Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/k_0z9yImMkkx7Q7hZaLKVoTRO74.roa
File: k_0z9yImMkkx7Q7hZaLKVoTRO74.roa (raw, json)
Hash identifier: bY1XGYbefYoSOVyj59OiTxL9N9Rlyyr/sbaOhEye3EE=
Subject key identifier: 93:FD:33:F7:22:26:32:49:31:ED:0E:E1:65:A2:CA:56:84:D1:3B:BE
Certificate issuer: /CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Certificate serial: 019426D9AD48816986FC347F7A18EF4ABD65
Authority key identifier: 89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/k_0z9yImMkkx7Q7hZaLKVoTRO74.roa
Signing time: Thu 02 Jan 2025 11:49:47 +0000
ROA not before: Thu 02 Jan 2025 11:49:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201129
IP address blocks: 2001:67c:2d84::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ad:48:81:69:86:fc:34:7f:7a:18:ef:4a:bd:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89927787472a7cbdd97dfdb4f53b74efb3bbbc5b
Validity
Not Before: Jan 2 11:49:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93fd33f72226324931ed0ee165a2ca5684d13bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:4b:95:a7:3b:db:40:fb:78:fb:d9:74:7d:58:
6c:f6:7f:fa:3e:3c:e7:e4:e6:9b:21:5e:8a:2f:02:
1d:cc:0b:55:e1:90:ce:91:44:35:e8:79:bf:f5:50:
4b:7a:aa:af:0d:87:de:57:b0:54:b7:76:30:f7:14:
38:ee:6e:33:16:45:f4:1b:3b:cc:db:dd:b6:3d:2e:
27:2c:24:ba:cf:31:78:0e:c6:b2:d4:bd:c0:36:f8:
8c:13:a9:e0:54:65:5c:0a:ac:bc:93:bf:ef:4e:27:
0a:0d:d9:ea:7e:28:5e:0e:5b:be:54:6e:1b:24:b5:
3f:d1:52:eb:a1:1b:d2:de:2c:6f:c1:e8:17:86:15:
1b:d0:7f:63:e8:41:1c:75:ff:3e:c6:06:f5:47:54:
dd:28:02:48:29:f7:8c:37:e4:6f:4b:e4:00:fe:39:
da:aa:86:df:0c:d5:12:5f:92:b0:1e:02:40:70:21:
96:39:1a:21:9c:34:d5:18:b2:97:f7:46:dc:d5:3b:
93:85:aa:f9:55:80:5d:82:80:ea:68:af:bf:bd:ea:
f9:b2:3e:ad:52:11:22:f5:be:df:24:90:c7:b3:33:
47:a5:40:77:9b:5b:6d:ad:28:75:ce:43:51:43:5e:
8b:77:c5:d7:8d:0a:46:38:70:77:d2:a9:7c:d4:aa:
0e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:FD:33:F7:22:26:32:49:31:ED:0E:E1:65:A2:CA:56:84:D1:3B:BE
X509v3 Authority Key Identifier:
keyid:89:92:77:87:47:2A:7C:BD:D9:7D:FD:B4:F5:3B:74:EF:B3:BB:BC:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZJ3h0cqfL3Zff209Tt077O7vFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/k_0z9yImMkkx7Q7hZaLKVoTRO74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d20b8c-9fac-41f7-9e79-c410062d4d52/1/iZJ3h0cqfL3Zff209Tt077O7vFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2d84::/48
