Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lcNHEWIlWVX9rxq_aBkJX3m3CZo.roa
File: lcNHEWIlWVX9rxq_aBkJX3m3CZo.roa (raw, json)
Hash identifier: LL83nYQMwYFS8ZPlKugBNDk6zkJ4ufCauTBAUQCVxUM=
Subject key identifier: 95:C3:47:11:62:25:59:55:FD:AF:1A:BF:68:19:09:5F:79:B7:09:9A
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBF906D1A5EB2426080E948ECB7FC0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lcNHEWIlWVX9rxq_aBkJX3m3CZo.roa
Signing time: Wed 01 Jan 2025 17:48:45 +0000
ROA not before: Wed 01 Jan 2025 17:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215541
IP address blocks: 2a0c:9a40:8510::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f9:06:d1:a5:eb:24:26:08:0e:94:8e:cb:7f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95c3471162255955fdaf1abf6819095f79b7099a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7d:b2:9c:bb:1b:7f:96:11:4e:c0:d3:e8:b1:
0f:af:4c:35:64:18:bb:bc:dd:be:4a:da:d5:df:fe:
20:d4:11:83:0c:cf:cf:b8:22:f4:7a:ae:9e:5b:0f:
be:ec:5b:24:75:73:3d:c7:6d:ca:bb:43:f0:01:94:
bf:58:cb:aa:d2:09:30:c9:8d:fb:4e:30:81:98:31:
d6:ac:9c:99:69:96:ea:1f:1b:10:e9:1d:6c:dd:a2:
eb:3e:d5:07:81:32:89:7b:21:ae:5f:86:62:f3:19:
f6:86:76:80:68:a7:f8:88:ec:74:6a:f7:3b:9f:71:
b8:29:ea:3f:c6:f2:4f:d5:8a:4d:c9:31:14:c8:92:
b2:1e:1d:22:9f:38:a0:dc:83:69:68:6e:41:76:de:
af:1a:4c:da:77:28:17:ad:17:bb:26:27:df:78:27:
90:1b:70:0f:67:df:e9:48:1b:00:da:cd:c3:86:19:
30:4c:96:11:79:44:29:d0:ec:89:0b:1c:d8:3e:d8:
84:31:77:ed:91:a7:d3:ca:30:f5:a5:45:3e:1d:3b:
ed:66:1c:87:9e:86:2f:66:bb:1c:bc:e3:fc:73:c5:
f4:02:75:97:f0:dd:4b:cf:2f:70:c6:1f:2d:a3:f9:
87:ac:22:4f:88:78:66:1f:6f:bd:6b:46:b7:3a:fb:
30:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C3:47:11:62:25:59:55:FD:AF:1A:BF:68:19:09:5F:79:B7:09:9A
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/lcNHEWIlWVX9rxq_aBkJX3m3CZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8510::/48
Signature Algorithm: sha256WithRSAEncryption
5b:fb:80:db:b3:45:80:15:35:ec:ea:d4:de:da:4a:67:23:b7:
11:89:17:55:b8:b5:ed:1a:b0:c2:5c:87:36:64:1c:96:24:87:
cc:b8:f7:1d:70:2e:af:a1:ad:9c:5c:24:22:cf:d1:60:78:08:
6d:c1:2f:b4:2e:58:d7:b8:bb:13:89:c5:11:94:61:83:cc:1e:
e7:b1:76:02:b1:43:a3:92:d6:f1:19:4b:3d:83:54:12:08:41:
a1:65:83:82:da:93:0b:76:4e:55:c7:c4:01:de:bb:58:4d:8b:
84:58:33:ca:4e:29:1a:2c:9b:71:00:9e:82:02:d5:2f:0f:51:
5d:7c:dd:03:78:d9:3e:15:80:c8:14:d2:86:27:ad:13:62:10:
00:d6:91:74:48:17:83:26:32:e2:3f:31:d1:c5:04:85:36:27:
7e:db:b5:3b:ea:d9:04:88:d4:55:71:9f:c8:30:8d:7c:9b:9d:
6f:30:16:0c:ce:d0:ea:1a:7d:9f:54:db:ce:ab:6a:4c:7e:a8:
74:2a:22:86:75:85:18:78:93:27:cb:08:90:df:c0:b9:38:a9:
db:0b:51:0a:7a:21:69:33:a6:fc:ba:eb:52:43:50:2c:46:e4:
d1:65:76:48:2a:97:41:15:33:af:be:c3:d5:c8:04:b5:64:ee:
2b:25:ae:74
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+/kG0aXrJCYIDpSOy3/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWMzNDcxMTYyMjU1OTU1ZmRhZjFhYmY2ODE5MDk1Zjc5YjcwOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn2ynLsbf5YRTsDT6LEPr0w1ZBi7
vN2+StrV3/4g1BGDDM/PuCL0eq6eWw++7FskdXM9x23Ku0PwAZS/WMuq0gkwyY37
TjCBmDHWrJyZaZbqHxsQ6R1s3aLrPtUHgTKJeyGuX4Zi8xn2hnaAaKf4iOx0avc7
n3G4Keo/xvJP1YpNyTEUyJKyHh0inzig3INpaG5Bdt6vGkzadygXrRe7JiffeCeQ
G3APZ9/pSBsA2s3DhhkwTJYReUQp0OyJCxzYPtiEMXftkafTyjD1pUU+HTvtZhyH
noYvZrscvOP8c8X0AnWX8N1Lzy9wxh8to/mHrCJPiHhmH2+9a0a3OvswwQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJXDRxFiJVlV/a8av2gZCV95twmaMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvbGNOSEVXSWxXVlg5cnhxX2FCa0pYM20zQ1pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBb+4Dbs0WAFTXs6tTe2kpnI7cRiRdVuLXtGrDC
XIc2ZByWJIfMuPcdcC6voa2cXCQiz9FgeAhtwS+0LljXuLsTicURlGGDzB7nsXYC
sUOjktbxGUs9g1QSCEGhZYOC2pMLdk5Vx8QB3rtYTYuEWDPKTikaLJtxAJ6CAtUv
D1FdfN0DeNk+FYDIFNKGJ60TYhAA1pF0SBeDJjLiPzHRxQSFNid+27U76tkEiNRV
cZ/IMI18m51vMBYMztDqGn2fVNvOq2pMfqh0KiKGdYUYeJMnywiQ38C5OKnbC1EK
eiFpM6b8uutSQ1AsRuTRZXZIKpdBFTOvvsPVyAS1ZO4rJa50
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:46:34 2025 by rpki-client