Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/96xTVDPKRjN-O0PfPVpNshJbAwo.roa
File: 96xTVDPKRjN-O0PfPVpNshJbAwo.roa (raw, json)
Hash identifier: xScP5Vh9VivCStLT6wqcXV0sFzZUBD/iH+Z111ZV0tc=
Subject key identifier: F7:AC:53:54:33:CA:46:33:7E:3B:43:DF:3D:5A:4D:B2:12:5B:03:0A
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5DE88C63111BB8C9CC9133A8AFAC9
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/96xTVDPKRjN-O0PfPVpNshJbAwo.roa
Signing time: Wed 01 Jan 2025 07:47:54 +0000
ROA not before: Wed 01 Jan 2025 07:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214168
IP address blocks: 2a09:1a00::/29 maxlen: 29
2a09:3a80::/29 maxlen: 29
2a0e:f740::/29 maxlen: 29
2a12:3c0::/29 maxlen: 29
2a12:a880::/29 maxlen: 29
2a12:e700::/29 maxlen: 29
2a12:ed80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:de:88:c6:31:11:bb:8c:9c:c9:13:3a:8a:fa:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7ac535433ca46337e3b43df3d5a4db2125b030a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:80:62:6f:03:27:24:0a:86:e8:1b:a8:4b:a9:
25:ca:8f:9d:af:39:e3:36:f6:02:f8:83:45:e8:fe:
c2:90:d3:6b:f1:6a:c6:69:df:c1:1e:e1:86:5e:4c:
3f:7b:31:38:a1:ca:84:f0:df:40:52:67:05:a2:ab:
20:9c:03:ee:0a:ee:10:f5:93:72:e2:f6:71:b6:62:
30:dc:ff:3a:c9:06:54:c8:2a:5b:f8:9a:3f:be:b9:
1d:77:8e:69:ce:83:b6:24:52:ce:3b:40:fc:22:3e:
d9:66:f0:cb:0c:36:f8:20:dd:3a:74:46:2f:88:cd:
66:9e:8c:7a:f8:67:c7:0a:5f:fc:25:23:0a:1a:74:
d8:08:aa:ce:f8:17:ff:eb:de:9d:f1:55:c3:e3:c6:
48:e1:3e:f4:a5:07:bb:12:d6:d5:22:6d:0d:1a:bf:
66:47:dc:57:17:69:22:45:a2:ed:f3:cb:a1:2c:14:
a1:64:56:4b:56:f9:47:18:f6:0a:f8:61:03:28:d8:
0a:76:5f:f9:75:45:9e:d7:8f:76:a3:5c:f8:19:27:
a5:6e:89:91:79:3d:ab:20:42:94:de:a9:c0:06:7e:
6c:ab:19:7f:f2:7f:a6:a7:e9:71:95:d6:37:cb:c1:
b1:cb:63:56:79:6f:fe:9f:69:ce:ff:ef:5e:9d:20:
b6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AC:53:54:33:CA:46:33:7E:3B:43:DF:3D:5A:4D:B2:12:5B:03:0A
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/96xTVDPKRjN-O0PfPVpNshJbAwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:1a00::/29
2a09:3a80::/29
2a0e:f740::/29
2a12:3c0::/29
2a12:a880::/29
2a12:e700::/29
2a12:ed80::/29
Signature Algorithm: sha256WithRSAEncryption
a7:c5:9e:d0:81:0e:b7:55:fe:58:b6:ba:9f:b7:48:0c:68:4a:
16:af:f1:87:0b:9b:38:a0:26:e1:ac:7c:ab:9d:9a:9b:a7:49:
37:10:db:67:06:09:24:14:cb:a9:27:0c:90:81:1e:83:9f:be:
f4:15:e6:35:e1:40:6d:85:94:e8:c1:39:7b:ce:26:6f:f3:f2:
48:42:93:3c:3b:8a:e0:1d:19:a4:a4:0b:33:69:2c:b8:93:56:
0d:c3:b5:fe:88:07:14:21:b2:dc:da:45:71:2b:7c:3f:f4:dc:
c4:97:68:20:c4:3d:ae:7d:ee:4b:9c:85:dc:c0:d0:fb:48:a6:
0c:16:e5:90:8e:30:0d:57:b0:77:2b:5e:85:c5:fd:29:08:39:
39:6b:f8:ab:8e:28:ad:97:1a:9a:72:87:2b:ae:4c:94:d5:43:
eb:87:df:ce:f5:f4:8b:fd:60:a8:06:e7:5e:a3:42:b1:95:72:
fe:c7:a2:e5:f6:aa:4b:14:81:ee:86:ae:44:ed:fa:c8:f7:23:
5a:47:da:d8:52:f2:8b:a2:1d:6e:4c:40:41:22:76:79:36:3d:
65:97:a8:0c:18:4e:93:03:44:0b:35:3f:89:e8:c1:53:22:8b:
58:44:40:a9:90:1e:d7:db:a5:01:94:63:d5:0d:0c:60:92:8e:
95:7b:59:2b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZQg1d6IxjERu4ycyRM6ivrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FjNTM1NDMzY2E0NjMzN2UzYjQzZGYzZDVhNGRiMjEyNWIwMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoBibwMnJAqG6BuoS6klyo+drznj
NvYC+INF6P7CkNNr8WrGad/BHuGGXkw/ezE4ocqE8N9AUmcFoqsgnAPuCu4Q9ZNy
4vZxtmIw3P86yQZUyCpb+Jo/vrkdd45pzoO2JFLOO0D8Ij7ZZvDLDDb4IN06dEYv
iM1mnox6+GfHCl/8JSMKGnTYCKrO+Bf/696d8VXD48ZI4T70pQe7EtbVIm0NGr9m
R9xXF2kiRaLt88uhLBShZFZLVvlHGPYK+GEDKNgKdl/5dUWe1492o1z4GSelbomR
eT2rIEKU3qnABn5sqxl/8n+mp+lxldY3y8Gxy2NWeW/+n2nO/+9enSC2TQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPesU1QzykYzfjtD3z1aTbISWwMKMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvOTZ4VFZEUEtSak4tTzBQZlBWcE5zaEpiQXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgkaAAMF
AyoJOoADBQMqDvdAAwUDKhIDwAMFAyoSqIADBQMqEucAAwUDKhLtgDANBgkqhkiG
9w0BAQsFAAOCAQEAp8We0IEOt1X+WLa6n7dIDGhKFq/xhwubOKAm4ax8q52am6dJ
NxDbZwYJJBTLqScMkIEeg5++9BXmNeFAbYWU6ME5e84mb/PySEKTPDuK4B0ZpKQL
M2ksuJNWDcO1/ogHFCGy3NpFcSt8P/TcxJdoIMQ9rn3uS5yF3MDQ+0imDBblkI4w
DVewdytehcX9KQg5OWv4q44orZcamnKHK65MlNVD64ffzvX0i/1gqAbnXqNCsZVy
/sei5faqSxSB7oauRO36yPcjWkfa2FLyi6IdbkxAQSJ2eTY9ZZeoDBhOkwNECzU/
iejBUyKLWERAqZAe19ulAZRj1Q0MYJKOlXtZKw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:54:54 2025 by rpki-client