Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/M9VdnF4uhv3S8ynJo1kTEBW1AUE.roa
File: M9VdnF4uhv3S8ynJo1kTEBW1AUE.roa (raw, json)
Hash identifier: wgWraMBXBDnGqGgz/A6JsNtS6LmlDAkjX4m8FBkaGn8=
Subject key identifier: 33:D5:5D:9C:5E:2E:86:FD:D2:F3:29:C9:A3:59:13:10:15:B5:01:41
Certificate issuer: /CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329
Certificate serial: 01953E31BFE6914DC325617F988766FC302C
Authority key identifier: 23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/M9VdnF4uhv3S8ynJo1kTEBW1AUE.roa
Signing time: Tue 25 Feb 2025 17:40:02 +0000
ROA not before: Tue 25 Feb 2025 17:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30860
IP address blocks: 2001:3480::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:3e:31:bf:e6:91:4d:c3:25:61:7f:98:87:66:fc:30:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329
Validity
Not Before: Feb 25 17:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33d55d9c5e2e86fdd2f329c9a359131015b50141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7e:ad:91:7d:a1:c1:9a:cb:70:55:9c:d2:b9:
35:be:01:fc:7e:8b:98:d0:21:b3:72:d8:08:91:f1:
4e:ea:ed:5d:3c:e1:84:54:2c:8f:09:b1:8a:b5:ef:
9f:3a:02:57:72:eb:f3:75:33:0a:b9:9c:ee:41:df:
59:99:09:17:7c:4e:4f:33:55:72:b4:a6:ae:da:fa:
43:e5:bf:c3:8d:fa:39:bc:f0:bf:27:a8:8e:ea:4a:
49:0b:a4:43:fc:29:4d:89:b0:72:f3:ef:f7:7f:1c:
ce:8e:c4:03:68:c5:c6:35:de:e8:01:42:c0:28:29:
e8:dc:c5:24:d7:ea:7a:69:f9:49:ff:f4:e3:7b:5f:
35:d6:11:cd:31:c1:6e:7e:ba:1c:03:61:0f:bd:dd:
32:7d:ed:7c:e5:d6:d4:f9:d6:c5:8b:72:47:af:f3:
20:a7:da:28:33:59:64:ab:7a:dc:58:54:6d:2e:ae:
be:fe:a5:d2:56:38:f2:31:02:c6:b5:34:99:3e:88:
ac:83:44:aa:3b:28:a4:77:05:01:06:f2:5a:17:9c:
b3:da:89:58:1a:db:2e:30:07:cc:10:a8:bb:5e:70:
57:b3:de:7a:9e:f0:77:f0:2c:1b:a6:0c:6e:a7:9f:
2d:af:19:9e:ff:d1:9d:0d:31:b9:e1:43:cc:5e:2e:
24:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D5:5D:9C:5E:2E:86:FD:D2:F3:29:C9:A3:59:13:10:15:B5:01:41
X509v3 Authority Key Identifier:
keyid:23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/M9VdnF4uhv3S8ynJo1kTEBW1AUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3480::/29
Signature Algorithm: sha256WithRSAEncryption
45:3a:2a:f9:3f:ab:72:f8:e3:8d:e9:c5:b2:02:6b:02:39:bc:
90:34:9b:a9:26:d2:18:a8:b8:b0:d5:d7:52:4a:da:f4:58:03:
b7:1a:73:ed:90:0f:e3:5f:fc:1f:26:99:90:44:a4:68:cd:e1:
99:b4:9a:63:1c:13:c7:91:c6:9c:3d:22:29:7d:83:32:11:53:
e3:bb:62:18:13:f4:49:c4:c2:ae:ac:6e:b6:34:6d:7e:25:ba:
62:0b:38:95:e7:66:c0:88:60:a6:cc:5c:4b:b6:85:60:13:67:
b7:9a:bb:35:09:b0:88:e7:ae:99:20:58:bf:06:56:71:aa:00:
58:93:d7:6c:92:c2:67:8e:7c:fc:89:6a:a2:ea:86:65:86:4a:
64:5a:14:6c:86:ab:c8:07:9f:8a:62:55:7c:7b:7e:24:27:b9:
b2:e2:4e:8a:34:73:fc:97:ac:d0:db:92:fd:e9:e8:9c:1e:e5:
ce:c6:bc:10:0c:b9:d0:3e:b0:61:9c:03:d1:36:0d:4f:f9:a6:
5f:a0:f9:79:15:aa:72:3e:64:a8:e2:e2:d0:6c:d2:de:09:96:
9f:15:96:2d:2e:15:24:65:da:34:02:a4:f3:be:22:d4:1e:fa:
20:46:42:b0:73:3e:81:29:7f:29:f0:54:bc:f1:ed:cf:00:81:
ca:c6:46:99
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZU+Mb/mkU3DJWF/mIdm/DAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzI5Y2IzYWJlNGU5NDBjZmM2MmEyMGUyYTZlMmMyOGZj
MjgzMjkwHhcNMjUwMjI1MTc0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Q1NWQ5YzVlMmU4NmZkZDJmMzI5YzlhMzU5MTMxMDE1YjUwMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn6tkX2hwZrLcFWc0rk1vgH8fouY
0CGzctgIkfFO6u1dPOGEVCyPCbGKte+fOgJXcuvzdTMKuZzuQd9ZmQkXfE5PM1Vy
tKau2vpD5b/Djfo5vPC/J6iO6kpJC6RD/ClNibBy8+/3fxzOjsQDaMXGNd7oAULA
KCno3MUk1+p6aflJ//Tje1811hHNMcFufrocA2EPvd0yfe185dbU+dbFi3JHr/Mg
p9ooM1lkq3rcWFRtLq6+/qXSVjjyMQLGtTSZPoisg0SqOyikdwUBBvJaF5yz2olY
GtsuMAfMEKi7XnBXs956nvB38Cwbpgxup58trxme/9GdDTG54UPMXi4kqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDPVXZxeLob90vMpyaNZExAVtQFBMB8GA1UdIwQY
MBaAFCMynLOr5OlAz8YqIOKm4sKPwoMpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTIt
NTE4ZjJjOGY4NDZiLzEvTTlWZG5GNHVodjNTOHluSm8xa1RFQlcxQVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTItNTE4ZjJjOGY4NDZi
LzEvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAE0gDAN
BgkqhkiG9w0BAQsFAAOCAQEARToq+T+rcvjjjenFsgJrAjm8kDSbqSbSGKi4sNXX
Ukra9FgDtxpz7ZAP41/8HyaZkESkaM3hmbSaYxwTx5HGnD0iKX2DMhFT47tiGBP0
ScTCrqxutjRtfiW6Ygs4ledmwIhgpsxcS7aFYBNnt5q7NQmwiOeumSBYvwZWcaoA
WJPXbJLCZ458/IlqouqGZYZKZFoUbIaryAefimJVfHt+JCe5suJOijRz/Jes0NuS
/enonB7lzsa8EAy50D6wYZwD0TYNT/mmX6D5eRWqcj5kqOLi0GzS3gmWnxWWLS4V
JGXaNAKk874i1B76IEZCsHM+gSl/KfBUvPHtzwCBysZGmQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:17:47 2025 by rpki-client