Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nMg9bnTZ3akCtx0wZaJJ7MAL4xE.roa
File: nMg9bnTZ3akCtx0wZaJJ7MAL4xE.roa (raw, json)
Hash identifier: /rrT9IVZ3yuaW8eLdLawHz/TjtYbcoLFx+WUZGgnLvA=
Subject key identifier: 9C:C8:3D:6E:74:D9:DD:A9:02:B7:1D:30:65:A2:49:EC:C0:0B:E3:11
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824ADDAD62D5A18CF470580034602F4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nMg9bnTZ3akCtx0wZaJJ7MAL4xE.roa
Signing time: Thu 02 Jan 2025 17:51:19 +0000
ROA not before: Thu 02 Jan 2025 17:51:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203559
IP address blocks: 2a00:1728:9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:ad:da:d6:2d:5a:18:cf:47:05:80:03:46:02:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cc83d6e74d9dda902b71d3065a249ecc00be311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:bc:53:f8:ee:5c:3e:07:89:ea:28:2e:41:
91:8b:6e:66:a2:c7:59:f1:c0:a4:2c:74:e0:18:41:
45:82:89:0d:df:bb:b8:0f:d9:dd:cc:3f:ae:a1:1e:
c0:c1:16:73:22:f2:f8:eb:35:64:2d:11:25:40:66:
e9:3f:d3:75:f9:7a:83:fe:a9:f9:64:3c:cc:65:ab:
9b:23:bc:f6:14:09:a0:f1:c0:32:eb:d5:4c:3a:0c:
a0:b2:1e:f5:df:d5:64:ae:38:b0:59:e2:53:61:b3:
3a:14:d9:5c:d9:ee:40:a0:01:86:bc:35:73:19:f0:
f5:92:6b:63:3e:d5:e6:94:88:35:90:4a:55:94:79:
89:93:35:95:3f:4a:49:c7:08:1f:a3:c3:92:f1:6d:
09:83:3d:ea:cb:f9:a6:b5:c6:c1:2b:48:73:16:1a:
57:79:07:70:c8:9e:40:01:de:ba:06:90:97:f8:9e:
b4:5e:47:ba:a6:41:1c:6a:8a:be:86:20:7e:ab:b1:
16:83:7a:1e:06:22:53:ea:c2:0e:ac:0f:98:14:ff:
f1:bb:3d:d1:9f:50:31:da:f7:d4:47:60:c4:30:7b:
23:a2:ce:8f:70:c2:21:bf:8d:c8:c4:4e:f9:91:7d:
23:6c:0f:10:bd:a3:7b:61:fe:4f:5c:2e:2f:71:c1:
c5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C8:3D:6E:74:D9:DD:A9:02:B7:1D:30:65:A2:49:EC:C0:0B:E3:11
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nMg9bnTZ3akCtx0wZaJJ7MAL4xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1728:9::/48
Signature Algorithm: sha256WithRSAEncryption
01:93:bf:07:01:7b:1b:02:c5:1c:89:08:6f:53:43:65:1a:18:
4f:10:13:8e:b5:c1:d8:a5:0c:07:d6:1c:a4:3a:49:3e:d1:e0:
10:e6:6d:8b:39:74:0e:dc:f4:97:87:0a:ea:61:a9:94:91:3a:
28:94:1e:aa:d6:e9:ac:7e:a4:a5:22:2b:2e:df:33:76:8d:35:
a9:9e:7f:2a:ca:19:73:e7:39:4d:0c:e4:a3:d4:79:b1:e3:64:
57:36:7a:49:4e:bf:56:b2:0a:8d:41:70:53:80:b6:1c:e8:21:
fc:64:f9:6b:c4:db:6e:26:14:ab:cb:c2:10:0a:53:6b:87:7b:
ec:a8:eb:79:eb:b2:9d:22:f6:e5:9d:95:f6:dc:5a:b1:77:8e:
27:69:c4:b3:63:5f:77:8a:55:9c:57:38:8f:40:5b:62:5f:9a:
46:32:7b:6d:bb:59:ef:ab:29:d4:84:9f:04:dc:f3:92:d7:7b:
10:e0:ed:2f:fe:3b:da:14:fd:ad:8d:dd:f8:35:67:37:0d:cb:
2b:ce:c1:28:ff:4d:4d:45:84:07:36:1d:c9:00:39:fe:4f:0f:
7f:7e:68:b1:4a:ca:7e:1b:5c:f7:0a:c6:5f:a4:ce:d2:9e:76:
4a:d9:fc:df:38:bd:0f:5b:fb:96:d3:03:82:8f:88:d6:49:81:
a9:85:b3:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJK3a1i1aGM9HBYADRgL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M4M2Q2ZTc0ZDlkZGE5MDJiNzFkMzA2NWEyNDllY2MwMGJlMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPK8U/juXD4HieooLkGRi25mosdZ
8cCkLHTgGEFFgokN37u4D9ndzD+uoR7AwRZzIvL46zVkLRElQGbpP9N1+XqD/qn5
ZDzMZaubI7z2FAmg8cAy69VMOgygsh7139VkrjiwWeJTYbM6FNlc2e5AoAGGvDVz
GfD1kmtjPtXmlIg1kEpVlHmJkzWVP0pJxwgfo8OS8W0Jgz3qy/mmtcbBK0hzFhpX
eQdwyJ5AAd66BpCX+J60Xke6pkEcaoq+hiB+q7EWg3oeBiJT6sIOrA+YFP/xuz3R
n1Ax2vfUR2DEMHsjos6PcMIhv43IxE75kX0jbA8QvaN7Yf5PXC4vccHF6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJzIPW502d2pArcdMGWiSezAC+MRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbk1nOWJuVFozYWtDdHgwd1phSko3TUFMNHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAXKAAJ
MA0GCSqGSIb3DQEBCwUAA4IBAQABk78HAXsbAsUciQhvU0NlGhhPEBOOtcHYpQwH
1hykOkk+0eAQ5m2LOXQO3PSXhwrqYamUkToolB6q1umsfqSlIisu3zN2jTWpnn8q
yhlz5zlNDOSj1Hmx42RXNnpJTr9WsgqNQXBTgLYc6CH8ZPlrxNtuJhSry8IQClNr
h3vsqOt567KdIvblnZX23Fqxd44nacSzY193ilWcVziPQFtiX5pGMnttu1nvqynU
hJ8E3POS13sQ4O0v/jvaFP2tjd34NWc3DcsrzsEo/01NRYQHNh3JADn+Tw9/fmix
Ssp+G1z3CsZfpM7SnnZK2fzfOL0PW/uW0wOCj4jWSYGphbPz
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:10 2025 by rpki-client