ea:f6:44:66:be:11:f9:ac:fe:07:84:c9:54:d6:41:
a8:36:82:fe:38:cd:46:11:0b:08:0f:a4:cf:62:9c:
3c:54:79:01:64:e8:20:91:8b:64:86:85:c2:dd:98:
21:7a:2e:cb:9c:25:a6:19:ea:ee:5a:b0:71:9b:dd:
0b:2d:39:30:e5:ce:d9:c5:eb:b1:80:27:ed:5a:11:
86:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7F:5F:C0:98:8B:76:CA:B0:E6:2D:BD:DD:EA:C8:8F:98:59:B2:4E
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/fX9fwJiLdsqw5i293erIj5hZsk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a46:700::/40
Signature Algorithm: sha256WithRSAEncryption
a0:cb:62:03:c1:de:b0:a3:32:8a:57:af:73:b2:6e:4b:e1:73:
df:27:e7:8b:ba:35:ba:12:fb:f0:92:a7:e8:53:cc:10:8c:77:
8e:95:09:71:86:f1:f9:e8:e8:6b:40:ca:b7:f1:2b:25:95:c7:
58:73:36:46:ca:9d:07:37:45:6b:c8:5f:e1:57:4c:2b:d9:f7:
b5:e6:49:5f:7e:92:9d:50:8c:9e:08:d3:0f:c8:46:2c:be:f9:
3c:6d:e1:61:07:8f:f8:af:41:0f:16:49:d2:2e:a0:e5:2f:5a:
e8:63:37:ca:32:09:ef:2f:6a:01:54:d6:c8:fd:3b:09:84:9c:
4e:c4:d9:42:61:82:46:7e:3e:f5:5f:6e:e9:e9:b3:71:c3:04:
c9:84:24:c8:4b:b6:03:e5:45:12:87:1d:60:6d:c6:8c:17:27:
36:9e:d8:57:ac:7f:e4:33:f8:09:c8:e8:6f:69:ee:32:94:ee:
49:16:50:3e:f1:65:87:5a:b9:63:16:2d:73:49:92:56:fa:e3:
7d:ed:ff:cf:d1:4a:80:82:4f:ff:d2:61:23:66:8e:31:7b:e4:
08:57:be:04:d8:b8:f0:c6:98:dc:3d:14:56:e5:77:13:8d:68:
f4:7c:58:fb:1b:dd:9f:c8:8c:56:9d:78:c8:c0:40:a5:83:43:
47:bf:a5:42
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQi+9cOYYzm70CyacZx+JoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdmNWZjMDk4OGI3NmNhYjBlNjJkYmRkZGVhYzg4Zjk4NTliMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLeTZD1/NPFLCXXjbuDnQav5JuzM
/FaeGo4CHPuciQroGPa6mjcR46YtUv6AGf9YXeeHPNkVRfeK5CB3HFe+wsK+OF2z
OcZBsejBCWzrzSW1agrZ2mPH4Gjjtkm5Drw6fjXQzVnt1XdM397TC92IUu9ommo/
MEPPKGz6QuUp8j5vFm52b7g+JMMr/RqxdjN/+6eaoOVtFMYDRpvTHpDX9wd7Cslg
mlHUmXyJyaPyhVYofBzq9kRmvhH5rP4HhMlU1kGoNoL+OM1GEQsID6TPYpw8VHkB
ZOggkYtkhoXC3Zghei7LnCWmGeruWrBxm90LLTkw5c7ZxeuxgCftWhGGzQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFH1/X8CYi3bKsOYtvd3qyI+YWbJOMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvZlg5ZndKaUxkc3F3NWkyOTNlcklqNWhac2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaRgcw
DQYJKoZIhvcNAQELBQADggEBAKDLYgPB3rCjMopXr3Oybkvhc98n54u6NboS+/CS
p+hTzBCMd46VCXGG8fno6GtAyrfxKyWVx1hzNkbKnQc3RWvIX+FXTCvZ97XmSV9+
kp1QjJ4I0w/IRiy++Txt4WEHj/ivQQ8WSdIuoOUvWuhjN8oyCe8vagFU1sj9OwmE
nE7E2UJhgkZ+PvVfbunps3HDBMmEJMhLtgPlRRKHHWBtxowXJzae2Fesf+Qz+AnI
6G9p7jKU7kkWUD7xZYdauWMWLXNJklb6433t/8/RSoCCT//SYSNmjjF75AhXvgTY
uPDGmNw9FFbldxONaPR8WPsb3Z/IjFadeMjAQKWDQ0e/pUI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:45:09 2025 by rpki-client