Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/OfJy4tsmL3IYtfHA_nuP2zB-NaE.roa
File: OfJy4tsmL3IYtfHA_nuP2zB-NaE.roa (raw, json)
Hash identifier: ozXi33qjYOKEQVYYS6fC5uD03pVcW1FUd8g9T6Dh8KQ=
Subject key identifier: 39:F2:72:E2:DB:26:2F:72:18:B5:F1:C0:FE:7B:8F:DB:30:7E:35:A1
Certificate issuer: /CN=e9be181aabdb195513a26c67b621e2986818d03d
Certificate serial: 0195C99B8F414371A83886FA00F303D089BC
Authority key identifier: E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/OfJy4tsmL3IYtfHA_nuP2zB-NaE.roa
Signing time: Mon 24 Mar 2025 19:22:49 +0000
ROA not before: Mon 24 Mar 2025 19:22:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213220
IP address blocks: 2a09:3902::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c9:9b:8f:41:43:71:a8:38:86:fa:00:f3:03:d0:89:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9be181aabdb195513a26c67b621e2986818d03d
Validity
Not Before: Mar 24 19:22:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39f272e2db262f7218b5f1c0fe7b8fdb307e35a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f2:d4:b5:81:0d:cb:30:61:47:73:de:e8:92:
a5:9b:d6:2a:0c:13:9e:0c:f1:e5:d9:73:73:09:3d:
58:ca:ba:ca:b1:dd:88:42:3f:b5:24:2c:71:7a:a3:
8a:2d:00:ac:42:3d:00:f2:9c:58:9d:5e:5f:dd:27:
89:0c:71:f7:f3:d2:75:d7:6e:13:4b:19:eb:a2:d5:
63:7c:e6:5f:33:f2:c6:ab:ec:8d:49:25:c7:8b:c7:
76:6a:33:74:59:91:10:09:3c:34:13:95:a1:db:cb:
16:88:87:9c:33:6d:bf:93:a1:dd:29:c4:57:4c:91:
65:f0:73:46:e0:a5:2f:33:78:2a:49:11:fb:98:d9:
5a:2f:24:ea:27:11:bc:64:36:33:9a:9f:d5:15:19:
ed:b1:48:aa:c8:62:08:2f:48:e3:61:2d:36:08:42:
75:83:58:cd:c1:95:00:93:2d:00:c5:f8:36:c1:8e:
4c:54:72:43:8f:7c:f6:de:8c:ee:13:11:ea:17:35:
5d:14:e6:b4:30:59:79:7f:0b:a5:73:24:24:95:f9:
b8:b7:71:e4:36:36:74:54:50:93:36:f3:92:ec:69:
76:61:a6:e4:8c:58:46:c4:b8:66:bb:8c:ba:73:65:
e5:c9:f0:58:22:b2:78:91:d8:1a:bc:75:42:e0:5c:
09:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:F2:72:E2:DB:26:2F:72:18:B5:F1:C0:FE:7B:8F:DB:30:7E:35:A1
X509v3 Authority Key Identifier:
keyid:E9:BE:18:1A:AB:DB:19:55:13:A2:6C:67:B6:21:E2:98:68:18:D0:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b4YGqvbGVUTomxntiHimGgY0D0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/OfJy4tsmL3IYtfHA_nuP2zB-NaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/becd16-a9e9-4cd6-800e-f008dd83e32a/1/6b4YGqvbGVUTomxntiHimGgY0D0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3902::/32
