Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ndVpFTiV-032z1oLz_wixEvXGiw.roa
File: ndVpFTiV-032z1oLz_wixEvXGiw.roa (raw, json)
Hash identifier: /HnhEZMMk7Eh52x99XbC/u8H+8NvDyXM8aky5jw29mA=
Subject key identifier: 9D:D5:69:15:38:95:FB:4D:F6:CF:5A:0B:CF:FC:22:C4:4B:D7:1A:2C
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 01942445458B5985399FA22BB83E684BCEF3
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ndVpFTiV-032z1oLz_wixEvXGiw.roa
Signing time: Wed 01 Jan 2025 23:48:27 +0000
ROA not before: Wed 01 Jan 2025 23:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208249
IP address blocks: 2a0b:6b83::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:45:8b:59:85:39:9f:a2:2b:b8:3e:68:4b:ce:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 23:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dd569153895fb4df6cf5a0bcffc22c44bd71a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:7d:57:0c:90:2a:46:3d:a4:99:d6:f2:d7:
5a:9e:5f:fc:5e:ec:25:71:8a:54:c9:de:89:12:56:
c3:c9:5c:69:dc:f7:8f:dd:47:ab:a2:13:62:1d:73:
b5:3f:18:cd:4d:69:b3:ab:c6:54:55:b6:d0:db:eb:
c2:66:09:12:e8:31:0c:1d:19:00:f8:dd:6e:f0:44:
8a:27:b3:a6:04:8b:6f:3d:b4:a2:bf:72:d0:03:d0:
b9:44:d1:10:53:37:b0:80:91:61:17:8b:bd:d3:91:
66:2f:83:b2:43:2b:5d:6e:f0:1a:e4:68:fc:44:15:
4f:09:47:69:a6:f3:f6:b9:a7:f6:63:3a:54:4b:96:
0f:e4:eb:d7:74:54:ff:c0:58:c1:43:ce:fd:fb:61:
ee:63:b9:5d:3f:31:f0:70:8b:31:66:b3:16:56:7f:
d9:f6:d1:82:0b:b5:d2:cb:42:3c:97:3b:d5:4b:78:
0e:60:4b:97:4f:15:13:92:ef:c7:5b:2f:f2:27:56:
a1:2b:29:dc:15:3b:36:2a:65:ea:e6:75:77:84:4c:
48:08:38:a8:c1:9c:98:a4:67:92:b3:e1:5c:22:a9:
91:f7:49:76:7a:ef:09:ff:4b:d4:95:fe:45:d5:95:
26:76:73:c7:bf:01:5b:71:b5:15:d7:bc:01:a4:57:
55:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D5:69:15:38:95:FB:4D:F6:CF:5A:0B:CF:FC:22:C4:4B:D7:1A:2C
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/ndVpFTiV-032z1oLz_wixEvXGiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b83::/32
Signature Algorithm: sha256WithRSAEncryption
5f:93:ea:33:7a:a7:8f:fc:f1:56:b0:05:2c:0b:47:93:25:38:
38:20:28:41:2b:06:93:83:a2:9a:93:ef:7a:e6:9a:a9:0a:97:
4f:47:4e:eb:4f:7b:74:1e:4d:af:1f:94:a9:66:19:ef:c8:b7:
05:7f:1a:d9:d6:33:e8:e7:69:cb:bc:35:71:02:3e:a9:18:0e:
e3:4c:62:a2:97:ae:25:cd:0e:c6:41:b1:d4:f9:49:65:44:4b:
7d:38:fb:0d:9f:e6:58:66:11:bc:ba:d3:f3:7e:f8:d4:f9:75:
2b:ea:6b:02:34:70:ec:4d:85:9b:a0:2a:3d:83:2d:ff:47:a6:
71:75:93:b8:09:5d:70:f3:29:be:4b:fb:1a:b5:3b:f5:a3:fb:
67:3f:cd:0e:95:da:32:bd:77:65:75:fc:21:6d:85:cd:c2:af:
a5:69:eb:77:9a:34:f8:0d:e2:b2:a5:f4:3a:0b:1a:30:cc:2d:
d1:9e:eb:67:34:78:e3:6b:e0:ef:87:ff:33:18:3f:b5:19:e6:
2c:b7:20:e5:76:e7:66:0c:1b:5a:1e:69:02:37:2c:cb:02:9f:
b6:d3:9e:eb:bd:16:1b:e1:3f:93:58:93:85:c1:84:6f:aa:b7:
23:08:8c:8b:7d:8e:80:5a:ac:92:26:39:33:63:d8:8a:f7:6d:
df:ae:de:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQkRUWLWYU5n6IruD5oS87zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwMTAxMjM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQ1NjkxNTM4OTVmYjRkZjZjZjVhMGJjZmZjMjJjNDRiZDcxYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgB9VwyQKkY9pJnW8tdanl/8Xuwl
cYpUyd6JElbDyVxp3PeP3UerohNiHXO1PxjNTWmzq8ZUVbbQ2+vCZgkS6DEMHRkA
+N1u8ESKJ7OmBItvPbSiv3LQA9C5RNEQUzewgJFhF4u905FmL4OyQytdbvAa5Gj8
RBVPCUdppvP2uaf2YzpUS5YP5OvXdFT/wFjBQ879+2HuY7ldPzHwcIsxZrMWVn/Z
9tGCC7XSy0I8lzvVS3gOYEuXTxUTku/HWy/yJ1ahKyncFTs2KmXq5nV3hExICDio
wZyYpGeSs+FcIqmR90l2eu8J/0vUlf5F1ZUmdnPHvwFbcbUV17wBpFdVZwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJ3VaRU4lftN9s9aC8/8IsRL1xosMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvbmRWcEZUaVYtMDMyejFvTHpfd2l4RXZYR2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgtrgzAN
BgkqhkiG9w0BAQsFAAOCAQEAX5PqM3qnj/zxVrAFLAtHkyU4OCAoQSsGk4OimpPv
euaaqQqXT0dO6097dB5Nrx+UqWYZ78i3BX8a2dYz6Odpy7w1cQI+qRgO40xiopeu
Jc0OxkGx1PlJZURLfTj7DZ/mWGYRvLrT83741Pl1K+prAjRw7E2Fm6AqPYMt/0em
cXWTuAldcPMpvkv7GrU79aP7Zz/NDpXaMr13ZXX8IW2FzcKvpWnrd5o0+A3isqX0
OgsaMMwt0Z7rZzR442vg74f/Mxg/tRnmLLcg5XbnZgwbWh5pAjcsywKfttOe670W
G+E/k1iThcGEb6q3IwiMi32OgFqskiY5M2PYivdt367eVg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:51:00 2025 by rpki-client