Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/PjDGJnV8bA-YxtE9UzyGXDTtzoM.roa
File: PjDGJnV8bA-YxtE9UzyGXDTtzoM.roa (raw, json)
Hash identifier: 86bz/n2g96Qge58Du1MfgRD/8BFndLvyDPrpqOadpBA=
Subject key identifier: 3E:30:C6:26:75:7C:6C:0F:98:C6:D1:3D:53:3C:86:5C:34:ED:CE:83
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 01941FFAA4A92868FBD2F3EA82B2401CA4AA
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/PjDGJnV8bA-YxtE9UzyGXDTtzoM.roa
Signing time: Wed 01 Jan 2025 03:48:27 +0000
ROA not before: Wed 01 Jan 2025 03:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29588
IP address blocks: 2a00:f440:a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:a4:a9:28:68:fb:d2:f3:ea:82:b2:40:1c:a4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 03:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e30c626757c6c0f98c6d13d533c865c34edce83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f7:73:4b:c7:f4:7e:b2:56:9b:0b:b0:4b:20:
88:96:32:75:63:3e:6b:3f:a2:ad:0e:94:99:2c:64:
c8:e7:a4:8b:63:b9:ef:5a:4c:d5:d4:a9:24:c2:33:
db:00:ea:42:4c:ba:fe:57:b0:35:62:d6:2f:8b:eb:
bb:96:17:9e:af:14:a2:e9:b3:0c:43:1c:02:ba:5c:
21:ec:6c:b7:44:11:c1:f1:69:38:b7:67:6a:90:99:
bd:eb:b8:39:29:5e:29:f2:e2:0e:5b:2d:0f:a2:14:
d2:34:41:31:03:ee:81:05:cf:78:26:69:81:ca:82:
a9:e8:ce:b0:41:72:fd:74:b6:de:1c:30:b1:e3:59:
f5:ef:e4:61:b6:20:d5:1a:94:00:05:f3:62:00:1a:
ac:80:83:a8:9f:af:74:83:10:c1:56:5b:7a:9c:7c:
b1:80:7c:0f:c1:08:ab:7d:3b:78:67:d7:de:8d:d3:
cb:77:8d:7c:9f:02:cc:e4:03:5f:36:ba:23:96:06:
83:b6:b0:91:4f:d8:5d:4c:f2:2e:42:78:2e:a5:bd:
da:bf:c9:8a:73:42:4f:90:92:ef:97:20:ee:e0:a2:
45:48:71:87:00:50:f4:47:71:bb:ce:e2:cf:5f:b4:
32:52:60:be:f5:f4:c1:47:01:64:0e:b2:fd:dc:72:
c3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:30:C6:26:75:7C:6C:0F:98:C6:D1:3D:53:3C:86:5C:34:ED:CE:83
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/PjDGJnV8bA-YxtE9UzyGXDTtzoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:f440:a::/48
Signature Algorithm: sha256WithRSAEncryption
9d:6f:7a:28:0c:48:f1:81:1c:8f:43:a7:89:3d:5d:db:e3:71:
9f:dd:7a:42:b6:f5:7b:27:9a:e0:94:d7:d8:77:8a:6d:48:0a:
d3:e8:e3:66:64:77:98:a9:0a:c4:25:6a:8f:a6:1a:41:df:9c:
fa:55:ce:e4:1e:8e:22:6f:20:1c:0a:c4:36:10:4f:f8:ee:a4:
61:e9:2e:16:7a:4d:56:db:b8:b7:76:38:b6:21:93:c9:56:6f:
e8:c3:09:db:d7:8e:fe:9b:fe:96:c6:cf:be:2c:00:81:ca:4d:
f9:9a:25:95:d7:3d:b3:f9:91:02:64:57:d5:e5:e6:f0:44:3c:
9a:35:07:f2:cd:53:53:73:c8:90:b2:ae:50:29:1f:6a:7b:f6:
a0:80:47:5a:be:3b:f1:19:0b:37:15:ab:5a:63:bc:46:3c:f6:
69:99:f2:cd:5f:ff:71:16:de:45:e3:ca:7e:40:00:f4:63:41:
9f:42:bb:1d:25:30:44:08:2d:6d:4d:b1:07:e8:e9:42:cb:d7:
7e:e4:ff:ad:4b:97:e4:e1:41:45:14:49:83:10:20:8a:a0:e2:
3a:f7:bc:69:21:b6:3c:b4:ef:c3:e5:a5:b5:55:35:45:82:b4:
4b:6f:6c:e8:97:1b:cb:9b:20:e2:61:90:14:cb:27:51:90:be:
9c:8a:17:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+qSpKGj70vPqgrJAHKSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjUwMTAxMDM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTMwYzYyNjc1N2M2YzBmOThjNmQxM2Q1MzNjODY1YzM0ZWRjZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/dzS8f0frJWmwuwSyCIljJ1Yz5r
P6KtDpSZLGTI56SLY7nvWkzV1KkkwjPbAOpCTLr+V7A1YtYvi+u7lheerxSi6bMM
QxwCulwh7Gy3RBHB8Wk4t2dqkJm967g5KV4p8uIOWy0PohTSNEExA+6BBc94JmmB
yoKp6M6wQXL9dLbeHDCx41n17+RhtiDVGpQABfNiABqsgIOon690gxDBVlt6nHyx
gHwPwQirfTt4Z9fejdPLd418nwLM5ANfNrojlgaDtrCRT9hdTPIuQngupb3av8mK
c0JPkJLvlyDu4KJFSHGHAFD0R3G7zuLPX7QyUmC+9fTBRwFkDrL93HLDIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD4wxiZ1fGwPmMbRPVM8hlw07c6DMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvUGpER0puVjhiQS1ZeHRFOVV6eUdYRFR0em9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgD0QAAK
MA0GCSqGSIb3DQEBCwUAA4IBAQCdb3ooDEjxgRyPQ6eJPV3b43Gf3XpCtvV7J5rg
lNfYd4ptSArT6ONmZHeYqQrEJWqPphpB35z6Vc7kHo4ibyAcCsQ2EE/47qRh6S4W
ek1W27i3dji2IZPJVm/owwnb147+m/6Wxs++LACByk35miWV1z2z+ZECZFfV5ebw
RDyaNQfyzVNTc8iQsq5QKR9qe/aggEdavjvxGQs3FataY7xGPPZpmfLNX/9xFt5F
48p+QAD0Y0GfQrsdJTBECC1tTbEH6OlCy9d+5P+tS5fk4UFFFEmDECCKoOI697xp
IbY8tO/D5aW1VTVFgrRLb2zolxvLmyDiYZAUyydRkL6cihdN
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:42:13 2025 by rpki-client