Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/xb9c4jSuEWxRwpZkCPiPwqQ3lG0.roa
File: xb9c4jSuEWxRwpZkCPiPwqQ3lG0.roa (raw, json)
Hash identifier: wN0/6o5SdguhXGlJzEF+0tJvKsR8RG44fDOJnjaqLn4=
Subject key identifier: C5:BF:5C:E2:34:AE:11:6C:51:C2:96:64:08:F8:8F:C2:A4:37:94:6D
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBC1AF35B7A91D7DA0B23053D87D80
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/xb9c4jSuEWxRwpZkCPiPwqQ3lG0.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32167
IP address blocks: 2a0c:9a40:9d00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:c1:af:35:b7:a9:1d:7d:a0:b2:30:53:d8:7d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5bf5ce234ae116c51c2966408f88fc2a437946d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:23:76:4f:73:8d:df:f9:01:39:22:e5:68:e9:
9f:30:81:ca:1f:f3:a0:34:1a:7b:53:f7:25:c5:11:
20:bd:6f:bc:07:32:a7:0c:f3:2e:15:ad:c3:5e:67:
e3:23:16:30:3c:3b:36:8e:8d:45:e8:62:9f:7c:5d:
59:d7:5e:13:01:a6:c8:50:2f:f8:5f:51:41:e8:3e:
45:ef:3e:53:91:db:2e:30:84:2c:dd:50:08:69:c0:
30:cd:74:fe:f4:2a:b8:7c:79:0b:8c:58:c6:05:47:
91:88:98:ae:22:ed:1b:c3:6d:d7:8a:47:08:bc:69:
ae:9a:0e:b9:45:cd:71:55:ce:0d:ec:e2:bf:a8:d8:
b5:f0:52:c9:73:9e:fc:ad:49:1c:60:42:42:6e:a5:
92:5a:09:4d:89:6f:36:18:51:75:47:b1:38:86:ca:
db:ec:11:e3:7e:fd:48:e0:d1:69:2b:73:55:d9:36:
83:ad:8c:e0:41:41:60:87:a2:91:bb:56:79:2b:8b:
a7:88:6b:d3:46:e7:14:52:b0:b1:ec:1e:87:91:51:
62:88:d8:c0:ed:27:f9:fd:1d:88:5c:da:21:7c:3c:
f1:65:be:90:9c:18:ed:c2:30:a8:b4:1e:fd:c3:c5:
4e:9c:2b:c2:c2:d6:e3:0f:f6:da:54:35:88:1e:9b:
70:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BF:5C:E2:34:AE:11:6C:51:C2:96:64:08:F8:8F:C2:A4:37:94:6D
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/xb9c4jSuEWxRwpZkCPiPwqQ3lG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:9d00::/40
Signature Algorithm: sha256WithRSAEncryption
50:17:97:a1:61:f5:cb:c2:10:c3:eb:2b:80:af:de:f7:0d:a2:
26:12:b9:ca:80:58:57:8a:dd:47:82:5f:c9:46:5b:ba:a8:ea:
2d:1c:02:91:59:33:17:78:9f:cf:87:4f:ff:26:3f:97:be:c9:
4e:e0:6e:1a:f3:89:47:63:e1:5c:eb:40:9f:01:a5:e3:9b:7e:
a1:15:1d:58:3c:c5:82:3a:c2:bd:78:8f:8e:a3:9b:14:5a:7a:
a6:05:81:7b:27:57:4c:59:2f:7b:7b:82:a1:bb:d5:7e:19:06:
e5:a4:c0:cb:ab:52:3d:13:c5:b5:e0:1b:47:c0:15:70:95:29:
56:ed:9b:58:8f:c5:55:46:fb:01:31:76:43:f0:78:34:8f:07:
f1:6c:57:3d:fa:3f:27:be:0c:db:99:b7:ec:00:fb:e8:26:0b:
b8:c5:ac:d4:f2:15:d8:a9:9a:1d:4d:4a:7d:68:c9:06:23:93:
bc:75:e5:74:b8:fa:37:38:f2:e6:a6:5e:0d:d4:e0:41:43:3e:
76:4d:47:27:e1:c3:c6:19:93:83:62:03:50:b3:76:27:fc:fb:
f5:0e:7c:3a:60:74:e9:d2:1b:a2:f5:62:cd:1a:6e:d1:72:de:
ac:12:85:9d:ec:57:2c:51:21:b6:9f:0c:ff:55:d5:70:e3:76:
54:69:b5:ea
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQi+8GvNbepHX2gsjBT2H2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWJmNWNlMjM0YWUxMTZjNTFjMjk2NjQwOGY4OGZjMmE0Mzc5NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSN2T3ON3/kBOSLlaOmfMIHKH/Og
NBp7U/clxREgvW+8BzKnDPMuFa3DXmfjIxYwPDs2jo1F6GKffF1Z114TAabIUC/4
X1FB6D5F7z5TkdsuMIQs3VAIacAwzXT+9Cq4fHkLjFjGBUeRiJiuIu0bw23XikcI
vGmumg65Rc1xVc4N7OK/qNi18FLJc578rUkcYEJCbqWSWglNiW82GFF1R7E4hsrb
7BHjfv1I4NFpK3NV2TaDrYzgQUFgh6KRu1Z5K4uniGvTRucUUrCx7B6HkVFiiNjA
7Sf5/R2IXNohfDzxZb6QnBjtwjCotB79w8VOnCvCwtbjD/baVDWIHptwGQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMW/XOI0rhFsUcKWZAj4j8KkN5RtMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEveGI5YzRqU3VFV3hSd3Baa0NQaVB3cVEzbEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQJ0w
DQYJKoZIhvcNAQELBQADggEBAFAXl6Fh9cvCEMPrK4Cv3vcNoiYSucqAWFeK3UeC
X8lGW7qo6i0cApFZMxd4n8+HT/8mP5e+yU7gbhrziUdj4VzrQJ8BpeObfqEVHVg8
xYI6wr14j46jmxRaeqYFgXsnV0xZL3t7gqG71X4ZBuWkwMurUj0TxbXgG0fAFXCV
KVbtm1iPxVVG+wExdkPweDSPB/FsVz36Pye+DNuZt+wA++gmC7jFrNTyFdipmh1N
Sn1oyQYjk7x15XS4+jc48uamXg3U4EFDPnZNRyfhw8YZk4NiA1Czdif8+/UOfDpg
dOnSG6L1Ys0abtFy3qwShZ3sVyxRIbafDP9V1XDjdlRpteo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:40:06 2025 by rpki-client