Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/2Z9d9o9eLYfcRoJ3zpLlkxpvdQo.roa
File: 2Z9d9o9eLYfcRoJ3zpLlkxpvdQo.roa (raw, json)
Hash identifier: 3BDHGH1sz861H5tpolKClYo4OXc+LyLk6MlGsLezxi4=
Subject key identifier: D9:9F:5D:F6:8F:5E:2D:87:DC:46:82:77:CE:92:E5:93:1A:6F:75:0A
Certificate issuer: /CN=1a3f6225cee9c08646e2d6dabc8bf6bbb233efea
Certificate serial: 14278A6F
Authority key identifier: 1A:3F:62:25:CE:E9:C0:86:46:E2:D6:DA:BC:8B:F6:BB:B2:33:EF:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gj9iJc7pwIZG4tbavIv2u7Iz7-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/2Z9d9o9eLYfcRoJ3zpLlkxpvdQo.roa
Signing time: Sat 01 Jan 2022 05:52:05 +0000
ROA not before: Sat 01 Jan 2022 05:52:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203884
IP address blocks: 2001:67c:27bc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 338135663 (0x14278a6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a3f6225cee9c08646e2d6dabc8bf6bbb233efea
Validity
Not Before: Jan 1 05:52:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d99f5df68f5e2d87dc468277ce92e5931a6f750a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:56:5f:66:65:82:a3:dd:a4:f5:35:4c:12:a8:
29:7d:33:ef:2d:3d:e9:6d:72:fd:da:8c:fe:57:09:
0a:15:76:de:8f:c7:d9:98:b8:27:3c:d0:64:b5:12:
8f:c6:d4:ca:5d:15:d3:82:bf:7d:9c:11:aa:c5:c1:
0e:38:c2:38:1b:52:8c:58:75:12:fa:85:96:e0:1a:
3c:9f:5d:d6:ca:4e:34:de:cd:45:dc:cd:ae:3b:4d:
8c:be:30:15:e3:d1:de:7f:4b:a0:6a:47:a8:79:0c:
7c:03:85:eb:df:c1:96:61:dc:30:46:8d:b6:5d:c1:
dc:5f:91:58:51:fa:6f:ff:b2:e8:67:d0:0e:3f:98:
6d:23:1a:5f:ab:a0:79:7f:4f:01:27:2a:79:4a:0e:
f9:1a:f4:27:56:8a:78:58:53:9d:8f:d1:3b:db:48:
9f:ca:66:15:15:be:89:62:4d:55:2a:02:64:ce:f3:
60:4d:ea:4f:21:66:d5:ee:75:b0:67:27:a8:08:23:
5b:64:e3:68:a1:79:53:45:78:b9:8e:02:3b:68:84:
02:72:fb:fd:2b:ab:b5:3a:28:60:bf:d9:e5:ee:b2:
80:17:68:e0:8a:84:e6:aa:57:fb:33:00:bd:63:1e:
b0:43:9c:4e:27:70:44:7d:7e:cf:43:e4:5a:df:30:
a6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9F:5D:F6:8F:5E:2D:87:DC:46:82:77:CE:92:E5:93:1A:6F:75:0A
X509v3 Authority Key Identifier:
keyid:1A:3F:62:25:CE:E9:C0:86:46:E2:D6:DA:BC:8B:F6:BB:B2:33:EF:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gj9iJc7pwIZG4tbavIv2u7Iz7-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/2Z9d9o9eLYfcRoJ3zpLlkxpvdQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/11debc-a3ed-4a5b-b73e-294ea22cf9a6/1/Gj9iJc7pwIZG4tbavIv2u7Iz7-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:27bc::/48
Signature Algorithm: sha256WithRSAEncryption
