Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/D9-YU2ZDhJ0v1_AXcHBT_S48GwI.roa
File: D9-YU2ZDhJ0v1_AXcHBT_S48GwI.roa (raw, json)
Hash identifier: DMZSaMGentXeOZzVyA6LykLKHQIR9Ks1woE8+zLvzpk=
Subject key identifier: 0F:DF:98:53:66:43:84:9D:2F:D7:F0:17:70:70:53:FD:2E:3C:1B:02
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 01942747BE9AFB8A138DB10C9CFB00908D46
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/D9-YU2ZDhJ0v1_AXcHBT_S48GwI.roa
Signing time: Thu 02 Jan 2025 13:50:00 +0000
ROA not before: Thu 02 Jan 2025 13:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51396
IP address blocks: 2a05:b0c6:a000::/39 maxlen: 39
2a05:b0c6:a200::/39 maxlen: 39
2a05:b0c7:6000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:be:9a:fb:8a:13:8d:b1:0c:9c:fb:00:90:8d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 2 13:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fdf98536643849d2fd7f017707053fd2e3c1b02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e3:c3:d9:d1:10:30:2e:26:9b:f7:6c:2b:e8:
1d:d9:ba:83:e4:a4:c3:8d:be:e8:a7:99:75:e5:8f:
e5:c0:27:2b:b4:1f:04:c4:ce:47:fa:f6:e5:a6:a2:
80:f7:20:15:25:60:af:dc:a1:d4:14:31:e8:74:a3:
cf:eb:76:84:d6:d7:d4:11:34:94:b4:db:3b:2e:db:
15:1f:af:57:e4:f9:27:c7:0d:79:27:1e:8c:f1:33:
38:79:a1:68:cd:46:af:35:ae:97:e0:68:5f:99:a9:
4c:99:08:e1:94:0a:bf:2e:af:95:7c:45:93:df:51:
4a:67:9f:80:72:78:ce:47:68:cc:9e:96:f2:29:6c:
88:f0:1f:44:4b:02:d9:f7:6f:f9:67:f7:de:cc:f1:
df:03:83:e2:b2:c6:6a:d0:60:45:c6:f8:92:d6:07:
e0:9f:93:74:e4:a1:4c:03:ee:e1:73:a9:68:3c:ab:
37:ed:ee:77:62:7c:ea:1b:29:11:40:10:25:2f:e0:
c1:5c:a0:d6:4c:f0:2a:8f:c1:b3:a4:b5:96:69:d8:
61:63:08:44:26:0e:a9:dc:f2:33:c7:94:49:52:c4:
5a:df:0f:b4:86:0c:04:4e:05:0b:c9:9a:6d:f1:6d:
9b:69:68:58:c8:c6:66:cc:f1:73:c2:c1:dc:3e:32:
62:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DF:98:53:66:43:84:9D:2F:D7:F0:17:70:70:53:FD:2E:3C:1B:02
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/D9-YU2ZDhJ0v1_AXcHBT_S48GwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b0c6:a000::/38
2a05:b0c7:6000::/36
Signature Algorithm: sha256WithRSAEncryption
1d:9a:24:f4:f4:c0:64:7d:08:91:20:de:ec:3e:81:97:07:a0:
5b:9f:35:97:ef:69:3b:70:fe:ba:af:29:1b:01:cc:2c:c6:74:
11:13:15:05:7e:27:88:84:69:1c:d3:92:40:30:e8:bb:e2:6a:
a9:e9:ef:7e:86:4d:d9:74:36:2b:31:a6:6d:dc:cc:2a:ea:88:
5c:6f:ed:68:17:09:5d:c6:33:8f:94:75:32:3d:08:0e:d7:61:
56:b1:2c:38:66:c2:09:95:d5:3e:1a:32:b5:af:4d:9f:30:3d:
fe:4a:d1:43:e0:bc:28:dc:ee:ce:ad:75:32:fb:9d:f7:9b:cb:
a3:38:ac:f2:d4:42:b2:d1:99:66:e1:3e:7a:c4:6c:fc:5f:b4:
4d:d1:96:fd:35:cf:28:a1:88:29:7d:43:92:f2:b3:20:68:33:
4b:b9:12:df:f2:55:dc:84:f2:25:a3:71:fb:c9:31:7e:f9:7d:
0e:ae:c1:4d:ab:0f:1a:0e:52:d3:73:17:0b:80:f9:35:f3:bc:
a9:0b:0e:bd:7e:6d:1c:43:9d:00:52:72:03:02:8a:fd:35:69:
74:12:fb:60:ba:0e:bf:b7:82:c5:9f:a8:90:66:c2:68:11:5f:
41:d7:40:14:f2:f7:21:38:b2:49:9e:fe:d0:f5:53:38:ef:e6:
2f:cd:ad:a6
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQnR76a+4oTjbEMnPsAkI1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMjgzNDhlOTA1NDk3M2Q3YTVmODE5M2JkNGU1YzQ0ZjY3
Mzk5ZTEwHhcNMjUwMTAyMTM1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmRmOTg1MzY2NDM4NDlkMmZkN2YwMTc3MDcwNTNmZDJlM2MxYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuPD2dEQMC4mm/dsK+gd2bqD5KTD
jb7op5l15Y/lwCcrtB8ExM5H+vblpqKA9yAVJWCv3KHUFDHodKPP63aE1tfUETSU
tNs7LtsVH69X5Pknxw15Jx6M8TM4eaFozUavNa6X4GhfmalMmQjhlAq/Lq+VfEWT
31FKZ5+AcnjOR2jMnpbyKWyI8B9ESwLZ92/5Z/fezPHfA4PissZq0GBFxviS1gfg
n5N05KFMA+7hc6loPKs37e53YnzqGykRQBAlL+DBXKDWTPAqj8GzpLWWadhhYwhE
Jg6p3PIzx5RJUsRa3w+0hgwETgULyZpt8W2baWhYyMZmzPFzwsHcPjJiNQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFA/fmFNmQ4SdL9fwF3BwU/0uPBsCMB8GA1UdIwQY
MBaAFMIoNI6QVJc9el+Bk71OXET2c5nhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMt
ZTg4ZmZmODJkNTUzLzEvRDktWVUyWkRoSjB2MV9BWGNIQlRfUzQ4R3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mMTY3OTQtOTFhZC00OTg0LTljNmMtZTg4ZmZmODJkNTUz
LzEvd2lnMGpwQlVsejE2WDRHVHZVNWNSUFp6bWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYCKgWwxqAD
BgQqBbDHYDANBgkqhkiG9w0BAQsFAAOCAQEAHZok9PTAZH0IkSDe7D6BlwegW581
l+9pO3D+uq8pGwHMLMZ0ERMVBX4niIRpHNOSQDDou+JqqenvfoZN2XQ2KzGmbdzM
KuqIXG/taBcJXcYzj5R1Mj0IDtdhVrEsOGbCCZXVPhoyta9NnzA9/krRQ+C8KNzu
zq11Mvud95vLozis8tRCstGZZuE+esRs/F+0TdGW/TXPKKGIKX1DkvKzIGgzS7kS
3/JV3ITyJaNx+8kxfvl9Dq7BTasPGg5S03MXC4D5NfO8qQsOvX5tHEOdAFJyAwKK
/TVpdBL7YLoOv7eCxZ+okGbCaBFfQddAFPL3ITiySZ7+0PVTOO/mL82tpg==
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:11:05 2025 by rpki-client