Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/pG8b1f2b8YbY_swa6HN1L83L9OQ.roa
File: pG8b1f2b8YbY_swa6HN1L83L9OQ.roa (raw, json)
Hash identifier: 2gvS40Txx7hqMXQPbveKpHXAyL6seRU738CYb2Hmu8U=
Subject key identifier: A4:6F:1B:D5:FD:9B:F1:86:D8:FE:CC:1A:E8:73:75:2F:CD:CB:F4:E4
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBE82FB214454B24BE040275957B27
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/pG8b1f2b8YbY_swa6HN1L83L9OQ.roa
Signing time: Wed 01 Jan 2025 17:48:41 +0000
ROA not before: Wed 01 Jan 2025 17:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212704
IP address blocks: 2a0c:9a40:8070::/44 maxlen: 44
2a0c:9a40:8070::/48 maxlen: 48
2a0c:9a40:8078::/45 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:e8:2f:b2:14:45:4b:24:be:04:02:75:95:7b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a46f1bd5fd9bf186d8fecc1ae873752fcdcbf4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:c7:4f:1c:9b:5f:6d:f5:57:cc:2e:12:98:
2c:02:2a:0c:ca:fa:9c:1e:aa:30:14:94:03:14:41:
19:ad:25:c6:33:9d:60:d9:f4:bd:3c:5a:34:6d:80:
42:42:38:a1:89:eb:0f:86:64:b5:f0:5f:23:1c:85:
6b:df:60:11:a1:a4:84:90:06:7b:34:bd:a6:95:73:
a9:50:92:4f:69:e1:e0:5f:39:27:26:32:25:04:c4:
a3:a5:41:16:4e:5a:b9:2a:5f:b4:e5:c1:7b:70:31:
5b:6b:3d:5e:42:a1:b4:70:16:64:90:3b:eb:05:4b:
7d:25:90:27:cf:98:a6:d6:50:5e:d0:6a:c9:5b:85:
b1:bf:ae:04:09:ae:80:52:bf:5d:0b:f3:7d:f5:b0:
c9:b9:0a:5c:35:a1:03:5c:3e:52:1c:58:08:b8:95:
68:af:68:85:a9:4b:dd:3e:ed:46:2d:d7:ef:c3:22:
5c:dd:51:a3:47:cb:83:f1:55:f2:34:3f:5f:54:96:
ab:89:8c:d8:15:31:fd:64:0d:e5:b5:b4:98:c1:94:
47:cd:42:1a:7c:3f:cf:f5:d3:d5:d8:b2:4f:96:e1:
ed:ff:ea:bb:10:a9:46:f8:b2:74:8f:89:b1:f9:95:
d3:40:c3:36:b8:24:83:e9:c6:b3:51:f6:4a:f4:ed:
af:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6F:1B:D5:FD:9B:F1:86:D8:FE:CC:1A:E8:73:75:2F:CD:CB:F4:E4
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/pG8b1f2b8YbY_swa6HN1L83L9OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8070::/44
Signature Algorithm: sha256WithRSAEncryption
66:8b:5c:15:e3:4b:0d:44:c4:2c:ad:aa:cf:c8:eb:48:e2:b3:
f7:75:37:1d:d1:54:96:c3:6b:c4:6c:6e:8b:73:2f:06:57:ae:
ea:5b:0b:11:37:e0:8f:bd:cf:a3:2c:13:e4:ca:6d:83:74:4d:
1b:bf:bd:b7:21:54:ca:b9:f8:5b:5d:c9:d7:d7:e4:d5:58:f8:
33:af:c5:2e:c3:6b:93:bb:35:8e:a3:62:d0:58:8f:a3:9c:39:
44:47:bb:bc:65:f5:b1:3a:31:ab:87:82:9e:db:80:a3:4a:67:
57:c0:d2:d7:32:95:01:da:ec:34:13:a1:df:05:a9:7a:77:08:
0e:3b:25:db:73:7f:2f:b8:c0:51:c2:8f:6c:cf:b8:85:45:52:
7e:11:78:0c:75:04:36:df:b3:56:e2:5a:bd:44:3b:62:fb:7c:
0e:df:9b:8f:c5:e9:07:1f:0e:e5:bf:53:2c:03:82:8d:38:0a:
cc:33:7e:74:d4:dc:b5:cc:67:f9:bb:b5:14:e0:5d:3c:44:0e:
12:86:65:f9:b8:af:73:68:f3:c0:a2:86:a4:7e:0a:d7:b5:75:
35:b6:3a:06:32:53:18:bb:f1:96:ed:1e:ab:ea:22:91:d6:58:
73:8f:63:88:9f:d0:bc:1b:6b:64:3a:34:69:ae:fc:ac:64:34:
71:08:19:05
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi++gvshRFSyS+BAJ1lXsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZmMWJkNWZkOWJmMTg2ZDhmZWNjMWFlODczNzUyZmNkY2JmNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0LHTxybX231V8wuEpgsAioMyvqc
HqowFJQDFEEZrSXGM51g2fS9PFo0bYBCQjihiesPhmS18F8jHIVr32ARoaSEkAZ7
NL2mlXOpUJJPaeHgXzknJjIlBMSjpUEWTlq5Kl+05cF7cDFbaz1eQqG0cBZkkDvr
BUt9JZAnz5im1lBe0GrJW4Wxv64ECa6AUr9dC/N99bDJuQpcNaEDXD5SHFgIuJVo
r2iFqUvdPu1GLdfvwyJc3VGjR8uD8VXyND9fVJariYzYFTH9ZA3ltbSYwZRHzUIa
fD/P9dPV2LJPluHt/+q7EKlG+LJ0j4mx+ZXTQMM2uCSD6cazUfZK9O2vgQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKRvG9X9m/GG2P7MGuhzdS/Ny/TkMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvcEc4YjFmMmI4WWJZX3N3YTZITjFMODNMOU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIBw
MA0GCSqGSIb3DQEBCwUAA4IBAQBmi1wV40sNRMQsrarPyOtI4rP3dTcd0VSWw2vE
bG6Lcy8GV67qWwsRN+CPvc+jLBPkym2DdE0bv723IVTKufhbXcnX1+TVWPgzr8Uu
w2uTuzWOo2LQWI+jnDlER7u8ZfWxOjGrh4Ke24CjSmdXwNLXMpUB2uw0E6HfBal6
dwgOOyXbc38vuMBRwo9sz7iFRVJ+EXgMdQQ237NW4lq9RDti+3wO35uPxekHHw7l
v1MsA4KNOArMM3501Ny1zGf5u7UU4F08RA4ShmX5uK9zaPPAooakfgrXtXU1tjoG
MlMYu/GW7R6r6iKR1lhzj2OIn9C8G2tkOjRprvysZDRxCBkF
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:13:06 2025 by rpki-client