a5:cd:e1:e6:ad:3d:ca:02:12:d7:17:36:d7:2c:a8:91:8f:ea:
82:d7:a0:73:ef:7a:00:d4:8a:34:bc:59:1c:da:bf:cc:5a:c0:
14:3e:56:7e:a8:fa:82:85:70:20:21:7e:2e:3b:cb:e5:2f:3f:
c4:51:48:8b:d6:b3:db:14:85:82:83:5e:56:97:27:72:41:82:
00:b7:ad:7f:ea:e8:0c:79:21:ae:06:5c:d9:8d:15:94:37:74:
e0:11:f7:0d:7b:98:fd:f8:67:78:97:55:fa:73:08:2f:bb:b0:
92:74:30:78:78:ec:06:db:e1:25:93:8c:5d:62:b1:1f:89:10:
6c:d3:a3:66:70:a3:47:2e:a4:37:9b:e6:7e:70:95:07:73:6f:
37:ab:e3:19:52:26:de:0e:a0:d2:72:18:67:6c:77:c1:b4:fd:
cf:b3:a0:ca:2a:e2:70:4d:e6:46:6b:3c:99:ee:01:81:75:35:
20:6f:82:06:18:94:73:a7:8a:4c:00:d1:24:d7:90:3d:12:61:
1b:9d:f2:95:be:41:45:31:5a:79:b7:ee:9c:f2:ee:b7:64:96:
0f:1a:92:ac:a7:34:44:02:35:7a:02:ab:e0:e3:52:ba:e9:08:
0f:56:8f:0b:81:1d:fe:17:e0:c2:19:68:0d:06:dd:aa:e9:f0:
42:e4:9d:11
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEFCeKbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YTNmNjIyNWNlZTljMDg2NDZlMmQ2ZGFiYzhiZjZiYmIyMzNlZmVhMB4XDTIyMDEw
MTA1NTIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDk5ZjVkZjY4ZjVl
MmQ4N2RjNDY4Mjc3Y2U5MmU1OTMxYTZmNzUwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhWX2ZlgqPdpPU1TBKoKX0z7y096W1y/dqM/lcJChV23o/H
2Zi4JzzQZLUSj8bUyl0V04K/fZwRqsXBDjjCOBtSjFh1EvqFluAaPJ9d1spONN7N
RdzNrjtNjL4wFePR3n9LoGpHqHkMfAOF69/BlmHcMEaNtl3B3F+RWFH6b/+y6GfQ
Dj+YbSMaX6ugeX9PAScqeUoO+Rr0J1aKeFhTnY/RO9tIn8pmFRW+iWJNVSoCZM7z
YE3qTyFm1e51sGcnqAgjW2TjaKF5U0V4uY4CO2iEAnL7/SurtTooYL/Z5e6ygBdo
4IqE5qpX+zMAvWMesEOcTidwRH1+z0PkWt8wpusCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTZn132j14th9xGgnfOkuWTGm91CjAfBgNVHSMEGDAWgBQaP2IlzunAhkbi
1tq8i/a7sjPv6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dqOWlKYzdwd0laRzR0YmF2SXYydTdJejctby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvMTFkZWJjLWEzZWQtNGE1Yi1iNzNlLTI5NGVhMjJjZjlhNi8x
LzJaOWQ5bzllTFlmY1JvSjN6cExsa3hwdmRRby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
MTFkZWJjLWEzZWQtNGE1Yi1iNzNlLTI5NGVhMjJjZjlhNi8xL0dqOWlKYzdwd0la
RzR0YmF2SXYydTdJejctby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwnvDANBgkqhkiG9w0BAQsF
AAOCAQEApc3h5q09ygIS1xc21yyokY/qgtegc+96ANSKNLxZHNq/zFrAFD5Wfqj6
goVwICF+LjvL5S8/xFFIi9az2xSFgoNeVpcnckGCALetf+roDHkhrgZc2Y0VlDd0
4BH3DXuY/fhneJdV+nMIL7uwknQweHjsBtvhJZOMXWKxH4kQbNOjZnCjRy6kN5vm
fnCVB3NvN6vjGVIm3g6g0nIYZ2x3wbT9z7OgyiricE3mRms8me4BgXU1IG+CBhiU
c6eKTADRJNeQPRJhG53ylb5BRTFaebfunPLut2SWDxqSrKc0RAI1egKr4ONSuukI
D1aPC4Ed/hfgwhloDQbdqunwQuSdEQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:42:04 2025 by rpki-client