Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/nWYHniVnDldwYunEGsc0VWWiVYU.roa
File: nWYHniVnDldwYunEGsc0VWWiVYU.roa (raw, json)
Hash identifier: VRa9zgOVZdpaRaM8P3APLwpP4Czcpn3M9s3Qb5fNEps=
Subject key identifier: 9D:66:07:9E:25:67:0E:57:70:62:E9:C4:1A:C7:34:55:65:A2:55:85
Certificate issuer: /CN=7f6bd1a6b04625c571d830f878b1c0238247408c
Certificate serial: 01942369850D3EBB7B3B2BF66B73A920A904
Authority key identifier: 7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/nWYHniVnDldwYunEGsc0VWWiVYU.roa
Signing time: Wed 01 Jan 2025 19:48:25 +0000
ROA not before: Wed 01 Jan 2025 19:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 14.102.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:85:0d:3e:bb:7b:3b:2b:f6:6b:73:a9:20:a9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f6bd1a6b04625c571d830f878b1c0238247408c
Validity
Not Before: Jan 1 19:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d66079e25670e577062e9c41ac7345565a25585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6c:34:c1:e2:64:f8:73:bf:68:5c:a5:2c:2c:
11:c2:37:f4:d3:84:3c:e4:1c:ae:d0:fe:2c:9c:9d:
ce:ef:f9:c1:d2:22:5b:4d:9f:bc:af:41:8f:6a:5d:
4a:ac:f4:f2:73:11:d4:0a:e2:bb:65:f6:5a:d6:50:
4c:6a:48:96:3c:ce:cc:ec:56:20:1c:59:87:57:8b:
22:8f:48:77:6b:d2:62:96:0d:a7:9b:fe:4e:5c:5a:
b0:b0:4b:82:99:30:d5:6c:12:ec:86:b6:43:c1:11:
5c:d2:a3:db:af:c3:f1:31:11:48:8a:bc:3f:71:7e:
10:8c:1f:c6:a7:a9:c7:40:1a:fe:3d:37:ec:d6:6e:
c2:c6:91:02:46:ec:af:72:9e:c3:44:18:37:9c:51:
88:79:34:fc:23:2b:d2:06:b2:75:53:df:ad:cb:52:
e0:f3:82:ad:27:c8:96:0b:d1:e4:e1:6c:e1:91:23:
fa:01:1f:7d:e4:f7:20:7a:0d:f6:f2:59:fe:32:1b:
d7:ea:af:9c:69:4b:f5:6d:36:c2:aa:d3:44:58:ed:
47:be:fe:0a:9d:9d:26:0f:78:3f:34:1a:70:ee:a6:
81:f6:06:ab:b8:ca:d5:08:e4:e3:91:3c:fd:e3:db:
37:32:cc:8f:64:4e:4b:aa:0c:2b:37:12:21:eb:4b:
be:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:66:07:9E:25:67:0E:57:70:62:E9:C4:1A:C7:34:55:65:A2:55:85
X509v3 Authority Key Identifier:
keyid:7F:6B:D1:A6:B0:46:25:C5:71:D8:30:F8:78:B1:C0:23:82:47:40:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2vRprBGJcVx2DD4eLHAI4JHQIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/nWYHniVnDldwYunEGsc0VWWiVYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/bc66d7-57ab-475d-96ba-89b6c32315c2/1/f2vRprBGJcVx2DD4eLHAI4JHQIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.90.0/24
Signature Algorithm: sha256WithRSAEncryption
