Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/f9P9TOtw3B1yLwWd-zzgWOHgFyo.roa
File: f9P9TOtw3B1yLwWd-zzgWOHgFyo.roa (raw, json)
Hash identifier: eY72IEUw47OrnHrbzBE3H8Hn9IWCmc+eDQ3PnvNlgzc=
Subject key identifier: 7F:D3:FD:4C:EB:70:DC:1D:72:2F:05:9D:FB:3C:E0:58:E1:E0:17:2A
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 01942521E092B2308EE0E7B4AEDB0ABFDA81
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/f9P9TOtw3B1yLwWd-zzgWOHgFyo.roa
Signing time: Thu 02 Jan 2025 03:49:24 +0000
ROA not before: Thu 02 Jan 2025 03:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201217
IP address blocks: 2a0a:280:1700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:e0:92:b2:30:8e:e0:e7:b4:ae:db:0a:bf:da:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Jan 2 03:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fd3fd4ceb70dc1d722f059dfb3ce058e1e0172a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:76:5b:3a:6e:3f:34:37:c5:56:f7:a6:41:6d:
18:28:49:53:8f:c9:8e:e9:34:6b:bc:a1:d6:d6:fe:
18:82:a3:d4:6c:ae:d2:90:65:f7:29:8b:3b:d7:54:
cb:2a:97:2e:3d:a3:d3:5e:16:7f:92:0c:8c:40:33:
a2:71:49:ec:d6:20:22:09:a5:9d:f9:c1:b9:48:40:
a6:5a:ac:e5:cb:3b:a6:80:b5:7d:e1:56:42:1b:ee:
e2:0c:45:1f:20:90:32:b1:94:c1:d5:77:67:1a:00:
9c:da:8d:9a:04:1d:af:71:77:22:c8:cb:90:96:4d:
32:e2:35:c8:6e:55:47:49:47:51:3b:31:25:c9:91:
37:f3:b7:1a:9b:a9:9f:9b:69:b4:a7:21:13:4a:59:
99:9b:76:d4:c1:5f:15:30:82:c2:d4:f7:3e:dc:9c:
86:fc:04:b4:fd:c7:0d:8c:96:80:6a:bc:45:65:ad:
77:7c:cf:c2:7c:47:a0:05:af:02:9e:bf:b6:3e:3c:
e4:e5:51:3e:2c:aa:86:61:8a:7f:29:a5:e0:2f:25:
4a:de:25:93:55:98:17:e8:e0:f2:af:d8:e2:9e:b1:
27:c4:a5:9c:d5:fb:72:e0:6b:b9:fc:d3:c9:d0:6a:
15:e8:45:1c:a8:bf:65:f0:9b:31:f4:ce:fd:1a:94:
64:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D3:FD:4C:EB:70:DC:1D:72:2F:05:9D:FB:3C:E0:58:E1:E0:17:2A
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/f9P9TOtw3B1yLwWd-zzgWOHgFyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:280:1700::/40
Signature Algorithm: sha256WithRSAEncryption
53:14:9f:1a:07:a0:15:99:6b:67:0f:32:64:c9:51:b7:22:60:
b1:1f:2e:f6:36:c7:d3:cf:81:bc:c4:e5:e0:6b:c8:4f:1c:69:
72:47:b5:50:16:f8:24:76:86:10:c1:cc:8e:b0:3d:4b:75:27:
9c:f1:23:46:92:41:b0:c9:37:f5:b6:3d:fb:eb:f6:13:ec:e2:
a3:4b:0e:3a:72:0f:99:0b:7d:bc:28:2e:4c:d4:92:7d:60:a2:
32:5f:64:83:6b:49:21:af:66:58:d6:01:e0:78:0c:f9:ab:a5:
99:7d:d3:81:0c:06:d1:d7:86:8e:e2:7d:6d:1c:18:43:bc:e5:
f4:93:06:2b:d3:d5:1b:46:e2:dd:66:8d:2a:1c:f2:bc:8f:94:
6e:2a:ba:f2:52:e9:60:6a:7b:10:e9:e4:fb:12:40:f7:10:5d:
c8:45:8e:dd:e9:73:f0:a2:1a:42:d2:d8:4c:9a:ce:03:1c:41:
92:ae:22:9e:f4:75:54:3e:36:2c:a5:ef:30:a8:d8:b9:ef:a6:
85:3e:06:af:0e:52:4a:8a:cc:26:59:4e:e9:40:db:79:8e:40:
21:31:0d:b2:36:83:eb:f4:c7:71:2e:87:e0:e4:2b:50:f5:16:
31:cb:48:0c:dd:79:8b:97:74:c6:c6:3e:2e:ca:f7:6b:43:b1:
0f:7a:72:44
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIeCSsjCO4Oe0rtsKv9qBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjUwMTAyMDM0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQzZmQ0Y2ViNzBkYzFkNzIyZjA1OWRmYjNjZTA1OGUxZTAxNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03ZbOm4/NDfFVvemQW0YKElTj8mO
6TRrvKHW1v4YgqPUbK7SkGX3KYs711TLKpcuPaPTXhZ/kgyMQDOicUns1iAiCaWd
+cG5SECmWqzlyzumgLV94VZCG+7iDEUfIJAysZTB1XdnGgCc2o2aBB2vcXciyMuQ
lk0y4jXIblVHSUdROzElyZE387cam6mfm2m0pyETSlmZm3bUwV8VMILC1Pc+3JyG
/AS0/ccNjJaAarxFZa13fM/CfEegBa8Cnr+2Pjzk5VE+LKqGYYp/KaXgLyVK3iWT
VZgX6ODyr9jinrEnxKWc1fty4Gu5/NPJ0GoV6EUcqL9l8Jsx9M79GpRkjwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFH/T/UzrcNwdci8Fnfs84Fjh4BcqMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvZjlQOVRPdHczQjF5THdXZC16emdXT0hnRnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgoCgBcw
DQYJKoZIhvcNAQELBQADggEBAFMUnxoHoBWZa2cPMmTJUbciYLEfLvY2x9PPgbzE
5eBryE8caXJHtVAW+CR2hhDBzI6wPUt1J5zxI0aSQbDJN/W2Pfvr9hPs4qNLDjpy
D5kLfbwoLkzUkn1gojJfZINrSSGvZljWAeB4DPmrpZl904EMBtHXho7ifW0cGEO8
5fSTBivT1RtG4t1mjSoc8ryPlG4quvJS6WBqexDp5PsSQPcQXchFjt3pc/CiGkLS
2EyazgMcQZKuIp70dVQ+Niyl7zCo2LnvpoU+Bq8OUkqKzCZZTulA23mOQCExDbI2
g+v0x3Euh+DkK1D1FjHLSAzdeYuXdMbGPi7K92tDsQ96ckQ=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:40 2025 by rpki-client