Signature Algorithm: sha256WithRSAEncryption
51:ac:13:4f:3c:ec:a5:66:70:f6:54:57:6d:b1:2f:5d:f6:9b:
37:54:a7:7f:dd:95:54:3d:f6:16:29:0c:02:3e:fd:14:c5:ec:
a5:71:6b:65:50:46:b9:49:a6:8c:60:38:0f:32:52:36:d6:1c:
52:9c:08:4d:38:ae:48:94:f1:61:84:82:56:88:a3:22:56:c6:
ca:42:bb:ca:59:f7:9c:d4:93:a1:f9:3b:06:ea:40:e6:5e:78:
05:a5:77:fd:95:2f:61:85:24:3d:e4:51:ff:ae:5e:55:ae:42:
f3:37:65:aa:11:f8:db:48:17:66:76:70:6b:38:7d:c8:ff:58:
51:72:6e:db:38:ab:20:e3:22:f7:6d:21:f3:06:b2:cb:e0:4c:
cf:f6:a7:34:79:21:66:64:2f:90:3a:82:08:ec:f1:3a:4c:90:
5e:2a:16:a8:df:06:56:12:16:ce:a1:54:96:09:94:b4:83:f1:
dc:1d:ed:0d:94:32:c0:17:f0:ba:b6:40:59:09:0a:a8:cc:d3:
90:09:92:30:8c:39:ff:65:d0:df:09:f3:99:14:96:16:8f:e1:
25:4b:c5:9a:37:62:25:47:47:71:df:19:2d:1c:74:ef:35:01:
1d:b4:6d:df:32:94:bf:58:1e:60:d5:fe:db:2c:43:af:57:4f:
ad:e4:48:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXJm49BQ3GoOIb6APMD0Im8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YmUxODFhYWJkYjE5NTUxM2EyNmM2N2I2MjFlMjk4Njgx
OGQwM2QwHhcNMjUwMzI0MTkyMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWYyNzJlMmRiMjYyZjcyMThiNWYxYzBmZTdiOGZkYjMwN2UzNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfLUtYENyzBhR3Pe6JKlm9YqDBOe
DPHl2XNzCT1YyrrKsd2IQj+1JCxxeqOKLQCsQj0A8pxYnV5f3SeJDHH389J1124T
SxnrotVjfOZfM/LGq+yNSSXHi8d2ajN0WZEQCTw0E5Wh28sWiIecM22/k6HdKcRX
TJFl8HNG4KUvM3gqSRH7mNlaLyTqJxG8ZDYzmp/VFRntsUiqyGIIL0jjYS02CEJ1
g1jNwZUAky0Axfg2wY5MVHJDj3z23ozuExHqFzVdFOa0MFl5fwulcyQklfm4t3Hk
NjZ0VFCTNvOS7Gl2YabkjFhGxLhmu4y6c2XlyfBYIrJ4kdgavHVC4FwJgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDnycuLbJi9yGLXxwP57j9swfjWhMB8GA1UdIwQY
MBaAFOm+GBqr2xlVE6JsZ7Yh4phoGNA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUt
ZjAwOGRkODNlMzJhLzEvT2ZKeTR0c21MM0lZdGZIQV9udVAyekItTmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9iZWNkMTYtYTllOS00Y2Q2LTgwMGUtZjAwOGRkODNlMzJh
LzEvNmI0WUdxdmJHVlVUb214bnRpSGltR2dZMEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgk5AjAN
BgkqhkiG9w0BAQsFAAOCAQEAUawTTzzspWZw9lRXbbEvXfabN1Snf92VVD32FikM
Aj79FMXspXFrZVBGuUmmjGA4DzJSNtYcUpwITTiuSJTxYYSCVoijIlbGykK7yln3
nNSTofk7BupA5l54BaV3/ZUvYYUkPeRR/65eVa5C8zdlqhH420gXZnZwazh9yP9Y
UXJu2zirIOMi920h8wayy+BMz/anNHkhZmQvkDqCCOzxOkyQXioWqN8GVhIWzqFU
lgmUtIPx3B3tDZQywBfwurZAWQkKqMzTkAmSMIw5/2XQ3wnzmRSWFo/hJUvFmjdi
JUdHcd8ZLRx07zUBHbRt3zKUv1geYNX+2yxDr1dPreRIGw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:02:53 2025 by rpki-client