Signature Algorithm: sha256WithRSAEncryption
82:76:fd:db:72:7c:45:5f:99:44:40:e7:fb:2b:c4:29:91:71:
ae:c6:c9:5e:1e:7a:f2:8a:84:60:c9:49:7c:4f:8b:5f:3b:f6:
69:fe:b7:d5:11:13:af:9d:c1:9c:fc:5d:f2:b5:1e:09:16:6e:
f6:68:2c:39:87:d8:1a:a6:b7:bd:02:73:bb:29:5d:51:ed:e8:
f7:c1:9e:7d:b5:1d:f3:4e:1f:c9:ee:99:c7:f4:7d:95:3a:44:
9a:cb:f6:d6:4c:19:74:2a:3a:a5:71:8e:44:34:f6:77:03:17:
eb:08:b5:55:6a:51:93:9e:3a:5e:34:91:f4:c2:1f:41:72:2d:
16:e4:95:6b:34:00:62:55:15:1b:57:5f:13:22:24:67:10:51:
1d:a0:77:3b:b6:65:f8:ec:9a:f6:06:de:ee:2c:9b:ac:53:27:
0f:73:5c:c6:03:33:8d:9c:31:95:51:17:00:c4:7a:32:0b:f5:
ba:81:5f:0e:0d:93:7c:e2:27:a5:cc:ca:be:a9:2e:bd:8f:9f:
6f:31:b4:b3:fe:f3:69:38:41:e8:c7:da:ec:2d:87:32:d5:78:
22:dd:93:80:86:aa:d3:4c:f8:40:93:05:6b:9e:9e:4e:4f:1d:
dd:ed:28:6e:07:75:bd:40:ad:93:82:22:37:5a:a3:6a:c6:7e:
e2:1b:1a:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2a1IgWmG/DR/ehjvSr1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTI3Nzg3NDcyYTdjYmRkOTdkZmRiNGY1M2I3NGVmYjNi
YmJjNWIwHhcNMjUwMTAyMTE0OTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2ZkMzNmNzIyMjYzMjQ5MzFlZDBlZTE2NWEyY2E1Njg0ZDEzYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UuVpzvbQPt4+9l0fVhs9n/6Pjzn
5OabIV6KLwIdzAtV4ZDOkUQ16Hm/9VBLeqqvDYfeV7BUt3Yw9xQ47m4zFkX0GzvM
2922PS4nLCS6zzF4Dsay1L3ANviME6ngVGVcCqy8k7/vTicKDdnqfiheDlu+VG4b
JLU/0VLroRvS3ixvwegXhhUb0H9j6EEcdf8+xgb1R1TdKAJIKfeMN+RvS+QA/jna
qobfDNUSX5KwHgJAcCGWORohnDTVGLKX90bc1TuThar5VYBdgoDqaK+/ver5sj6t
UhEi9b7fJJDHszNHpUB3m1ttrSh1zkNRQ16Ld8XXjQpGOHB30ql81KoOuwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJP9M/ciJjJJMe0O4WWiylaE0Tu+MB8GA1UdIwQY
MBaAFImSd4dHKny92X39tPU7dO+zu7xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzkt
YzQxMDA2MmQ0ZDUyLzEva18wejl5SW1Na2t4N1E3aFphTEtWb1RSTzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9kMjBiOGMtOWZhYy00MWY3LTllNzktYzQxMDA2MmQ0ZDUy
LzEvaVpKM2gwY3FmTDNaZmYyMDlUdDA3N083dkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC2E
MA0GCSqGSIb3DQEBCwUAA4IBAQCCdv3bcnxFX5lEQOf7K8QpkXGuxsleHnryioRg
yUl8T4tfO/Zp/rfVEROvncGc/F3ytR4JFm72aCw5h9gapre9AnO7KV1R7ej3wZ59
tR3zTh/J7pnH9H2VOkSay/bWTBl0KjqlcY5ENPZ3AxfrCLVValGTnjpeNJH0wh9B
ci0W5JVrNABiVRUbV18TIiRnEFEdoHc7tmX47Jr2Bt7uLJusUycPc1zGAzONnDGV
URcAxHoyC/W6gV8ODZN84ielzMq+qS69j59vMbSz/vNpOEHox9rsLYcy1Xgi3ZOA
hqrTTPhAkwVrnp5OTx3d7ShuB3W9QK2TgiI3WqNqxn7iGxq5
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:15:15 2025 by rpki-client