Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/f3NzFDrUEZy8grE75c3DxK-zdcM.roa
File: f3NzFDrUEZy8grE75c3DxK-zdcM.roa (raw, json)
Hash identifier: BFzDDOgRzsLLo8GwsAfM05cwyRWar9TrfbdTw5Ud6HE=
Subject key identifier: 7F:73:73:14:3A:D4:11:9C:BC:82:B1:3B:E5:CD:C3:C4:AF:B3:75:C3
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 01941FFA3FAD515B11EC2C4E52354BD93EE9
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/f3NzFDrUEZy8grE75c3DxK-zdcM.roa
Signing time: Wed 01 Jan 2025 03:48:01 +0000
ROA not before: Wed 01 Jan 2025 03:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 192.58.56.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:3f:ad:51:5b:11:ec:2c:4e:52:35:4b:d9:3e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 03:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f7373143ad4119cbc82b13be5cdc3c4afb375c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:55:30:7c:8f:b3:f9:db:ce:73:a0:14:b1:69:
bd:9f:3c:5c:95:45:d5:1c:05:35:98:c8:db:e8:3e:
de:18:4f:6c:43:f6:02:16:bc:0f:68:51:0e:89:a5:
06:6b:44:20:8f:6f:7a:e4:7d:87:f0:dd:44:8a:37:
44:4b:8b:b7:a2:d4:11:19:5b:3f:24:ca:aa:db:77:
66:2e:d2:ab:a0:60:43:4e:ef:43:88:d7:24:52:3f:
bd:e1:ba:c9:6c:69:71:e5:f5:7e:b2:e3:26:f9:a5:
c0:79:12:ff:bf:f8:37:af:10:5a:71:93:ba:9b:b2:
cc:8d:ec:14:1b:ba:39:51:55:2a:b8:10:04:d5:49:
72:ce:91:f6:c8:99:d1:e9:6d:87:63:44:09:4f:8f:
cf:76:90:22:a6:c2:c2:30:99:4f:65:b6:51:f1:45:
a7:a3:89:64:02:b5:af:52:d7:e5:19:a0:6e:64:14:
63:e3:86:da:12:e4:25:4b:c5:ef:37:f1:aa:74:af:
f8:05:e5:e0:c9:1c:1b:32:7f:56:ae:bf:08:3b:50:
15:21:34:5e:e5:fc:d1:92:49:e9:30:d0:fb:50:ac:
f7:67:41:64:f9:0c:2e:36:f1:64:fd:43:7b:43:02:
bd:69:c0:01:89:a0:e4:4b:09:d5:f9:0c:b4:95:5e:
35:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:73:73:14:3A:D4:11:9C:BC:82:B1:3B:E5:CD:C3:C4:AF:B3:75:C3
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/f3NzFDrUEZy8grE75c3DxK-zdcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.58.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:5d:1c:6b:77:25:fa:33:fe:af:0e:2f:9a:c6:55:4e:22:a5:
dd:c8:69:cc:ac:28:1e:9a:99:db:90:94:07:ba:cb:2f:a2:90:
3c:60:4b:35:1f:07:a8:8a:ad:be:16:05:ae:ca:a7:be:47:10:
cd:b4:3a:98:e1:76:ae:b5:ee:5a:0f:09:41:d3:6c:94:1b:bd:
7e:94:91:45:0b:fd:a3:6d:26:85:95:39:5d:87:39:4d:da:ad:
ca:3e:b0:b0:a3:4d:26:6b:38:c7:b4:6d:d9:40:3f:63:26:17:
08:fc:47:03:fd:27:5c:40:c2:ee:0c:55:ac:5e:13:be:8d:e2:
71:3c:75:06:27:3e:dc:65:15:42:02:ba:26:6e:5a:7c:61:c6:
bb:46:c7:31:f7:2f:22:a6:25:be:a6:71:39:46:9d:1f:02:e5:
90:54:e3:44:ea:c1:79:53:ae:24:57:51:af:c7:1b:5e:99:d5:
03:8d:00:50:db:b5:78:75:bf:35:52:be:ce:c6:87:73:e2:1d:
df:4f:43:c6:e2:c0:9b:28:ee:dd:84:f4:3d:f2:55:cc:30:33:
49:33:5a:17:7e:30:41:de:db:e5:e4:23:e0:91:8d:6c:3d:ee:
41:aa:aa:08:03:b6:cf:2f:fb:f5:fd:ba:c3:11:70:44:f4:b5:
3e:40:df:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+j+tUVsR7CxOUjVL2T7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjUwMTAxMDM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjczNzMxNDNhZDQxMTljYmM4MmIxM2JlNWNkYzNjNGFmYjM3NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFUwfI+z+dvOc6AUsWm9nzxclUXV
HAU1mMjb6D7eGE9sQ/YCFrwPaFEOiaUGa0Qgj2965H2H8N1EijdES4u3otQRGVs/
JMqq23dmLtKroGBDTu9DiNckUj+94brJbGlx5fV+suMm+aXAeRL/v/g3rxBacZO6
m7LMjewUG7o5UVUquBAE1UlyzpH2yJnR6W2HY0QJT4/PdpAipsLCMJlPZbZR8UWn
o4lkArWvUtflGaBuZBRj44baEuQlS8XvN/GqdK/4BeXgyRwbMn9Wrr8IO1AVITRe
5fzRkknpMND7UKz3Z0Fk+QwuNvFk/UN7QwK9acABiaDkSwnV+Qy0lV41cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH9zcxQ61BGcvIKxO+XNw8Svs3XDMB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEvZjNOekZEclVFWnk4Z3JFNzVjM0R4Sy16ZGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwDo4MA0G
CSqGSIb3DQEBCwUAA4IBAQBcXRxrdyX6M/6vDi+axlVOIqXdyGnMrCgempnbkJQH
ussvopA8YEs1Hweoiq2+FgWuyqe+RxDNtDqY4Xaute5aDwlB02yUG71+lJFFC/2j
bSaFlTldhzlN2q3KPrCwo00mazjHtG3ZQD9jJhcI/EcD/SdcQMLuDFWsXhO+jeJx
PHUGJz7cZRVCAromblp8Yca7Rscx9y8ipiW+pnE5Rp0fAuWQVONE6sF5U64kV1Gv
xxtemdUDjQBQ27V4db81Ur7Oxodz4h3fT0PG4sCbKO7dhPQ98lXMMDNJM1oXfjBB
3tvl5CPgkY1sPe5BqqoIA7bPL/v1/brDEXBE9LU+QN/C
-----END CERTIFICATE-----
Generated at Sat Apr 12 04:32:07 2025 by rpki-client