Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/k9MSXW-gwqxibYaGqvmEGMQ5eG4.roa
File: k9MSXW-gwqxibYaGqvmEGMQ5eG4.roa (raw, json)
Hash identifier: ohh3OqwtBldI73NPw2zFaKtKZqi31QVEO+9nBhCt2YY=
Subject key identifier: 93:D3:12:5D:6F:A0:C2:AC:62:6D:86:86:AA:F9:84:18:C4:39:78:6E
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067ED421279A04CEFD1CF36632EDC47
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/k9MSXW-gwqxibYaGqvmEGMQ5eG4.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203283
IP address blocks: 2a12:3fc2:1b00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ed:42:12:79:a0:4c:ef:d1:cf:36:63:2e:dc:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93d3125d6fa0c2ac626d8686aaf98418c439786e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c1:22:ff:88:3c:1d:c3:49:22:eb:d6:4b:72:
4d:0a:d8:d9:65:28:01:cb:06:9a:8d:72:e6:d3:45:
05:7b:82:0e:ec:5f:e5:c0:49:4c:63:85:5d:86:8a:
61:07:11:a2:58:2f:1f:08:c9:7e:58:9c:37:83:66:
af:fb:d2:f0:b3:54:a2:e1:ed:8b:cd:48:e2:1f:3a:
eb:2b:1f:32:04:9f:21:9a:b8:b9:1c:fe:d5:39:0b:
4c:85:37:b7:b7:40:6f:59:0e:78:cf:9f:ac:91:22:
9e:bc:d0:bc:e2:f9:e5:96:f3:df:a8:2b:da:05:f0:
aa:2f:33:f5:58:e9:3a:6f:93:b4:da:1e:5f:a9:f9:
a8:29:81:fa:61:13:2a:c2:5d:ab:3b:36:10:20:8b:
fb:d8:2f:e2:2c:07:dd:81:c8:b0:f0:43:0b:b6:66:
0b:9f:dc:22:d9:58:e0:91:6a:5c:6c:7c:ce:05:9d:
02:e6:fd:35:c8:1a:31:e9:3d:2c:6a:4c:0b:04:13:
3e:70:42:57:5b:e8:b6:52:47:c0:bb:64:df:bc:ec:
de:31:08:1c:94:38:ea:49:5f:bc:53:88:f9:ca:70:
07:e0:30:75:45:af:e8:4b:68:fd:cf:1c:df:86:26:
82:40:ac:e7:c7:f7:f5:f5:4a:31:af:83:1e:fc:1b:
5a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D3:12:5D:6F:A0:C2:AC:62:6D:86:86:AA:F9:84:18:C4:39:78:6E
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/k9MSXW-gwqxibYaGqvmEGMQ5eG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:1b00::/40
Signature Algorithm: sha256WithRSAEncryption
c8:ab:f9:53:e0:81:f3:69:91:e7:53:82:1e:df:d0:d6:24:c8:
3b:70:29:19:f4:d2:58:34:c7:ca:7c:36:8f:58:4a:56:31:41:
da:0d:d9:73:6f:4e:be:3b:0b:ec:69:9c:84:b9:f4:86:90:38:
65:81:2c:98:c5:bc:e1:ed:f0:ca:22:4b:82:2b:d3:16:d7:35:
be:6e:2c:41:6d:d1:ea:42:e2:38:fd:75:49:c1:f1:f3:57:ad:
91:7d:73:ac:9c:e1:75:51:e8:1f:b2:36:9d:4c:17:6d:8a:67:
ee:22:9a:5f:9f:1c:84:20:ca:38:6a:93:0d:45:2d:d1:35:ef:
29:a6:20:63:2c:4b:a8:df:9f:96:ed:41:16:03:13:15:d7:09:
05:89:73:8d:43:05:ce:3b:b6:c2:be:9a:b7:98:2b:aa:8a:64:
94:41:7e:6f:27:1b:f9:08:5e:0d:d1:3e:eb:8a:7d:42:6f:51:
4f:37:8a:a9:88:56:6f:95:ae:15:8a:10:9a:bc:fb:b5:bd:1f:
ca:cd:e6:fc:7d:1d:42:50:c4:12:d5:65:22:1b:af:d1:e3:d1:
33:99:1d:a5:0f:20:58:bf:09:ff:d3:42:06:bb:37:e6:0d:a4:
4e:0d:c5:a0:13:dd:f6:15:4b:8f:a3:53:00:b2:bf:4c:fd:2e:
b2:95:b4:00
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQgZ+1CEnmgTO/RzzZjLtxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2QzMTI1ZDZmYTBjMmFjNjI2ZDg2ODZhYWY5ODQxOGM0Mzk3ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcEi/4g8HcNJIuvWS3JNCtjZZSgB
ywaajXLm00UFe4IO7F/lwElMY4VdhophBxGiWC8fCMl+WJw3g2av+9Lws1Si4e2L
zUjiHzrrKx8yBJ8hmri5HP7VOQtMhTe3t0BvWQ54z5+skSKevNC84vnllvPfqCva
BfCqLzP1WOk6b5O02h5fqfmoKYH6YRMqwl2rOzYQIIv72C/iLAfdgciw8EMLtmYL
n9wi2VjgkWpcbHzOBZ0C5v01yBox6T0sakwLBBM+cEJXW+i2UkfAu2TfvOzeMQgc
lDjqSV+8U4j5ynAH4DB1Ra/oS2j9zxzfhiaCQKznx/f19Uoxr4Me/BtaawIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJPTEl1voMKsYm2Ghqr5hBjEOXhuMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvazlNU1hXLWd3cXhpYllhR3F2bUVHTVE1ZUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/whsw
DQYJKoZIhvcNAQELBQADggEBAMir+VPggfNpkedTgh7f0NYkyDtwKRn00lg0x8p8
No9YSlYxQdoN2XNvTr47C+xpnIS59IaQOGWBLJjFvOHt8MoiS4Ir0xbXNb5uLEFt
0epC4jj9dUnB8fNXrZF9c6yc4XVR6B+yNp1MF22KZ+4iml+fHIQgyjhqkw1FLdE1
7ymmIGMsS6jfn5btQRYDExXXCQWJc41DBc47tsK+mreYK6qKZJRBfm8nG/kIXg3R
PuuKfUJvUU83iqmIVm+VrhWKEJq8+7W9H8rN5vx9HUJQxBLVZSIbr9Hj0TOZHaUP
IFi/Cf/TQga7N+YNpE4NxaAT3fYVS4+jUwCyv0z9LrKVtAA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:39 2025 by rpki-client