Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/Nr4S-bS_DxU0RrCiYH89BkKHRx0.roa
File: Nr4S-bS_DxU0RrCiYH89BkKHRx0.roa (raw, json)
Hash identifier: Z9YSzyWizqSu2v+tdRA7dkSYmobxbZPcN/hqVXMPmw0=
Subject key identifier: 36:BE:12:F9:B4:BF:0F:15:34:46:B0:A2:60:7F:3D:06:42:87:47:1D
Certificate issuer: /CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
Certificate serial: 01836A9F4F8E2AF2119076F65889F205D229
Authority key identifier: 52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/Nr4S-bS_DxU0RrCiYH89BkKHRx0.roa
Signing time: Fri 23 Sep 2022 13:52:48 +0000
ROA not before: Fri 23 Sep 2022 13:52:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:9f:4f:8e:2a:f2:11:90:76:f6:58:89:f2:05:d2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
Validity
Not Before: Sep 23 13:52:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=36be12f9b4bf0f153446b0a2607f3d064287471d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:3b:de:09:f2:9c:a2:f1:6f:ad:bc:b6:48:
96:bf:99:0a:35:83:44:c8:1e:6c:2c:01:27:59:ed:
e9:d7:34:87:84:42:9d:e6:1c:f8:c6:31:1c:ed:24:
3b:a3:d9:0e:ee:ce:e7:f5:6f:e6:ff:b1:46:37:0c:
13:9a:39:04:89:bb:b0:a7:b1:0f:75:9a:38:62:63:
ec:46:26:2a:5d:22:5c:ff:14:28:6f:d0:ee:d9:63:
41:a2:58:bb:d3:ea:a7:05:94:d4:44:0c:33:77:bc:
39:82:07:48:f7:85:9a:7a:e8:6e:49:74:c7:20:60:
54:16:35:3e:54:90:e6:43:01:11:45:45:45:5a:9f:
44:ad:26:b2:ed:e2:a4:25:70:67:e6:49:7a:8e:cd:
c2:8b:33:7b:0e:74:c8:5d:ed:df:58:c1:fc:85:96:
9c:50:4d:d4:4c:24:05:4d:11:d9:e8:34:61:41:0d:
39:7c:c6:c4:4a:f5:73:1d:8d:3c:54:eb:1f:70:81:
9e:0f:03:53:b1:19:41:44:b3:60:4f:90:2a:e4:f4:
e4:4f:a1:04:d9:8e:3f:f7:de:5a:41:16:78:be:c6:
a8:67:f1:e5:1e:68:71:58:3f:5e:e1:c1:cf:5e:9c:
00:50:67:4c:16:d6:6b:3a:c9:0b:40:d7:97:0e:db:
10:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BE:12:F9:B4:BF:0F:15:34:46:B0:A2:60:7F:3D:06:42:87:47:1D
X509v3 Authority Key Identifier:
keyid:52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/Nr4S-bS_DxU0RrCiYH89BkKHRx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/UlAqKawGtl6TLhvZfX_PKcNxyz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80::/48
Signature Algorithm: sha256WithRSAEncryption
8d:ae:b7:f2:3b:73:40:9a:8c:27:6d:c7:dd:f6:25:bd:fb:9a:
40:25:e4:2a:cb:10:e2:44:44:58:8b:39:a1:3c:31:4d:6e:6e:
9b:1e:fe:03:db:e6:34:85:dd:8e:3b:f1:7c:a6:28:a2:6b:17:
5a:71:87:1c:70:d2:12:84:f2:13:cf:0e:fd:a2:70:53:41:06:
58:47:e8:88:20:e3:21:8d:13:f1:c1:30:e6:a1:45:4f:f6:ba:
44:00:c3:2e:bc:ab:37:9c:94:d5:80:3f:72:67:01:6a:8b:5e:
e4:19:e3:c8:8b:14:01:a8:f8:dd:68:0b:33:ac:95:85:c1:0c:
c5:f4:94:d9:06:96:73:5a:b4:59:09:3e:ff:59:91:57:3c:73:
6b:33:52:4a:b3:f9:da:42:2a:6a:4f:b0:cb:6c:76:a2:7c:8f:
08:04:bb:ab:96:26:d0:32:5f:c2:d9:3b:fc:31:2d:0b:3b:86:
ff:6f:88:1b:6f:68:37:cd:74:de:6d:4f:e6:c7:35:6d:c8:5b:
b7:b6:dc:b9:85:7a:31:52:c8:11:22:0d:1e:61:aa:7e:2d:a5:
33:48:2c:f0:74:c9:a4:e2:31:f4:54:e4:a1:b6:ef:0a:b6:96:
31:d9:d3:3a:1f:6b:2b:07:2f:4a:d4:81:9f:c9:eb:78:da:6d:
13:76:07:e5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYNqn0+OKvIRkHb2WInyBdIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTAyYTI5YWMwNmI2NWU5MzJlMWJkOTdkN2ZjZjI5YzM3
MWNiM2QwHhcNMjIwOTIzMTM1MjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmJlMTJmOWI0YmYwZjE1MzQ0NmIwYTI2MDdmM2QwNjQyODc0NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/E73gnynKLxb628tkiWv5kKNYNE
yB5sLAEnWe3p1zSHhEKd5hz4xjEc7SQ7o9kO7s7n9W/m/7FGNwwTmjkEibuwp7EP
dZo4YmPsRiYqXSJc/xQob9Du2WNBoli70+qnBZTURAwzd7w5ggdI94WaeuhuSXTH
IGBUFjU+VJDmQwERRUVFWp9ErSay7eKkJXBn5kl6js3CizN7DnTIXe3fWMH8hZac
UE3UTCQFTRHZ6DRhQQ05fMbESvVzHY08VOsfcIGeDwNTsRlBRLNgT5Aq5PTkT6EE
2Y4/995aQRZ4vsaoZ/HlHmhxWD9e4cHPXpwAUGdMFtZrOskLQNeXDtsQjwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDa+Evm0vw8VNEawomB/PQZCh0cdMB8GA1UdIwQY
MBaAFFJQKimsBrZeky4b2X1/zynDccs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUt
ZDY0OWUyMjcwOTdmLzEvTnI0Uy1iU19EeFUwUnJDaVlIODlCa0tIUngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUtZDY0OWUyMjcwOTdm
LzEvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgkrgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNrrfyO3NAmownbcfd9iW9+5pAJeQqyxDiRERY
izmhPDFNbm6bHv4D2+Y0hd2OO/F8piiiaxdacYcccNIShPITzw79onBTQQZYR+iI
IOMhjRPxwTDmoUVP9rpEAMMuvKs3nJTVgD9yZwFqi17kGePIixQBqPjdaAszrJWF
wQzF9JTZBpZzWrRZCT7/WZFXPHNrM1JKs/naQipqT7DLbHaifI8IBLurlibQMl/C
2Tv8MS0LO4b/b4gbb2g3zXTebU/mxzVtyFu3tty5hXoxUsgRIg0eYap+LaUzSCzw
dMmk4jH0VOShtu8KtpYx2dM6H2srBy9K1IGfyet42m0Tdgfl
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:10 2025 by rpki-client