Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/PKaqbyS2JUmUFWkanNtnUVOeb0k.roa
File: PKaqbyS2JUmUFWkanNtnUVOeb0k.roa (raw, json)
Hash identifier: XnxdB7QCFZRrLjw5gBqAaLpQdzzFZf/2WrRe2aVUvEM=
Subject key identifier: 3C:A6:AA:6F:24:B6:25:49:94:15:69:1A:9C:DB:67:51:53:9E:6F:49
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019427B639489E75CE63B3AE13ADF988EA50
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/PKaqbyS2JUmUFWkanNtnUVOeb0k.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205227
IP address blocks: 2a09:a780::/30 maxlen: 30
2a09:a784::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:39:48:9e:75:ce:63:b3:ae:13:ad:f9:88:ea:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ca6aa6f24b625499415691a9cdb6751539e6f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:25:d9:40:c8:72:c8:47:55:eb:f1:d5:f6:fe:
9c:a0:10:f6:81:67:97:a8:53:c8:fa:77:47:ba:a9:
55:12:60:52:f9:28:59:4d:ec:ea:ba:0f:1f:4d:54:
2b:61:e0:63:4d:1b:6b:34:6b:31:d8:77:85:5e:34:
9b:cf:14:9c:3c:41:d6:23:6f:81:2c:e1:70:1e:7d:
08:7c:16:91:82:fa:e5:a9:da:80:8a:1c:b5:ab:1b:
00:5b:ce:79:a7:d3:c4:3f:67:06:1a:3e:3e:92:23:
61:09:93:93:20:c1:09:cb:4b:78:5c:9e:4d:86:0d:
cb:d4:ce:82:89:f1:29:f3:ca:11:d0:9a:2c:b3:a8:
f3:82:4a:8a:47:63:80:e2:9e:93:df:8e:15:a1:37:
d0:29:ef:75:b8:45:38:29:29:18:f1:96:bb:51:31:
da:75:2e:07:be:80:b4:61:f4:f0:5c:d4:39:11:60:
76:44:48:09:c7:0a:04:ab:dd:2d:65:9b:29:d0:40:
f5:d4:85:8c:88:ae:37:73:f6:4e:4e:7e:60:39:15:
03:37:0c:b7:d2:97:57:71:e1:d8:1c:7a:1d:45:aa:
a9:10:0a:92:92:2e:72:fc:05:87:f5:7e:cd:9f:a8:
0a:77:48:61:dd:56:43:f5:74:89:64:cd:82:84:d3:
5f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A6:AA:6F:24:B6:25:49:94:15:69:1A:9C:DB:67:51:53:9E:6F:49
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/PKaqbyS2JUmUFWkanNtnUVOeb0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a780::/29
Signature Algorithm: sha256WithRSAEncryption
79:c2:45:4f:0c:0e:af:af:6e:e9:46:87:59:e5:91:d1:fe:3d:
63:75:f1:bf:2a:d3:80:93:51:31:ff:17:10:ad:bc:88:e8:f6:
96:49:22:e0:a6:a5:a5:84:f8:07:82:3b:f6:a1:7b:56:af:66:
48:39:ee:ee:aa:f6:95:a9:49:a2:6c:f0:db:d4:ce:17:e0:91:
3c:f3:11:ed:f5:cc:e8:ea:90:08:e9:50:21:2e:60:55:82:a6:
c7:55:52:1c:ff:1c:2c:7a:ba:69:5e:20:00:5c:82:38:13:51:
ae:27:81:31:7a:78:a9:1e:77:c8:a3:93:67:f1:28:e5:9a:fd:
0c:aa:ae:6f:85:cc:b1:b5:19:75:7d:f2:34:f0:12:7d:4d:c5:
75:34:be:89:a5:5b:a6:dd:1d:0a:ae:fc:97:27:29:2a:ef:6c:
98:70:f2:79:cb:74:f4:46:4d:50:a4:9f:46:8a:59:e1:a7:11:
07:aa:ce:d1:ba:3b:7e:7c:94:df:66:42:ba:51:22:51:bb:83:
8f:41:ad:71:2b:30:20:4e:72:30:4b:c2:50:c6:29:66:c0:c4:
cd:f1:f1:2b:b4:64:6c:83:cf:5d:f8:83:b3:4f:1c:b3:a5:10:
0c:e8:6b:f9:28:f6:93:03:0f:a7:9e:b0:0e:e3:83:7f:c7:94:
4c:c5:81:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntjlInnXOY7OuE635iOpQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E2YWE2ZjI0YjYyNTQ5OTQxNTY5MWE5Y2RiNjc1MTUzOWU2ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCXZQMhyyEdV6/HV9v6coBD2gWeX
qFPI+ndHuqlVEmBS+ShZTezqug8fTVQrYeBjTRtrNGsx2HeFXjSbzxScPEHWI2+B
LOFwHn0IfBaRgvrlqdqAihy1qxsAW855p9PEP2cGGj4+kiNhCZOTIMEJy0t4XJ5N
hg3L1M6CifEp88oR0Joss6jzgkqKR2OA4p6T344VoTfQKe91uEU4KSkY8Za7UTHa
dS4HvoC0YfTwXNQ5EWB2REgJxwoEq90tZZsp0ED11IWMiK43c/ZOTn5gORUDNwy3
0pdXceHYHHodRaqpEAqSki5y/AWH9X7Nn6gKd0hh3VZD9XSJZM2ChNNfYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDymqm8ktiVJlBVpGpzbZ1FTnm9JMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvUEthcWJ5UzJKVW1VRldrYW5OdG5VVk9lYjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgmngDAN
BgkqhkiG9w0BAQsFAAOCAQEAecJFTwwOr69u6UaHWeWR0f49Y3XxvyrTgJNRMf8X
EK28iOj2lkki4KalpYT4B4I79qF7Vq9mSDnu7qr2lalJomzw29TOF+CRPPMR7fXM
6OqQCOlQIS5gVYKmx1VSHP8cLHq6aV4gAFyCOBNRrieBMXp4qR53yKOTZ/Eo5Zr9
DKqub4XMsbUZdX3yNPASfU3FdTS+iaVbpt0dCq78lycpKu9smHDyect09EZNUKSf
RopZ4acRB6rO0bo7fnyU32ZCulEiUbuDj0GtcSswIE5yMEvCUMYpZsDEzfHxK7Rk
bIPPXfiDs08cs6UQDOhr+Sj2kwMPp56wDuODf8eUTMWBSQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:56 2025 by rpki-client