Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/9LGSNE38RZCTyouOtHVx3qVP6lw.roa
File: 9LGSNE38RZCTyouOtHVx3qVP6lw.roa (raw, json)
Hash identifier: ugV2YTVWDidN8y0vBVq2PfGkhQx7PuXVEwNoZCBbGX8=
Subject key identifier: F4:B1:92:34:4D:FC:45:90:93:CA:8B:8E:B4:75:71:DE:A5:4F:EA:5C
Certificate issuer: /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial: 019423D761D34F68043F9CA9BD3717C07D01
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/9LGSNE38RZCTyouOtHVx3qVP6lw.roa
Signing time: Wed 01 Jan 2025 21:48:25 +0000
ROA not before: Wed 01 Jan 2025 21:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207158
IP address blocks: 2a0b:1c00::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:61:d3:4f:68:04:3f:9c:a9:bd:37:17:c0:7d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Validity
Not Before: Jan 1 21:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4b192344dfc459093ca8b8eb47571dea54fea5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:80:9c:e8:bf:5d:18:07:62:8c:e4:4d:a7:2f:
58:b0:3c:c0:c2:f1:53:6f:6e:a8:02:2a:c5:fd:b0:
9e:4f:95:53:18:d2:3b:43:d2:2d:63:06:52:33:42:
f8:f2:7b:9b:9b:74:61:47:ad:c3:81:e7:a5:cd:4d:
d0:64:0a:17:76:c0:00:e4:6d:f6:4b:98:b2:ed:47:
39:a9:c1:0c:56:d9:b0:46:ec:03:42:6f:13:c3:4c:
91:de:31:8a:25:20:9d:e0:01:48:3e:70:d3:21:48:
d5:1f:f4:e9:5f:4e:7a:bd:fb:49:eb:01:5b:29:75:
69:d8:88:93:ea:12:26:cb:60:02:36:66:3b:11:ee:
09:ef:7c:e4:e7:47:d8:40:17:9c:39:84:ea:2e:92:
08:08:04:c3:ce:ef:5d:e9:7f:9a:7c:03:74:8c:69:
d6:61:1d:c1:50:92:d5:1e:ca:74:66:cc:3c:8a:d0:
20:78:48:c9:14:ea:01:22:f5:02:a0:c5:dc:7a:6d:
d4:8e:54:03:01:c2:16:d1:5c:99:a6:3d:1f:57:90:
fb:81:07:13:9d:5c:c8:fe:6b:fc:cd:e4:fa:5f:d1:
6a:a6:89:29:d5:a2:71:1d:5b:40:48:ef:4e:f1:59:
35:20:33:90:83:e4:d2:a1:67:6c:c3:47:82:77:aa:
d6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B1:92:34:4D:FC:45:90:93:CA:8B:8E:B4:75:71:DE:A5:4F:EA:5C
X509v3 Authority Key Identifier:
keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/9LGSNE38RZCTyouOtHVx3qVP6lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
3d:ab:83:a1:df:89:ce:7f:63:52:58:5f:41:04:56:b7:6b:2a:
ae:d9:d0:40:c8:6e:6c:3c:9a:3e:1a:9f:df:3b:92:01:c2:7d:
cd:75:75:e1:4c:64:55:8b:f4:87:4b:58:67:7f:26:7a:2a:7e:
2e:4e:f5:1c:2c:55:fd:03:b1:53:82:0d:d1:12:63:3e:27:90:
fb:cb:b0:6f:bc:78:ad:8e:34:77:c0:7e:e4:b5:14:81:92:de:
47:82:76:bf:0f:5d:29:5f:ff:14:08:3b:3f:7b:f6:1c:ce:7c:
05:dd:f3:0b:d9:99:f2:dc:6f:47:90:9d:a2:e5:ab:84:a7:39:
c8:8d:9a:b8:4e:fa:b1:03:22:b0:99:50:dd:b9:a9:d8:c2:0e:
c8:98:26:e7:33:47:22:e8:fa:f2:2a:f6:08:53:ec:10:3e:2c:
a3:de:fc:31:c6:0f:27:6e:a7:9d:c1:32:6c:84:bb:cb:96:3f:
58:71:5e:07:95:11:7c:46:da:9c:70:8f:93:30:10:15:63:49:
6e:f1:00:db:62:7b:60:0c:1e:b3:e1:7d:36:94:61:ba:5f:d8:
9c:8d:94:ad:a8:53:22:68:60:75:24:0d:9b:2b:e0:3e:84:de:
54:b4:9a:a8:c9:12:0d:b2:c4:bf:bd:4a:db:b2:23:99:74:ce:
3b:a1:f0:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQj12HTT2gEP5ypvTcXwH0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZGVjNGE0NmE2ZTZlNGY5YTkyZDBiYTJlMGIzYWI1NjU4
YmUxYmQwHhcNMjUwMTAxMjE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIxOTIzNDRkZmM0NTkwOTNjYThiOGViNDc1NzFkZWE1NGZlYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxICc6L9dGAdijORNpy9YsDzAwvFT
b26oAirF/bCeT5VTGNI7Q9ItYwZSM0L48nubm3RhR63DgeelzU3QZAoXdsAA5G32
S5iy7Uc5qcEMVtmwRuwDQm8Tw0yR3jGKJSCd4AFIPnDTIUjVH/TpX056vftJ6wFb
KXVp2IiT6hImy2ACNmY7Ee4J73zk50fYQBecOYTqLpIICATDzu9d6X+afAN0jGnW
YR3BUJLVHsp0Zsw8itAgeEjJFOoBIvUCoMXcem3UjlQDAcIW0VyZpj0fV5D7gQcT
nVzI/mv8zeT6X9Fqpokp1aJxHVtASO9O8Vk1IDOQg+TSoWdsw0eCd6rWpwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPSxkjRN/EWQk8qLjrR1cd6lT+pcMB8GA1UdIwQY
MBaAFP/exKRqbm5PmpLQui4LOrVli+G9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEt
N2U4YzZkNGQ5YmVmLzEvOUxHU05FMzhSWkNUeW91T3RIVngzcVZQNmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xMWU1YjMtNDNhYS00Mjc5LTk0NDEtN2U4YzZkNGQ5YmVm
LzEvXzk3RXBHcHViay1ha3RDNkxnczZ0V1dMNGIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgscADAN
BgkqhkiG9w0BAQsFAAOCAQEAPauDod+Jzn9jUlhfQQRWt2sqrtnQQMhubDyaPhqf
3zuSAcJ9zXV14UxkVYv0h0tYZ38meip+Lk71HCxV/QOxU4IN0RJjPieQ+8uwb7x4
rY40d8B+5LUUgZLeR4J2vw9dKV//FAg7P3v2HM58Bd3zC9mZ8txvR5CdouWrhKc5
yI2auE76sQMisJlQ3bmp2MIOyJgm5zNHIuj68ir2CFPsED4so978McYPJ26nncEy
bIS7y5Y/WHFeB5URfEbanHCPkzAQFWNJbvEA22J7YAwes+F9NpRhul/YnI2UrahT
ImhgdSQNmyvgPoTeVLSaqMkSDbLEv71K27IjmXTOO6HwFg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:27:16 2025 by rpki-client