Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/n9MEmXS_R4fGiLoldEt5OGXUlns.roa
File: n9MEmXS_R4fGiLoldEt5OGXUlns.roa (raw, json)
Hash identifier: S8M+SrtmbFRJJDUuda18nQZ3Erb2PSkKmigy7qZrfyY=
Subject key identifier: 9F:D3:04:99:74:BF:47:87:C6:88:BA:25:74:4B:79:38:65:D4:96:7B
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 01941FFAAADC3AED943D4E5F7A7628B1E602
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/n9MEmXS_R4fGiLoldEt5OGXUlns.roa
Signing time: Wed 01 Jan 2025 03:48:28 +0000
ROA not before: Wed 01 Jan 2025 03:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213748
IP address blocks: 2a0c:b641:20::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:aa:dc:3a:ed:94:3d:4e:5f:7a:76:28:b1:e6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 03:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fd3049974bf4787c688ba25744b793865d4967b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:fa:cf:c1:d7:5e:7d:02:dd:c0:d4:ba:2e:91:
cf:70:c6:82:15:53:f6:03:e5:0d:86:8e:1f:f6:c5:
5d:aa:4d:de:5e:b8:b6:b9:79:e1:38:eb:d5:f1:38:
86:55:f6:a5:d7:ee:9b:34:cc:29:95:f4:40:c9:d2:
88:e2:a2:a4:68:6c:91:49:f7:15:ee:cb:f9:d8:f1:
49:cb:d4:b1:30:bc:3f:ec:76:e3:86:78:50:bf:06:
f8:c7:05:23:90:35:ed:20:bc:65:33:52:2e:36:3c:
e2:8b:90:16:4e:e6:00:31:b9:a9:d0:93:0d:57:f5:
8b:67:fe:ac:9f:42:69:d7:0a:86:3c:78:71:94:18:
df:54:f0:cd:b9:65:95:80:25:90:85:63:72:99:c0:
f2:63:44:ac:d0:61:16:71:79:17:1a:fa:6a:2b:1b:
b4:52:79:44:9b:11:52:57:5c:4d:94:54:66:6d:b5:
5b:87:ad:dc:e6:30:2e:c0:99:1a:cb:ee:a2:da:de:
0f:b2:1a:00:ee:62:4d:28:2a:c5:eb:29:fc:bd:4b:
ff:04:e1:1e:03:ba:17:6c:ff:ed:59:56:f1:8a:6c:
c9:5e:c0:4d:5d:af:f4:41:b0:d4:09:e1:4c:dd:ef:
44:19:52:5e:16:30:85:d8:2b:bc:b7:1d:aa:23:ef:
b2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D3:04:99:74:BF:47:87:C6:88:BA:25:74:4B:79:38:65:D4:96:7B
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/n9MEmXS_R4fGiLoldEt5OGXUlns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:20::/44
Signature Algorithm: sha256WithRSAEncryption
7c:ea:f2:4c:a5:a1:24:04:61:cc:ad:7e:ad:5d:3a:e0:4b:ba:
d6:90:e9:6a:07:84:6a:5f:49:f0:28:b9:0c:11:61:73:b5:38:
76:b5:ec:4b:50:ec:1c:af:5f:03:ca:05:b9:0f:45:00:b2:d4:
0e:a4:aa:a3:aa:2b:49:74:d0:2e:86:78:db:85:9f:f4:d5:2d:
84:25:ca:da:53:07:73:5c:69:b7:4e:09:7e:7e:47:20:56:29:
1e:ad:9a:5b:32:5a:9e:9c:3e:c5:68:93:3d:d1:bf:bc:6f:e6:
ac:33:f0:ec:4b:b5:47:e3:12:f9:1f:a5:43:38:0a:84:df:52:
a6:9b:e1:31:8b:70:c0:bc:4d:b9:38:af:55:67:45:f0:55:d1:
10:06:29:60:ec:c6:09:ac:cf:a9:8e:16:f3:ec:46:70:80:6b:
68:2a:80:e4:d0:bf:43:76:e8:b9:93:d1:35:6e:2a:43:fe:0a:
75:f2:f2:c8:3d:75:af:94:bd:2f:2e:48:09:0d:18:6a:62:2a:
94:cc:16:cf:cf:b2:7f:d7:9f:2f:52:87:99:45:ef:31:58:7a:
d8:f4:51:4c:8b:84:0b:90:da:a6:8e:20:fc:8b:67:5a:ed:92:
73:59:51:05:0c:c7:3a:18:8b:01:7f:d8:81:49:75:ec:35:aa:
31:60:af:de
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+qrcOu2UPU5fenYoseYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUwMTAxMDM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmQzMDQ5OTc0YmY0Nzg3YzY4OGJhMjU3NDRiNzkzODY1ZDQ5NjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/rPwddefQLdwNS6LpHPcMaCFVP2
A+UNho4f9sVdqk3eXri2uXnhOOvV8TiGVfal1+6bNMwplfRAydKI4qKkaGyRSfcV
7sv52PFJy9SxMLw/7HbjhnhQvwb4xwUjkDXtILxlM1IuNjzii5AWTuYAMbmp0JMN
V/WLZ/6sn0Jp1wqGPHhxlBjfVPDNuWWVgCWQhWNymcDyY0Ss0GEWcXkXGvpqKxu0
UnlEmxFSV1xNlFRmbbVbh63c5jAuwJkay+6i2t4PshoA7mJNKCrF6yn8vUv/BOEe
A7oXbP/tWVbximzJXsBNXa/0QbDUCeFM3e9EGVJeFjCF2Cu8tx2qI++yYwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ/TBJl0v0eHxoi6JXRLeThl1JZ7MB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvbjlNRW1YU19SNGZHaUxvbGRFdDVPR1hVbG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQAg
MA0GCSqGSIb3DQEBCwUAA4IBAQB86vJMpaEkBGHMrX6tXTrgS7rWkOlqB4RqX0nw
KLkMEWFztTh2texLUOwcr18DygW5D0UAstQOpKqjqitJdNAuhnjbhZ/01S2EJcra
UwdzXGm3Tgl+fkcgVikerZpbMlqenD7FaJM90b+8b+asM/DsS7VH4xL5H6VDOAqE
31Kmm+Exi3DAvE25OK9VZ0XwVdEQBilg7MYJrM+pjhbz7EZwgGtoKoDk0L9Ddui5
k9E1bipD/gp18vLIPXWvlL0vLkgJDRhqYiqUzBbPz7J/158vUoeZRe8xWHrY9FFM
i4QLkNqmjiD8i2da7ZJzWVEFDMc6GIsBf9iBSXXsNaoxYK/e
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:34:20 2025 by rpki-client