Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NwTJLgWLnMQ9EeqpznhmvvPQgvM.roa
File: NwTJLgWLnMQ9EeqpznhmvvPQgvM.roa (raw, json)
Hash identifier: ViH5oqEBI9vRU6MTGLiUbaYIP8vxiKBaD+q325XXZOE=
Subject key identifier: 37:04:C9:2E:05:8B:9C:C4:3D:11:EA:A9:CE:78:66:BE:F3:D0:82:F3
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C5E38D61EB2F68FD7A5D76DCB086E
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NwTJLgWLnMQ9EeqpznhmvvPQgvM.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41843
IP address blocks: 2a02:2698:5400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5e:38:d6:1e:b2:f6:8f:d7:a5:d7:6d:cb:08:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3704c92e058b9cc43d11eaa9ce7866bef3d082f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:14:9c:1e:a8:b8:21:a1:79:7b:b8:d0:90:c0:
1b:04:8e:a1:b6:db:f7:d2:fc:0a:9e:1d:73:c1:83:
f5:d9:32:bc:ac:eb:c7:c5:b2:4d:0e:a0:e8:ff:ec:
6d:b8:71:b0:46:83:70:7d:2e:ed:8b:12:1d:65:26:
05:f3:3f:d1:81:ac:e2:d8:7b:0e:21:54:f4:b4:a9:
25:f4:d7:46:a3:53:42:14:e3:5d:80:49:27:d7:1d:
f0:34:84:e6:0c:5f:e7:e5:46:7b:05:71:6b:e4:f0:
1c:b9:96:45:ce:c4:f9:94:37:5d:d7:9a:a5:a9:90:
e9:84:21:b9:2a:d4:84:80:c5:bb:ea:8d:66:9f:79:
17:74:d9:52:e1:f4:ba:0b:89:f1:74:b4:d2:9f:08:
d3:04:42:2b:e9:5a:ff:b3:f7:a9:5e:f5:1f:9c:52:
4e:80:4a:a8:1a:d6:44:02:ab:19:3a:a8:b6:41:e5:
39:b1:e2:b4:91:45:b6:be:04:b5:69:a6:42:e3:7d:
3b:58:37:f5:c0:e5:64:12:c7:03:93:0b:55:88:7a:
d7:51:90:a4:fb:b3:9a:2b:5f:60:c6:aa:ea:00:5b:
70:26:c1:30:b3:ad:a6:5e:f8:2b:b6:11:85:f2:60:
54:de:6b:fa:58:63:13:3c:1e:e7:05:b6:a6:29:6c:
eb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:04:C9:2E:05:8B:9C:C4:3D:11:EA:A9:CE:78:66:BE:F3:D0:82:F3
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/NwTJLgWLnMQ9EeqpznhmvvPQgvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:2698:5400::/38
Signature Algorithm: sha256WithRSAEncryption
4b:fc:f4:a4:b3:63:b2:a6:b2:72:b0:17:69:18:ff:69:2f:ce:
5a:10:f3:8d:6b:f9:ee:63:5a:dd:2e:d0:f1:7e:a0:d9:eb:98:
ea:af:75:04:e1:79:36:dc:2c:1e:a6:b5:0d:c8:f6:85:f2:f5:
5e:a9:f2:3f:61:d5:a2:1a:c8:3b:83:64:34:c7:73:39:a5:6f:
38:23:c2:1a:b8:15:f2:f3:27:66:05:07:30:21:d0:e2:86:c9:
93:0a:a2:03:db:58:30:3a:d7:59:7c:58:77:44:26:78:c6:11:
a5:12:c3:1e:eb:de:50:40:8c:11:54:48:62:c9:47:a6:dc:64:
1d:56:cd:a3:8a:a7:83:03:63:3e:15:ee:50:a3:3e:94:4d:b5:
c3:9d:3f:1b:b3:bb:4a:67:11:4d:ca:d3:24:eb:ef:38:aa:ac:
dd:f1:6b:bd:38:e0:a1:47:f1:2a:0f:d3:01:eb:b8:22:f0:ba:
0c:6c:31:87:bf:19:40:02:da:b8:54:10:b7:80:5f:12:0c:d4:
43:2c:de:86:cd:dc:ca:b8:a7:8e:01:cb:20:ab:c9:38:9d:73:
90:42:87:81:5c:18:35:32:7f:b9:f6:f4:1d:b6:9f:9d:dc:cc:
c9:64:a0:9b:67:f3:21:b5:16:0d:28:90:db:0a:cf:93:75:60:
dc:e2:9a:92
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjF441h6y9o/XpddtywhuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzA0YzkyZTA1OGI5Y2M0M2QxMWVhYTljZTc4NjZiZWYzZDA4MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xScHqi4IaF5e7jQkMAbBI6httv3
0vwKnh1zwYP12TK8rOvHxbJNDqDo/+xtuHGwRoNwfS7tixIdZSYF8z/Rgazi2HsO
IVT0tKkl9NdGo1NCFONdgEkn1x3wNITmDF/n5UZ7BXFr5PAcuZZFzsT5lDdd15ql
qZDphCG5KtSEgMW76o1mn3kXdNlS4fS6C4nxdLTSnwjTBEIr6Vr/s/epXvUfnFJO
gEqoGtZEAqsZOqi2QeU5seK0kUW2vgS1aaZC4307WDf1wOVkEscDkwtViHrXUZCk
+7OaK19gxqrqAFtwJsEws62mXvgrthGF8mBU3mv6WGMTPB7nBbamKWzr5wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDcEyS4Fi5zEPRHqqc54Zr7z0ILzMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvTndUSkxnV0xuTVE5RWVxcHpuaG12dlBRZ3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmFQw
DQYJKoZIhvcNAQELBQADggEBAEv89KSzY7KmsnKwF2kY/2kvzloQ841r+e5jWt0u
0PF+oNnrmOqvdQTheTbcLB6mtQ3I9oXy9V6p8j9h1aIayDuDZDTHczmlbzgjwhq4
FfLzJ2YFBzAh0OKGyZMKogPbWDA611l8WHdEJnjGEaUSwx7r3lBAjBFUSGLJR6bc
ZB1WzaOKp4MDYz4V7lCjPpRNtcOdPxuzu0pnEU3K0yTr7ziqrN3xa7044KFH8SoP
0wHruCLwugxsMYe/GUAC2rhUELeAXxIM1EMs3obN3Mq4p44ByyCryTidc5BCh4Fc
GDUyf7n29B22n53czMlkoJtn8yG1Fg0okNsKz5N1YNzimpI=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:44 2025 by rpki-client