Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/936cbb-bac4-4fde-8def-febc1ed3ceba/1/9WfLA6QHajuACG9zKGXgXI_fnBU.roa
File: 9WfLA6QHajuACG9zKGXgXI_fnBU.roa (raw, json)
Hash identifier: aTvWSmVYrhk52fn4L1rzEuUOw3+xRp2a5jHVVtBFY4o=
Subject key identifier: F5:67:CB:03:A4:07:6A:3B:80:08:6F:73:28:65:E0:5C:8F:DF:9C:15
Certificate issuer: /CN=89edfa414944d010ac69ee5bfb22773b24b27efb
Certificate serial: 019426D9EE1ECB2A14F2F3F073538785AAA4
Authority key identifier: 89:ED:FA:41:49:44:D0:10:AC:69:EE:5B:FB:22:77:3B:24:B2:7E:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ie36QUlE0BCsae5b-yJ3OySyfvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/936cbb-bac4-4fde-8def-febc1ed3ceba/1/9WfLA6QHajuACG9zKGXgXI_fnBU.roa
Signing time: Thu 02 Jan 2025 11:50:03 +0000
ROA not before: Thu 02 Jan 2025 11:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 2a13:3e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ee:1e:cb:2a:14:f2:f3:f0:73:53:87:85:aa:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89edfa414944d010ac69ee5bfb22773b24b27efb
Validity
Not Before: Jan 2 11:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f567cb03a4076a3b80086f732865e05c8fdf9c15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:50:26:e9:7a:1d:3d:67:ab:cc:56:4f:14:1c:
75:4b:c6:21:e2:e8:cf:5b:a4:b0:3e:f8:99:bc:2e:
0a:b0:a9:d1:36:ef:fc:5d:c1:59:f9:a6:a0:00:33:
28:d1:26:9f:4d:21:30:6d:4b:7b:b7:ac:f4:a2:ae:
b7:29:f5:e1:1e:02:58:74:62:22:b9:57:a2:2c:fa:
ee:f8:0e:a8:dd:6f:37:0f:3b:2b:dd:3a:81:73:af:
f3:fa:fc:17:25:1a:e4:7c:e8:f6:23:90:06:6f:86:
92:1f:14:4b:7c:dc:4c:d9:e7:54:ed:7e:98:2b:83:
e0:02:5a:53:14:2a:22:e0:34:1d:0a:a8:0b:84:9e:
98:e7:49:1e:84:5f:26:05:d3:42:fe:3e:f4:7d:54:
36:dc:94:c1:33:d7:c8:1d:f4:91:7b:bd:d7:38:0a:
8d:2e:f5:ca:d1:87:14:2b:7f:4f:1c:16:f9:b4:88:
af:6d:55:d9:2d:c9:2c:de:60:58:8a:9a:54:21:5a:
cb:f9:3e:7d:6a:fb:2f:2e:f8:dd:2e:2e:42:42:5d:
c1:fb:c5:90:ab:91:87:93:61:b3:82:a6:b5:60:e1:
c6:af:c4:80:f9:87:af:ff:5d:d4:30:5e:98:3f:69:
c3:94:08:af:fc:c6:5f:00:37:15:ce:75:25:75:18:
bd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:67:CB:03:A4:07:6A:3B:80:08:6F:73:28:65:E0:5C:8F:DF:9C:15
X509v3 Authority Key Identifier:
keyid:89:ED:FA:41:49:44:D0:10:AC:69:EE:5B:FB:22:77:3B:24:B2:7E:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ie36QUlE0BCsae5b-yJ3OySyfvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/936cbb-bac4-4fde-8def-febc1ed3ceba/1/9WfLA6QHajuACG9zKGXgXI_fnBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/936cbb-bac4-4fde-8def-febc1ed3ceba/1/ie36QUlE0BCsae5b-yJ3OySyfvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3e40::/29
