Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/JNAtdBMSX5VhwApOgTuAEW816wE.roa
File: JNAtdBMSX5VhwApOgTuAEW816wE.roa (raw, json)
Hash identifier: /ZrZUMi4cKx5uDajSWU/yOuRSvJFXt9XoQWTgblnDdM=
Subject key identifier: 24:D0:2D:74:13:12:5F:95:61:C0:0A:4E:81:3B:80:11:6F:35:EB:01
Certificate issuer: /CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Certificate serial: 0194221FCCFC74B4D2508A2DBB82C0174795
Authority key identifier: A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/JNAtdBMSX5VhwApOgTuAEW816wE.roa
Signing time: Wed 01 Jan 2025 13:48:16 +0000
ROA not before: Wed 01 Jan 2025 13:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12732
IP address blocks: 2a06:9380::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:cc:fc:74:b4:d2:50:8a:2d:bb:82:c0:17:47:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Validity
Not Before: Jan 1 13:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24d02d7413125f9561c00a4e813b80116f35eb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:23:57:10:2f:44:9b:f0:65:e4:96:ee:e5:f8:
ed:d3:a6:92:c7:9c:8d:33:c7:aa:62:80:2a:c8:ac:
0b:35:e6:38:72:9a:a2:37:8b:0d:e0:71:57:a8:b2:
aa:b9:4a:13:84:63:8e:0a:c4:27:99:9f:1a:51:eb:
4b:6b:8e:50:68:01:eb:15:8e:f9:1a:1b:7b:02:0f:
61:80:86:a9:4c:c1:bb:ed:12:df:d1:f9:ad:78:64:
24:96:26:61:ca:82:37:f8:4e:15:ce:43:6f:32:d5:
a3:6a:6f:e3:f7:75:70:16:0f:18:7c:20:88:89:1d:
72:24:ae:da:a8:6b:a0:a8:15:e8:21:3f:c8:59:87:
91:dc:70:43:4d:e7:85:52:f7:c3:13:a3:90:10:2a:
4c:d1:51:b0:7d:fb:d1:15:e3:75:78:83:33:67:76:
99:d1:5e:49:20:3f:33:f8:e8:d3:3e:7e:5d:4d:45:
1d:ce:d0:56:a9:a0:0d:8d:04:68:bc:4b:c9:92:db:
ca:e0:d8:84:c8:f0:48:59:66:63:bc:c1:e1:51:b0:
1c:4f:80:88:4a:a0:65:9b:1a:8d:ed:f7:e2:ca:08:
b3:c4:7c:1d:b4:81:b8:44:28:6b:49:c8:b3:4a:1e:
50:49:76:2b:0e:62:a1:03:ec:1d:3a:90:dd:a0:fa:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D0:2D:74:13:12:5F:95:61:C0:0A:4E:81:3B:80:11:6F:35:EB:01
X509v3 Authority Key Identifier:
keyid:A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/JNAtdBMSX5VhwApOgTuAEW816wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/py0XjI5T9SExwftkdDyWDPiX_Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9380::/29
Signature Algorithm: sha256WithRSAEncryption
32:99:f3:f8:78:58:d6:0c:fa:f0:27:c8:d1:78:fc:d8:d5:8d:
42:3a:6b:47:05:04:30:81:52:91:66:c1:8e:d2:60:52:ec:2a:
eb:61:4c:15:a9:98:d5:17:21:5f:98:9c:94:c4:d2:f3:24:7f:
e3:57:34:e2:14:76:56:e7:b5:d3:d9:7b:11:84:a9:ba:2d:d1:
01:55:95:15:c5:28:df:21:2c:d3:23:c0:57:7c:53:8a:1a:78:
29:cf:c1:8b:02:ca:40:db:54:5a:10:42:1a:20:29:8f:f5:75:
38:5c:13:46:30:57:a9:07:1c:ea:7e:75:1f:06:76:c4:72:e4:
26:49:7e:4c:84:d0:14:4a:fc:21:bd:92:72:e6:c6:df:ef:d2:
0a:95:d3:e0:d6:f4:81:74:26:38:a4:55:83:76:e8:96:62:73:
a4:b4:21:39:2b:eb:10:a0:fa:0f:13:94:fd:9c:5a:e7:0e:15:
75:52:7c:bf:52:ad:ad:15:42:61:59:bb:0f:88:d7:6e:b4:e7:
42:c7:e6:bd:32:08:db:9f:0a:6b:69:38:78:e8:45:96:2d:f9:
eb:0f:93:79:12:c0:a7:fd:b0:27:8a:96:dc:68:a4:36:38:27:
3f:c4:f6:91:1d:0c:33:63:39:97:ed:6b:87:9d:91:a9:36:bd:
40:a9:bc:8b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQiH8z8dLTSUIotu4LAF0eVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MmQxNzhjOGU1M2Y1MjEzMWMxZmI2NDc0M2M5NjBjZjg5
N2ZkMGMwHhcNMjUwMTAxMTM0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGQwMmQ3NDEzMTI1Zjk1NjFjMDBhNGU4MTNiODAxMTZmMzVlYjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiNXEC9Em/Bl5Jbu5fjt06aSx5yN
M8eqYoAqyKwLNeY4cpqiN4sN4HFXqLKquUoThGOOCsQnmZ8aUetLa45QaAHrFY75
Ght7Ag9hgIapTMG77RLf0fmteGQkliZhyoI3+E4VzkNvMtWjam/j93VwFg8YfCCI
iR1yJK7aqGugqBXoIT/IWYeR3HBDTeeFUvfDE6OQECpM0VGwffvRFeN1eIMzZ3aZ
0V5JID8z+OjTPn5dTUUdztBWqaANjQRovEvJktvK4NiEyPBIWWZjvMHhUbAcT4CI
SqBlmxqN7ffiygizxHwdtIG4RChrScizSh5QSXYrDmKhA+wdOpDdoPquawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCTQLXQTEl+VYcAKToE7gBFvNesBMB8GA1UdIwQY
MBaAFKctF4yOU/UhMcH7ZHQ8lgz4l/0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2Qt
MjhiOWQyNjFlY2IxLzEvSk5BdGRCTVNYNVZod0FwT2dUdUFFVzgxNndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2QtMjhiOWQyNjFlY2Ix
LzEvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgaTgDAN
BgkqhkiG9w0BAQsFAAOCAQEAMpnz+HhY1gz68CfI0Xj82NWNQjprRwUEMIFSkWbB
jtJgUuwq62FMFamY1RchX5iclMTS8yR/41c04hR2Vue109l7EYSpui3RAVWVFcUo
3yEs0yPAV3xTihp4Kc/BiwLKQNtUWhBCGiApj/V1OFwTRjBXqQcc6n51HwZ2xHLk
Jkl+TITQFEr8Ib2ScubG3+/SCpXT4Nb0gXQmOKRVg3bolmJzpLQhOSvrEKD6DxOU
/Zxa5w4VdVJ8v1KtrRVCYVm7D4jXbrTnQsfmvTII258Ka2k4eOhFli356w+TeRLA
p/2wJ4qW3GikNjgnP8T2kR0MM2M5l+1rh52RqTa9QKm8iw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:29:30 2025 by rpki-client