Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/v0Pp_40_Je3JS37_jHVbjgvZoEQ.roa
File: v0Pp_40_Je3JS37_jHVbjgvZoEQ.roa (raw, json)
Hash identifier: aXXZgq4pgbYYIdcsGFx9uEujPB0OaP/SkcsCiqXmM3E=
Subject key identifier: BF:43:E9:FF:8D:3F:25:ED:C9:4B:7E:FF:8C:75:5B:8E:0B:D9:A0:44
Certificate issuer: /CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Certificate serial: 019424B3EBBD830090087AE38205BAAFFEA1
Authority key identifier: 53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/v0Pp_40_Je3JS37_jHVbjgvZoEQ.roa
Signing time: Thu 02 Jan 2025 01:49:18 +0000
ROA not before: Thu 02 Jan 2025 01:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203917
IP address blocks: 2a09:6d41::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:eb:bd:83:00:90:08:7a:e3:82:05:ba:af:fe:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53f3590809d187f7b361fb24cd43f93f664b20b3
Validity
Not Before: Jan 2 01:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf43e9ff8d3f25edc94b7eff8c755b8e0bd9a044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:7d:64:2a:08:8f:2d:e3:ea:62:72:94:ec:
5a:c3:ba:f9:2c:1d:66:4f:5f:07:06:d8:fa:d8:18:
62:d4:bd:c9:67:29:a9:27:1f:32:51:5d:e1:60:6d:
2d:90:cb:7e:76:4e:d7:37:f4:07:16:ab:4c:88:ec:
dd:8e:a6:08:db:20:a8:80:e5:46:d7:48:a5:3b:0e:
38:91:2d:f7:37:49:9c:0a:bb:e5:3a:10:01:48:2f:
cb:59:4e:6f:f6:4e:c0:53:5d:64:66:c0:38:5d:1f:
8c:81:a4:25:8e:0f:55:c2:09:15:1f:e4:e9:4f:2b:
85:4c:49:0d:e8:9e:2a:3a:71:0d:0b:97:83:07:8e:
84:3c:38:4e:c3:71:95:ca:87:82:ea:d9:21:a2:ac:
10:f0:64:fa:fa:85:82:d7:c2:34:ce:b1:5d:a4:52:
51:fa:c6:06:01:c4:bd:bc:c6:e1:ff:8e:08:be:b1:
0f:65:cb:25:cf:7b:ae:c3:de:85:57:22:29:d2:d2:
10:37:b7:53:a0:1f:74:8a:c7:d8:c2:9e:cd:c5:1e:
dd:c2:df:24:3d:1b:02:49:30:42:e8:91:d4:f4:25:
21:98:a7:fe:a9:a7:56:c8:a0:b6:0c:e0:f7:93:33:
79:bd:b9:04:c6:90:b8:14:76:23:9e:75:6e:66:7c:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:43:E9:FF:8D:3F:25:ED:C9:4B:7E:FF:8C:75:5B:8E:0B:D9:A0:44
X509v3 Authority Key Identifier:
keyid:53:F3:59:08:09:D1:87:F7:B3:61:FB:24:CD:43:F9:3F:66:4B:20:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U_NZCAnRh_ezYfskzUP5P2ZLILM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/v0Pp_40_Je3JS37_jHVbjgvZoEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/de6383-4ad5-457b-953c-a776fede9905/1/U_NZCAnRh_ezYfskzUP5P2ZLILM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6d41::/32