Signature Algorithm: sha256WithRSAEncryption
50:ae:11:fc:70:cd:63:dc:94:a1:99:d2:63:32:f3:aa:d6:3e:
35:12:d1:45:ab:51:d1:c1:ac:9c:fc:6c:91:b0:e7:17:f1:c2:
7b:c5:b9:5c:62:13:a5:2e:69:fd:09:34:07:67:03:47:93:64:
ec:1f:01:5f:d5:51:9a:fc:3c:89:58:23:e1:84:b0:0f:46:49:
89:a4:45:92:41:87:30:24:70:f5:ba:bc:e8:aa:db:ff:07:e9:
15:23:dd:fc:e3:6f:7d:0f:38:1f:46:0e:0d:94:94:c2:7b:18:
52:3d:5a:25:3f:da:dd:46:0c:8e:39:4b:92:ef:fc:d2:ed:38:
c0:6f:ac:a2:82:a0:f9:48:4b:68:c8:1a:92:01:1b:0d:c3:bb:
12:86:f9:7b:6b:ff:ba:9c:74:30:b7:63:87:a5:7e:b0:f8:09:
7f:8e:01:14:b9:85:8b:e2:fd:38:a0:81:d4:f7:89:e6:40:0a:
e3:dd:36:97:e7:23:60:a7:53:ef:c0:44:d2:e1:f3:ff:76:d3:
f0:6a:ad:03:b5:2b:b9:89:6f:1c:aa:48:fd:65:2b:3a:15:1b:
2a:2d:9c:e9:81:12:41:c9:8f:60:56:38:99:ae:0c:33:16:c8:
b2:f0:27:5c:24:8d:69:f9:72:54:dc:73:b3:67:73:94:33:1e:
a7:da:c4:b9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQm2e4eyyoU8vPwc1OHhaqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZWRmYTQxNDk0NGQwMTBhYzY5ZWU1YmZiMjI3NzNiMjRi
MjdlZmIwHhcNMjUwMTAyMTE1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTY3Y2IwM2E0MDc2YTNiODAwODZmNzMyODY1ZTA1YzhmZGY5YzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VAm6XodPWerzFZPFBx1S8Yh4ujP
W6SwPviZvC4KsKnRNu/8XcFZ+aagADMo0SafTSEwbUt7t6z0oq63KfXhHgJYdGIi
uVeiLPru+A6o3W83Dzsr3TqBc6/z+vwXJRrkfOj2I5AGb4aSHxRLfNxM2edU7X6Y
K4PgAlpTFCoi4DQdCqgLhJ6Y50kehF8mBdNC/j70fVQ23JTBM9fIHfSRe73XOAqN
LvXK0YcUK39PHBb5tIivbVXZLcks3mBYippUIVrL+T59avsvLvjdLi5CQl3B+8WQ
q5GHk2Gzgqa1YOHGr8SA+Yev/13UMF6YP2nDlAiv/MZfADcVznUldRi9fwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPVnywOkB2o7gAhvcyhl4FyP35wVMB8GA1UdIwQY
MBaAFInt+kFJRNAQrGnuW/sidzsksn77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWUzNlFVbEUwQkNzYWU1Yi15SjNPeVN5ZnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC85MzZjYmItYmFjNC00ZmRlLThkZWYt
ZmViYzFlZDNjZWJhLzEvOVdmTEE2UUhhanVBQ0c5ektHWGdYSV9mbkJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC85MzZjYmItYmFjNC00ZmRlLThkZWYtZmViYzFlZDNjZWJh
LzEvaWUzNlFVbEUwQkNzYWU1Yi15SjNPeVN5ZnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM+QDAN
BgkqhkiG9w0BAQsFAAOCAQEAUK4R/HDNY9yUoZnSYzLzqtY+NRLRRatR0cGsnPxs
kbDnF/HCe8W5XGITpS5p/Qk0B2cDR5Nk7B8BX9VRmvw8iVgj4YSwD0ZJiaRFkkGH
MCRw9bq86Krb/wfpFSPd/ONvfQ84H0YODZSUwnsYUj1aJT/a3UYMjjlLku/80u04
wG+sooKg+UhLaMgakgEbDcO7Eob5e2v/upx0MLdjh6V+sPgJf44BFLmFi+L9OKCB
1PeJ5kAK4902l+cjYKdT78BE0uHz/3bT8GqtA7UruYlvHKpI/WUrOhUbKi2c6YES
QcmPYFY4ma4MMxbIsvAnXCSNaflyVNxzs2dzlDMep9rEuQ==
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:28:59 2025 by rpki-client