Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/9DNpUDfjfX1cw67GoTejssp0I60.roa
File: 9DNpUDfjfX1cw67GoTejssp0I60.roa (raw, json)
Hash identifier: waZpM47Y+Uz4d9MPb5IIUjKVJuGJ/1amyn5dhXRlaKQ=
Subject key identifier: F4:33:69:50:37:E3:7D:7D:5C:C3:AE:C6:A1:37:A3:B2:CA:74:23:AD
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 01942143F09B3DD5425D5A569E1CE91431E5
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/9DNpUDfjfX1cw67GoTejssp0I60.roa
Signing time: Wed 01 Jan 2025 09:48:08 +0000
ROA not before: Wed 01 Jan 2025 09:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55933
IP address blocks: 116.206.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f0:9b:3d:d5:42:5d:5a:56:9e:1c:e9:14:31:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Jan 1 09:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f433695037e37d7d5cc3aec6a137a3b2ca7423ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1a:b1:1b:67:7c:9b:9e:c5:da:e4:e3:dd:f6:
65:48:a2:07:86:dd:1d:35:31:b8:e7:d4:00:85:ea:
89:f7:6e:78:a8:6f:a8:3c:10:1c:aa:1a:f5:75:1c:
a7:0d:7d:74:9d:3b:01:1c:fc:5d:1b:c6:fd:c4:26:
64:c1:40:73:29:37:64:62:80:c4:5f:fb:51:2e:29:
49:c9:5e:72:68:5b:d8:07:f3:19:89:fa:f0:ba:05:
63:1c:69:5a:15:0e:a0:ce:4f:9d:d5:7f:89:9f:8e:
ab:6f:ce:90:17:ee:31:84:be:47:38:93:ed:a3:41:
a3:c2:4d:9e:85:1f:10:fb:f0:bc:4e:f4:df:d0:03:
07:5e:3c:d7:2b:a9:e5:91:ca:72:15:94:ed:2f:4e:
2c:0a:7d:ba:e9:ef:33:37:72:5c:63:09:c4:b4:38:
f1:d7:2e:c3:4a:3a:5c:cd:2e:28:64:77:ea:de:94:
a3:f6:25:b5:88:48:c9:67:cc:93:f9:7e:aa:50:c1:
f7:51:78:47:0b:fb:d9:83:d6:e8:51:b4:41:c8:04:
4e:eb:c3:38:e2:6e:3b:49:b9:84:62:d9:0a:99:25:
fe:9a:1d:95:5d:1e:59:c1:70:9c:0e:a6:77:5d:7e:
9f:98:b2:ad:e0:5f:f5:50:60:bf:a6:eb:a5:3d:9b:
4f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:33:69:50:37:E3:7D:7D:5C:C3:AE:C6:A1:37:A3:B2:CA:74:23:AD
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/9DNpUDfjfX1cw67GoTejssp0I60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.206.95.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:69:00:a5:77:c8:39:db:eb:50:24:a0:2d:72:8c:74:54:cd:
b3:e7:f0:d1:e2:0d:d8:a3:7a:4b:47:ba:5b:28:ec:b9:23:ed:
40:f9:ca:18:98:83:4d:5e:0b:38:c4:de:90:4a:4a:e7:60:47:
ec:40:24:c6:ea:9b:34:28:ef:76:e3:46:eb:63:fa:45:9b:8f:
cd:66:4f:85:d4:f5:91:20:ae:05:5b:89:05:cc:db:6f:85:e4:
76:63:a7:aa:e0:1c:8a:71:cc:c7:4b:c4:90:e8:e2:d7:71:1c:
68:aa:48:22:49:93:ca:ef:f4:48:ad:6b:53:7f:2a:2d:73:f2:
da:cf:8c:ab:25:8e:6f:ec:26:52:c7:75:0d:00:6b:ce:b4:60:
cf:58:07:e3:22:19:4f:35:57:d6:c1:75:fb:5f:0f:1c:6e:a0:
7b:33:da:af:87:65:8c:04:01:4f:e6:67:5f:c8:6f:cf:74:55:
95:b8:15:66:56:60:8e:a4:94:06:42:82:25:5b:93:a2:e2:d2:
ce:4d:13:55:9d:db:f5:7f:02:96:e1:0e:81:8d:84:93:bc:89:
d5:fa:ac:4d:d6:7e:59:f5:85:04:c8:09:83:b1:ea:14:9e:97:
01:37:fc:11:8a:72:ad:1d:e7:ae:7b:a4:bd:67:72:5d:52:99:
d4:3d:c6:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/CbPdVCXVpWnhzpFDHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjUwMTAxMDk0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDMzNjk1MDM3ZTM3ZDdkNWNjM2FlYzZhMTM3YTNiMmNhNzQyM2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxqxG2d8m57F2uTj3fZlSKIHht0d
NTG459QAheqJ9254qG+oPBAcqhr1dRynDX10nTsBHPxdG8b9xCZkwUBzKTdkYoDE
X/tRLilJyV5yaFvYB/MZifrwugVjHGlaFQ6gzk+d1X+Jn46rb86QF+4xhL5HOJPt
o0Gjwk2ehR8Q+/C8TvTf0AMHXjzXK6nlkcpyFZTtL04sCn266e8zN3JcYwnEtDjx
1y7DSjpczS4oZHfq3pSj9iW1iEjJZ8yT+X6qUMH3UXhHC/vZg9boUbRByARO68M4
4m47SbmEYtkKmSX+mh2VXR5ZwXCcDqZ3XX6fmLKt4F/1UGC/puulPZtP7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPQzaVA34319XMOuxqE3o7LKdCOtMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvOUROcFVEZmpmWDFjdzY3R29UZWpzc3AwSTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAdM5fMA0G
CSqGSIb3DQEBCwUAA4IBAQDHaQCld8g52+tQJKAtcox0VM2z5/DR4g3Yo3pLR7pb
KOy5I+1A+coYmINNXgs4xN6QSkrnYEfsQCTG6ps0KO9240brY/pFm4/NZk+F1PWR
IK4FW4kFzNtvheR2Y6eq4ByKcczHS8SQ6OLXcRxoqkgiSZPK7/RIrWtTfyotc/La
z4yrJY5v7CZSx3UNAGvOtGDPWAfjIhlPNVfWwXX7Xw8cbqB7M9qvh2WMBAFP5mdf
yG/PdFWVuBVmVmCOpJQGQoIlW5Oi4tLOTRNVndv1fwKW4Q6BjYSTvInV+qxN1n5Z
9YUEyAmDseoUnpcBN/wRinKtHeeue6S9Z3JdUpnUPcYz
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:05:18 2025 by rpki-client