Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/NixiWYmD-vroRsSm1dMfYuXBZWQ.roa
File: NixiWYmD-vroRsSm1dMfYuXBZWQ.roa (raw, json)
Hash identifier: CO9r6UJIKKxiHIlAzYOgJDFF6Cx5kTVMmonckxBJgDA=
Subject key identifier: 36:2C:62:59:89:83:FA:FA:E8:46:C4:A6:D5:D3:1F:62:E5:C1:65:64
Certificate issuer: /CN=9e94d5bf3db7d6734dcf1be622d5fdee2fec3b8f
Certificate serial: 0194258F2A5A5B66AF5FB4B16D2B92C7BD7D
Authority key identifier: 9E:94:D5:BF:3D:B7:D6:73:4D:CF:1B:E6:22:D5:FD:EE:2F:EC:3B:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npTVvz231nNNzxvmItX97i_sO48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/NixiWYmD-vroRsSm1dMfYuXBZWQ.roa
Signing time: Thu 02 Jan 2025 05:48:46 +0000
ROA not before: Thu 02 Jan 2025 05:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206292
IP address blocks: 2001:67c:994::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:2a:5a:5b:66:af:5f:b4:b1:6d:2b:92:c7:bd:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e94d5bf3db7d6734dcf1be622d5fdee2fec3b8f
Validity
Not Before: Jan 2 05:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=362c62598983fafae846c4a6d5d31f62e5c16564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8c:c0:ea:b3:3c:8e:0b:c6:ad:b4:69:f0:e8:
20:1e:07:86:18:3c:a0:a1:d4:ce:65:61:0a:77:73:
e3:41:cb:14:e9:cc:87:39:b6:09:33:51:7f:6d:ae:
28:a6:34:41:5f:a6:af:5a:9c:fd:49:8f:76:a2:b2:
90:dc:dc:1c:30:1c:10:2c:97:56:d2:85:a0:2f:da:
ff:b6:01:fc:31:84:03:24:4f:be:7f:5d:69:cd:ea:
d3:5c:ce:d2:53:73:3e:e2:25:da:b6:7c:09:cc:8d:
50:c1:7c:8b:72:ae:f7:aa:7a:ed:a6:e3:7a:02:02:
45:de:eb:8c:9d:8b:29:72:f7:41:49:44:53:b9:20:
05:9f:fd:e3:79:0e:e5:94:d2:90:2e:10:94:40:e4:
bf:e3:54:62:ab:c3:65:1e:95:38:50:eb:97:cc:a5:
34:c7:f3:f2:56:fd:ff:c3:3c:09:1b:e6:f4:1d:eb:
82:d2:a3:e6:c0:91:7e:e7:b7:2f:ea:37:5f:78:3a:
41:ae:c5:95:fc:eb:fe:12:e6:4d:20:3b:a2:82:9e:
59:95:cf:4c:77:0d:e2:2b:a7:9e:91:fa:67:af:66:
05:90:df:5c:c8:3c:99:61:fd:12:d6:a2:5e:d6:d2:
26:04:5a:7e:73:db:f3:4a:45:60:b6:63:13:fc:2f:
a8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:2C:62:59:89:83:FA:FA:E8:46:C4:A6:D5:D3:1F:62:E5:C1:65:64
X509v3 Authority Key Identifier:
keyid:9E:94:D5:BF:3D:B7:D6:73:4D:CF:1B:E6:22:D5:FD:EE:2F:EC:3B:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npTVvz231nNNzxvmItX97i_sO48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/NixiWYmD-vroRsSm1dMfYuXBZWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1383aa-108b-46ef-ac9e-9cee23a60566/1/npTVvz231nNNzxvmItX97i_sO48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:994::/48