20:94:1c:96:72:e0:6a:64:9d:37:03:f1:db:71:c7:51:38:bc:
c9:82:a7:fc:29:33:70:98:43:9c:89:fb:58:8e:d9:1c:2f:97:
ec:7a:67:24:19:68:73:d4:e5:d9:83:7e:2c:5d:3b:7b:4c:13:
1d:9a:35:2f:20:7c:04:5f:45:5d:8a:82:2c:99:d7:e3:32:a3:
9a:29:b9:6c:e0:30:97:6e:95:b5:ed:77:0c:4f:db:b8:97:52:
54:ee:13:e0:62:76:f9:50:6f:97:05:13:03:a2:17:d7:a6:76:
ee:b2:b5:a8:93:11:a8:9d:f5:ac:71:6f:01:40:72:12:8a:76:
da:b4:7b:77:0a:2a:24:36:79:de:aa:0e:f3:49:45:91:64:6c:
0d:e7:8e:7b:93:1f:b8:72:35:02:ea:1c:0a:eb:81:d3:97:51:
55:e8:50:83:c9:41:24:91:a6:bd:7e:9c:cd:39:b9:bf:6c:1a:
c8:fd:3e:a2:ca:cf:35:da:b3:17:a8:73:d4:ff:47:e8:e6:51:
27:d3:58:93:e1:c9:d5:fb:ac:6f:9e:8e:f5:2b:f7:22:bf:9c:
3d:47:64:29:48:c9:5c:90:47:77:95:97:a4:09:83:53:6b:17:
ad:b5:92:96:0a:0d:e2:a8:49:aa:ce:b0:6c:e3:6c:9d:a3:26:
16:7a:63:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaYUNPrt7Oyv2a3OpIKkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNmJkMWE2YjA0NjI1YzU3MWQ4MzBmODc4YjFjMDIzODI0
NzQwOGMwHhcNMjUwMTAxMTk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY2MDc5ZTI1NjcwZTU3NzA2MmU5YzQxYWM3MzQ1NTY1YTI1NTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWw0weJk+HO/aFylLCwRwjf004Q8
5Byu0P4snJ3O7/nB0iJbTZ+8r0GPal1KrPTycxHUCuK7ZfZa1lBMakiWPM7M7FYg
HFmHV4sij0h3a9Jilg2nm/5OXFqwsEuCmTDVbBLshrZDwRFc0qPbr8PxMRFIirw/
cX4QjB/Gp6nHQBr+PTfs1m7CxpECRuyvcp7DRBg3nFGIeTT8IyvSBrJ1U9+ty1Lg
84KtJ8iWC9Hk4WzhkSP6AR995Pcgeg328ln+MhvX6q+caUv1bTbCqtNEWO1Hvv4K
nZ0mD3g/NBpw7qaB9garuMrVCOTjkTz949s3MsyPZE5LqgwrNxIh60u+2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ1mB54lZw5XcGLpxBrHNFVlolWFMB8GA1UdIwQY
MBaAFH9r0aawRiXFcdgw+HixwCOCR0CMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEt
ODliNmMzMjMxNWMyLzEvbldZSG5pVm5EbGR3WXVuRUdzYzBWV1dpVllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9iYzY2ZDctNTdhYi00NzVkLTk2YmEtODliNmMzMjMxNWMy
LzEvZjJ2UnByQkdKY1Z4MkRENGVMSEFJNEpIUUl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmZaMA0G
CSqGSIb3DQEBCwUAA4IBAQAglByWcuBqZJ03A/HbccdROLzJgqf8KTNwmEOciftY
jtkcL5fsemckGWhz1OXZg34sXTt7TBMdmjUvIHwEX0VdioIsmdfjMqOaKbls4DCX
bpW17XcMT9u4l1JU7hPgYnb5UG+XBRMDohfXpnbusrWokxGonfWscW8BQHISinba
tHt3CiokNnneqg7zSUWRZGwN5457kx+4cjUC6hwK64HTl1FV6FCDyUEkkaa9fpzN
Obm/bBrI/T6iys812rMXqHPU/0fo5lEn01iT4cnV+6xvno71K/civ5w9R2QpSMlc
kEd3lZekCYNTaxettZKWCg3iqEmqzrBs42ydoyYWemNd
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:22:45 2025 by rpki-client