Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lRlTfFWvSh3iLBpV0Lbf3M9Mj3c.roa
File: lRlTfFWvSh3iLBpV0Lbf3M9Mj3c.roa (raw, json)
Hash identifier: XOOiu1R32AZb8RKthgnI+bVYyjG6yoB03VdOzzviLCc=
Subject key identifier: 95:19:53:7C:55:AF:4A:1D:E2:2C:1A:55:D0:B6:DF:DC:CF:4C:8F:77
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBD3415582EAA86608F7EC4FE38C65
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lRlTfFWvSh3iLBpV0Lbf3M9Mj3c.roa
Signing time: Wed 01 Jan 2025 17:48:36 +0000
ROA not before: Wed 01 Jan 2025 17:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199689
IP address blocks: 2a0c:9a40:81f9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:d3:41:55:82:ea:a8:66:08:f7:ec:4f:e3:8c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9519537c55af4a1de22c1a55d0b6dfdccf4c8f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:e5:b8:96:7c:61:37:c0:67:a3:bf:e9:0b:0f:
28:1e:8f:93:06:23:74:5f:15:f4:0c:46:11:c9:e4:
0a:f7:27:6e:34:c9:5c:ca:9d:8e:9d:35:db:fd:26:
36:ae:5d:ec:ba:f4:1e:2c:8a:4b:70:35:59:4b:3a:
b5:a0:33:ba:31:74:cf:9a:0e:81:e7:b3:a3:31:4f:
84:b4:e9:3a:7f:74:cf:f4:ab:91:f1:c2:b8:06:39:
1e:36:4a:dc:94:6f:82:4a:3c:87:3c:33:77:e8:f1:
6b:12:db:e1:28:f6:5c:f1:b0:1c:dd:1e:65:07:2b:
5b:c3:1a:e2:d1:12:f2:48:ac:5e:0b:42:f5:3c:04:
07:98:4d:88:72:64:3f:26:a9:65:eb:39:d9:46:cf:
5e:97:04:37:84:2e:8a:10:37:f6:48:2b:28:bf:28:
0a:5c:e2:da:f6:6a:ee:25:ca:70:96:e9:09:5d:1d:
f5:b3:55:64:e9:38:b5:79:20:ce:66:72:d2:90:5d:
0c:77:77:0c:fa:53:85:84:87:a4:53:e4:b7:a1:57:
ed:c6:7a:1f:6d:db:8b:8e:e0:14:b7:21:09:bc:0f:
c9:ea:79:3c:0c:d8:83:18:0f:ec:78:22:d9:1d:78:
5b:e3:85:2c:20:34:93:4c:43:e0:ad:b9:ce:5a:d5:
ac:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:19:53:7C:55:AF:4A:1D:E2:2C:1A:55:D0:B6:DF:DC:CF:4C:8F:77
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lRlTfFWvSh3iLBpV0Lbf3M9Mj3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:81f9::/48
Signature Algorithm: sha256WithRSAEncryption
44:3c:0c:cc:d2:df:4c:59:9d:55:83:d0:24:3a:9b:f2:6f:e7:
4c:21:d4:da:f7:2e:b1:e4:69:78:a2:c7:a8:b9:98:ff:42:1d:
5f:9b:7d:68:82:2c:63:1c:85:da:98:e3:25:0f:79:77:0d:5d:
9f:9f:12:31:ba:0c:e5:3a:3f:4b:e4:de:b4:13:a1:c2:3d:c8:
e5:1b:5d:75:ec:98:b7:3b:f0:c6:7f:4b:a3:07:ee:bf:84:dc:
1e:9b:cb:ec:a9:04:20:48:f8:c3:33:11:0c:08:16:24:ec:cc:
5f:03:b2:97:10:b8:7b:8c:aa:fc:d8:b2:6f:87:00:7c:f1:51:
33:8a:48:00:eb:23:79:85:64:89:1d:e3:2e:a6:3f:cf:ae:c0:
37:98:f1:64:c9:27:1c:c2:a1:81:39:08:63:30:6a:5e:2d:84:
84:d2:aa:61:74:04:fd:0e:4a:82:b0:16:78:11:19:59:3b:49:
0b:9c:08:27:2f:f6:33:f4:48:d5:40:8a:11:d6:36:af:06:71:
ae:e0:69:0c:24:08:df:fb:f0:08:44:66:8c:f8:06:d2:c0:81:
fb:a1:33:25:da:7e:22:8f:d5:71:bf:90:8a:ac:c4:46:f1:1f:
ed:6d:20:85:b0:db:34:3b:71:3b:aa:9e:61:87:fb:5f:10:af:
38:33:95:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+9NBVYLqqGYI9+xP44xlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE5NTM3YzU1YWY0YTFkZTIyYzFhNTVkMGI2ZGZkY2NmNGM4Zjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+eW4lnxhN8Bno7/pCw8oHo+TBiN0
XxX0DEYRyeQK9yduNMlcyp2OnTXb/SY2rl3suvQeLIpLcDVZSzq1oDO6MXTPmg6B
57OjMU+EtOk6f3TP9KuR8cK4BjkeNkrclG+CSjyHPDN36PFrEtvhKPZc8bAc3R5l
Bytbwxri0RLySKxeC0L1PAQHmE2IcmQ/Jqll6znZRs9elwQ3hC6KEDf2SCsovygK
XOLa9mruJcpwlukJXR31s1Vk6Ti1eSDOZnLSkF0Md3cM+lOFhIekU+S3oVftxnof
bduLjuAUtyEJvA/J6nk8DNiDGA/seCLZHXhb44UsIDSTTEPgrbnOWtWsmQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJUZU3xVr0od4iwaVdC239zPTI93MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvbFJsVGZGV3ZTaDNpTEJwVjBMYmYzTTlNajNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIH5
MA0GCSqGSIb3DQEBCwUAA4IBAQBEPAzM0t9MWZ1Vg9AkOpvyb+dMIdTa9y6x5Gl4
oseouZj/Qh1fm31ogixjHIXamOMlD3l3DV2fnxIxugzlOj9L5N60E6HCPcjlG111
7Ji3O/DGf0ujB+6/hNwem8vsqQQgSPjDMxEMCBYk7MxfA7KXELh7jKr82LJvhwB8
8VEzikgA6yN5hWSJHeMupj/PrsA3mPFkySccwqGBOQhjMGpeLYSE0qphdAT9DkqC
sBZ4ERlZO0kLnAgnL/Yz9EjVQIoR1javBnGu4GkMJAjf+/AIRGaM+AbSwIH7oTMl
2n4ij9Vxv5CKrMRG8R/tbSCFsNs0O3E7qp5hh/tfEK84M5UF
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:44:59 2025 by rpki-client