Signature Algorithm: sha256WithRSAEncryption
0a:83:d4:41:04:19:80:ea:04:bc:3f:e9:ae:5a:4d:40:c6:7b:
b5:0e:86:ac:52:34:6f:f9:77:7c:57:e4:1c:b5:2c:1f:80:cb:
68:91:f4:db:ba:f2:e9:8e:66:32:b8:8b:10:dc:7a:cd:0f:e9:
3f:7b:50:1f:1c:b1:e6:51:50:a3:d6:5c:5c:7f:c5:41:4f:5b:
59:ad:06:96:40:bd:47:c0:c3:0a:d0:7b:67:c0:f8:fc:25:57:
79:e2:46:a4:9e:8f:fd:81:61:85:db:15:86:6e:6a:5e:e8:7d:
f2:ab:1c:00:ea:17:44:80:64:57:36:33:28:4e:32:22:62:12:
20:7d:60:f0:6a:f1:05:c1:83:c8:5b:59:9c:a8:f9:5a:72:b8:
58:cf:b4:6d:d9:34:a3:67:35:b1:5b:6e:68:9a:be:0f:45:0d:
db:6f:03:51:41:72:3f:ed:e8:d0:a0:40:1b:da:b4:95:9e:6f:
3e:f7:3a:98:cc:c1:be:2c:60:b8:93:06:e9:a5:7e:4e:14:50:
ab:24:49:0b:4d:e6:3c:00:8a:5a:d9:8b:e0:9b:cd:74:d1:3c:
59:82:f7:ef:c9:3b:78:f6:5d:f3:2d:2d:60:5a:45:78:d9:29:
17:a6:cc:60:14:cc:99:ec:51:52:b7:2d:9d:04:d1:d2:a0:02:
26:fe:99:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks+u9gwCQCHrjggW6r/6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZjM1OTA4MDlkMTg3ZjdiMzYxZmIyNGNkNDNmOTNmNjY0
YjIwYjMwHhcNMjUwMTAyMDE0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjQzZTlmZjhkM2YyNWVkYzk0YjdlZmY4Yzc1NWI4ZTBiZDlhMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHN9ZCoIjy3j6mJylOxaw7r5LB1m
T18HBtj62Bhi1L3JZympJx8yUV3hYG0tkMt+dk7XN/QHFqtMiOzdjqYI2yCogOVG
10ilOw44kS33N0mcCrvlOhABSC/LWU5v9k7AU11kZsA4XR+MgaQljg9VwgkVH+Tp
TyuFTEkN6J4qOnENC5eDB46EPDhOw3GVyoeC6tkhoqwQ8GT6+oWC18I0zrFdpFJR
+sYGAcS9vMbh/44IvrEPZcslz3uuw96FVyIp0tIQN7dToB90isfYwp7NxR7dwt8k
PRsCSTBC6JHU9CUhmKf+qadWyKC2DOD3kzN5vbkExpC4FHYjnnVuZnwY0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL9D6f+NPyXtyUt+/4x1W44L2aBEMB8GA1UdIwQY
MBaAFFPzWQgJ0Yf3s2H7JM1D+T9mSyCzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2Mt
YTc3NmZlZGU5OTA1LzEvdjBQcF80MF9KZTNKUzM3X2pIVmJqZ3Zab0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9kZTYzODMtNGFkNS00NTdiLTk1M2MtYTc3NmZlZGU5OTA1
LzEvVV9OWkNBblJoX2V6WWZza3pVUDVQMlpMSUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgltQTAN
BgkqhkiG9w0BAQsFAAOCAQEACoPUQQQZgOoEvD/prlpNQMZ7tQ6GrFI0b/l3fFfk
HLUsH4DLaJH027ry6Y5mMriLENx6zQ/pP3tQHxyx5lFQo9ZcXH/FQU9bWa0GlkC9
R8DDCtB7Z8D4/CVXeeJGpJ6P/YFhhdsVhm5qXuh98qscAOoXRIBkVzYzKE4yImIS
IH1g8GrxBcGDyFtZnKj5WnK4WM+0bdk0o2c1sVtuaJq+D0UN228DUUFyP+3o0KBA
G9q0lZ5vPvc6mMzBvixguJMG6aV+ThRQqyRJC03mPACKWtmL4JvNdNE8WYL378k7
ePZd8y0tYFpFeNkpF6bMYBTMmexRUrctnQTR0qACJv6Z0A==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:53 2025 by rpki-client