Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/NZS2Ipchg2nhjy9FYCa-tr7edgc.roa
File: NZS2Ipchg2nhjy9FYCa-tr7edgc.roa (raw, json)
Hash identifier: J91+10sEZiq3a/L3jz4R1QTQGfsCXE1VL5KiBPRPpK8=
Subject key identifier: 35:94:B6:22:97:21:83:69:E1:8F:2F:45:60:26:BE:B6:BE:DE:76:07
Certificate issuer: /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial: 0194228D41C78E06DC929DF8F5557EAF519D
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/NZS2Ipchg2nhjy9FYCa-tr7edgc.roa
Signing time: Wed 01 Jan 2025 15:47:50 +0000
ROA not before: Wed 01 Jan 2025 15:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 2a0d:2146:848a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:41:c7:8e:06:dc:92:9d:f8:f5:55:7e:af:51:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Validity
Not Before: Jan 1 15:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3594b62297218369e18f2f456026beb6bede7607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a8:d7:29:39:4f:2a:a8:4a:ab:61:a6:9b:12:
ad:80:3e:ab:10:46:db:eb:3e:a3:69:79:27:72:80:
25:7c:00:a5:07:c0:ca:0a:4b:39:52:3d:e9:14:bf:
b8:d1:38:dc:06:18:51:e1:11:b9:d5:28:a7:ba:3f:
e8:90:ba:84:28:5d:d2:9c:86:7a:58:89:42:b1:cb:
d8:57:86:d2:9a:3c:57:f3:64:82:2a:c1:94:f0:5b:
a1:53:ce:63:a8:6c:b8:d8:9c:b3:3a:1f:4b:4a:14:
e3:d4:f5:ad:46:87:7f:90:b4:25:0a:45:54:c6:be:
0b:23:fd:34:a8:ac:15:4c:b3:0c:44:01:18:e3:e1:
2a:d2:36:c9:fa:b6:00:0d:3b:7d:ef:9d:b9:2a:0a:
66:80:90:b3:9c:7e:4d:6a:a9:46:0f:71:3e:0c:0b:
39:ff:2f:d3:37:05:9f:c4:8b:75:90:16:76:01:da:
03:28:05:36:b5:ed:10:56:f0:7b:31:be:44:06:e4:
fd:e6:af:96:b8:4c:32:1a:4d:fe:42:a0:b6:96:50:
7f:18:ad:ef:dc:f1:88:b6:bc:f0:bd:92:ec:7e:91:
2e:2c:0c:34:0b:c8:68:88:d0:1a:08:37:9c:b8:89:
1d:75:39:4a:1c:aa:15:78:ce:ee:21:06:d2:86:14:
6b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:94:B6:22:97:21:83:69:E1:8F:2F:45:60:26:BE:B6:BE:DE:76:07
X509v3 Authority Key Identifier:
keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/NZS2Ipchg2nhjy9FYCa-tr7edgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:2146:848a::/48
Signature Algorithm: sha256WithRSAEncryption
19:0a:38:bf:59:11:00:80:cf:25:4a:cb:90:a4:fe:1d:f1:29:
e7:f5:c9:78:43:15:95:95:12:e9:cf:e5:1f:06:bf:f3:10:73:
d2:c9:91:90:65:e8:55:24:4a:92:36:8e:89:cb:df:cb:97:f2:
a1:c8:a8:42:e2:c3:89:43:68:c6:05:43:5b:7a:cc:d2:10:b7:
27:69:f8:f7:88:f8:56:5c:65:60:0f:67:3b:bb:69:0a:28:34:
04:a7:ff:e0:55:4d:18:e9:a7:05:9d:ce:f3:e6:6c:2e:b5:af:
d4:af:b5:54:84:96:9f:3e:69:19:ee:be:b8:94:82:72:08:03:
ea:e2:e1:3b:2d:c5:e5:c9:85:00:bc:04:89:81:84:c3:ac:e5:
11:7d:b6:52:98:f2:b1:f8:90:f3:8d:d7:28:c3:a1:e5:cf:6e:
2e:78:42:c7:f5:f4:42:c0:8c:a9:15:df:b2:1d:17:aa:8b:e9:
04:89:20:77:f6:9d:d4:a0:5c:54:1a:bf:25:dd:3e:8f:5c:e5:
84:07:60:c0:1a:22:3e:5c:82:44:2f:6a:7a:d0:2f:ab:bb:95:
5f:96:20:4d:cb:91:0e:df:09:69:3a:fe:bb:17:79:bd:ba:e8:
09:49:25:81:8c:32:6e:92:34:1b:85:e6:b3:d5:38:74:ef:19:
10:75:02:43
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijUHHjgbckp349VV+r1GdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjUwMTAxMTU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTk0YjYyMjk3MjE4MzY5ZTE4ZjJmNDU2MDI2YmViNmJlZGU3NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06jXKTlPKqhKq2GmmxKtgD6rEEbb
6z6jaXkncoAlfAClB8DKCks5Uj3pFL+40TjcBhhR4RG51Sinuj/okLqEKF3SnIZ6
WIlCscvYV4bSmjxX82SCKsGU8FuhU85jqGy42JyzOh9LShTj1PWtRod/kLQlCkVU
xr4LI/00qKwVTLMMRAEY4+Eq0jbJ+rYADTt97525KgpmgJCznH5NaqlGD3E+DAs5
/y/TNwWfxIt1kBZ2AdoDKAU2te0QVvB7Mb5EBuT95q+WuEwyGk3+QqC2llB/GK3v
3PGItrzwvZLsfpEuLAw0C8hoiNAaCDecuIkddTlKHKoVeM7uIQbShhRrxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDWUtiKXIYNp4Y8vRWAmvra+3nYHMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvTlpTMklwY2hnMm5oank5RllDYS10cjdlZGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0hRoSK
MA0GCSqGSIb3DQEBCwUAA4IBAQAZCji/WREAgM8lSsuQpP4d8Snn9cl4QxWVlRLp
z+UfBr/zEHPSyZGQZehVJEqSNo6Jy9/Ll/KhyKhC4sOJQ2jGBUNbeszSELcnafj3
iPhWXGVgD2c7u2kKKDQEp//gVU0Y6acFnc7z5mwuta/Ur7VUhJafPmkZ7r64lIJy
CAPq4uE7LcXlyYUAvASJgYTDrOURfbZSmPKx+JDzjdcow6Hlz24ueELH9fRCwIyp
Fd+yHReqi+kEiSB39p3UoFxUGr8l3T6PXOWEB2DAGiI+XIJEL2p60C+ru5VfliBN
y5EO3wlpOv67F3m9uugJSSWBjDJukjQbheaz1Th07xkQdQJD
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:19:27 2025 by rpki-client