Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/1d9PCrI-4OIWZHlndWAF-BFZeRg.roa
File: 1d9PCrI-4OIWZHlndWAF-BFZeRg.roa (raw, json)
Hash identifier: Iw4tosd5c4tKjF6tKkdj+Nm6L4yubj6pDN7RhIdr5OM=
Subject key identifier: D5:DF:4F:0A:B2:3E:E0:E2:16:64:79:67:75:60:05:F8:11:59:79:18
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 01941F8C77CDB5DA66ECCB8CE493F50D0C43
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/1d9PCrI-4OIWZHlndWAF-BFZeRg.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 2a07:2902:400::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:77:cd:b5:da:66:ec:cb:8c:e4:93:f5:0d:0c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5df4f0ab23ee0e216647967756005f811597918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:78:b1:cb:c4:af:c9:8b:56:60:e5:f6:e6:46:
01:02:a7:bd:b7:e0:fa:d6:f0:00:81:ac:0e:53:d0:
57:14:00:ba:d2:8e:7a:d1:46:58:bf:3d:9c:1b:94:
13:c8:f7:b9:03:64:dd:66:20:a0:d1:29:09:9b:9a:
c2:f9:38:c5:c9:1d:75:11:95:11:dd:71:04:6b:fe:
da:df:96:cd:2a:63:c2:98:88:ce:6b:a3:39:79:dc:
5f:64:41:77:54:1e:5d:45:d7:a4:98:35:a3:f5:c9:
56:95:38:ff:cf:69:27:b5:84:b5:60:17:d3:30:e3:
63:3e:52:91:27:f6:66:88:99:e7:f5:e0:e0:f0:42:
cb:c7:a9:05:f0:29:40:88:37:3c:50:83:1c:71:da:
bc:1d:ce:5e:7f:61:65:60:65:86:32:b1:0b:ea:6a:
4d:ea:c7:72:e6:55:d8:61:91:14:4f:5e:2e:e3:21:
e6:9b:34:83:84:1f:6c:dd:b1:f8:80:08:7a:23:8f:
0e:e5:ad:d3:9a:fa:a8:6a:2a:aa:ec:5c:9a:fb:9b:
d5:93:39:ab:85:93:96:29:26:68:c9:25:87:1f:a2:
09:51:5f:4b:3d:ff:b7:77:0a:aa:3a:ea:78:28:1b:
4c:fc:8b:c0:4a:5a:5d:75:d9:e4:2c:8f:9b:16:38:
6a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DF:4F:0A:B2:3E:E0:E2:16:64:79:67:75:60:05:F8:11:59:79:18
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/1d9PCrI-4OIWZHlndWAF-BFZeRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2902:400::/38
Signature Algorithm: sha256WithRSAEncryption
51:37:9a:08:27:22:0d:eb:2e:7d:a5:7c:2d:fd:07:94:4a:e8:
81:7d:28:82:25:26:64:ab:03:29:d2:e8:10:00:60:40:d0:b7:
cf:99:87:d0:1e:8f:4e:d6:ee:2e:7b:fe:7c:14:f9:72:4e:cc:
a3:19:c1:3e:75:46:fb:08:32:6c:a4:8b:dd:bb:53:c4:32:c0:
61:58:5d:55:00:d4:43:d9:7b:78:80:6d:63:d7:f7:8e:3a:a8:
68:84:b5:8e:71:9e:d8:59:82:33:b2:57:7b:31:2e:55:e2:88:
27:a6:06:b5:1c:86:12:b1:9f:80:d3:97:87:b7:a4:91:54:68:
12:a9:a2:26:d3:2f:75:f1:8d:1c:4f:57:6b:d3:c5:50:6a:2b:
6c:4f:08:72:3d:0f:70:07:55:f0:60:9b:1c:dd:12:4e:e2:83:
4a:5c:bd:ff:e3:e6:f3:09:e6:6b:04:a5:3b:4e:f0:9a:e3:12:
d5:cf:41:82:b8:92:7c:ba:d5:1f:34:97:ba:f7:1a:f8:ce:88:
01:b0:de:f9:24:8e:1a:30:ea:9c:d2:5c:9e:ec:10:73:cd:47:
0c:bf:bb:af:aa:a2:86:0d:7a:73:c4:82:3a:7f:fb:dd:3a:d0:
7e:9b:48:df:8f:c2:fc:60:42:7f:d2:59:39:23:78:a5:48:72:
a5:7d:2a:19
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQfjHfNtdpm7MuM5JP1DQxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRmNGYwYWIyM2VlMGUyMTY2NDc5Njc3NTYwMDVmODExNTk3OTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunixy8SvyYtWYOX25kYBAqe9t+D6
1vAAgawOU9BXFAC60o560UZYvz2cG5QTyPe5A2TdZiCg0SkJm5rC+TjFyR11EZUR
3XEEa/7a35bNKmPCmIjOa6M5edxfZEF3VB5dRdekmDWj9clWlTj/z2kntYS1YBfT
MONjPlKRJ/ZmiJnn9eDg8ELLx6kF8ClAiDc8UIMccdq8Hc5ef2FlYGWGMrEL6mpN
6sdy5lXYYZEUT14u4yHmmzSDhB9s3bH4gAh6I48O5a3Tmvqoaiqq7Fya+5vVkzmr
hZOWKSZoySWHH6IJUV9LPf+3dwqqOup4KBtM/IvASlpdddnkLI+bFjhqHQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNXfTwqyPuDiFmR5Z3VgBfgRWXkYMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvMWQ5UENySS00T0lXWkhsbmRXQUYtQkZaZVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgcpAgQw
DQYJKoZIhvcNAQELBQADggEBAFE3mggnIg3rLn2lfC39B5RK6IF9KIIlJmSrAynS
6BAAYEDQt8+Zh9Aej07W7i57/nwU+XJOzKMZwT51RvsIMmyki927U8QywGFYXVUA
1EPZe3iAbWPX9446qGiEtY5xnthZgjOyV3sxLlXiiCemBrUchhKxn4DTl4e3pJFU
aBKpoibTL3XxjRxPV2vTxVBqK2xPCHI9D3AHVfBgmxzdEk7ig0pcvf/j5vMJ5msE
pTtO8JrjEtXPQYK4kny61R80l7r3GvjOiAGw3vkkjhow6pzSXJ7sEHPNRwy/u6+q
ooYNenPEgjp/+9060H6bSN+PwvxgQn/SWTkjeKVIcqV9Khk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:04:06 2025 by rpki-client