Signature Algorithm: sha256WithRSAEncryption
64:89:6a:81:0d:31:46:b3:8f:51:a8:af:84:62:44:59:e1:ee:
7c:aa:dd:0e:66:5d:bf:a7:9f:88:8e:20:3e:2a:91:05:d3:7f:
37:c2:0d:b2:94:ee:af:d0:95:fa:03:f2:ad:a8:76:0f:6f:1e:
dd:b0:18:a7:5a:73:17:66:8b:4e:05:70:9d:25:6d:ae:c8:8c:
16:04:69:b5:92:21:7f:ec:02:b1:01:9c:9b:87:84:52:67:33:
77:93:1b:b4:e3:30:f8:59:32:e9:d6:54:78:a2:0b:16:7f:5a:
10:14:99:ca:b7:d4:47:da:34:ce:8c:26:54:2a:f8:57:00:92:
b2:5b:a2:88:17:57:f5:25:89:39:94:36:80:92:ba:d5:eb:7b:
c0:39:b2:0f:0c:89:11:f7:1b:5b:0e:0f:03:f2:cb:08:b8:c9:
9c:03:8d:4b:b4:5a:d0:47:0f:36:31:18:06:03:07:e7:bb:99:
03:05:1b:81:48:f2:4e:ae:13:1b:20:5f:1a:cb:53:bd:7b:da:
38:dd:6a:0f:42:5c:9d:01:4b:d3:0b:a0:8e:ab:84:e0:fa:97:
46:fa:df:ae:55:2a:2f:a5:ac:d0:a6:ae:b2:8b:f1:be:41:1f:
db:95:a6:87:bb:4a:d3:70:ce:9f:ac:cf:04:39:d6:1f:e6:9b:
51:cf:11:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljypaW2avX7SxbSuSx719MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTRkNWJmM2RiN2Q2NzM0ZGNmMWJlNjIyZDVmZGVlMmZl
YzNiOGYwHhcNMjUwMTAyMDU0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjJjNjI1OTg5ODNmYWZhZTg0NmM0YTZkNWQzMWY2MmU1YzE2NTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArozA6rM8jgvGrbRp8OggHgeGGDyg
odTOZWEKd3PjQcsU6cyHObYJM1F/ba4opjRBX6avWpz9SY92orKQ3NwcMBwQLJdW
0oWgL9r/tgH8MYQDJE++f11pzerTXM7SU3M+4iXatnwJzI1QwXyLcq73qnrtpuN6
AgJF3uuMnYspcvdBSURTuSAFn/3jeQ7llNKQLhCUQOS/41Riq8NlHpU4UOuXzKU0
x/PyVv3/wzwJG+b0HeuC0qPmwJF+57cv6jdfeDpBrsWV/Ov+EuZNIDuigp5Zlc9M
dw3iK6eekfpnr2YFkN9cyDyZYf0S1qJe1tImBFp+c9vzSkVgtmMT/C+oqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDYsYlmJg/r66EbEptXTH2LlwWVkMB8GA1UdIwQY
MBaAFJ6U1b89t9ZzTc8b5iLV/e4v7DuPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBUVnZ6MjMxbk5Oenh2bUl0WDk3aV9zTzQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xMzgzYWEtMTA4Yi00NmVmLWFjOWUt
OWNlZTIzYTYwNTY2LzEvTml4aVdZbUQtdnJvUnNTbTFkTWZZdVhCWldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8xMzgzYWEtMTA4Yi00NmVmLWFjOWUtOWNlZTIzYTYwNTY2
LzEvbnBUVnZ6MjMxbk5Oenh2bUl0WDk3aV9zTzQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAmU
MA0GCSqGSIb3DQEBCwUAA4IBAQBkiWqBDTFGs49RqK+EYkRZ4e58qt0OZl2/p5+I
jiA+KpEF0383wg2ylO6v0JX6A/KtqHYPbx7dsBinWnMXZotOBXCdJW2uyIwWBGm1
kiF/7AKxAZybh4RSZzN3kxu04zD4WTLp1lR4ogsWf1oQFJnKt9RH2jTOjCZUKvhX
AJKyW6KIF1f1JYk5lDaAkrrV63vAObIPDIkR9xtbDg8D8ssIuMmcA41LtFrQRw82
MRgGAwfnu5kDBRuBSPJOrhMbIF8ay1O9e9o43WoPQlydAUvTC6COq4Tg+pdG+t+u
VSovpazQpq6yi/G+QR/blaaHu0rTcM6frM8EOdYf5ptRzxEu
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:57:24 2025 by rpki-client