Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/nZXVIEL0exaI0r9M1rnJ3WGAF8E.roa
File: nZXVIEL0exaI0r9M1rnJ3WGAF8E.roa (raw, json)
Hash identifier: z9Y7z19RIBK56yiGgo7dXHB1kgsXjY6R1AlYACsMqoU=
Subject key identifier: 9D:95:D5:20:42:F4:7B:16:88:D2:BF:4C:D6:B9:C9:DD:61:80:17:C1
Certificate issuer: /CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Certificate serial: 01941FFA0B8F5FC35F19C1FA111AAB58FD22
Authority key identifier: 51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/nZXVIEL0exaI0r9M1rnJ3WGAF8E.roa
Signing time: Wed 01 Jan 2025 03:47:48 +0000
ROA not before: Wed 01 Jan 2025 03:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216000
IP address blocks: 2a13:cc87:fc02::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:0b:8f:5f:c3:5f:19:c1:fa:11:1a:ab:58:fd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Validity
Not Before: Jan 1 03:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d95d52042f47b1688d2bf4cd6b9c9dd618017c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:62:e2:87:4e:68:4e:5b:97:82:3c:d0:ac:
e1:cc:e2:f4:34:61:f9:56:6b:5a:bc:9a:38:f7:db:
6e:3e:55:da:5e:bd:32:19:da:59:ae:7d:04:11:de:
58:5a:14:72:40:da:ab:0c:58:78:96:6b:2d:f4:bf:
13:c6:8e:b1:23:7c:73:77:ce:2f:8e:d2:a5:ac:64:
a0:42:6a:3b:cd:1f:bc:79:61:36:3a:7b:34:5c:79:
ae:35:1b:cb:46:cd:89:71:2f:39:e7:7c:26:a8:21:
7d:d6:cf:c2:ba:b5:0a:bb:6a:25:fe:38:1d:d9:c2:
37:ec:97:ea:73:cb:84:70:a3:ab:fd:8a:90:85:45:
8d:e9:1e:5e:ba:25:bb:0c:2b:c6:94:78:76:f4:99:
66:58:2b:ed:49:78:3a:b3:fc:3c:93:d3:de:0d:b8:
3f:8b:b4:4b:36:44:41:96:4a:73:7e:39:7b:00:e3:
ae:a7:d1:d6:fd:f2:c2:5f:6a:76:2b:f5:29:1d:e0:
7d:ae:0a:ee:e1:4f:7b:5b:9a:bc:8c:9f:ba:03:19:
47:77:68:ef:48:81:db:ca:f7:ae:f8:42:59:f9:1d:
d3:a1:52:42:b4:b5:71:4e:98:37:5f:5e:e4:e4:96:
9e:18:5e:c2:b1:78:ff:d9:83:86:25:ae:22:7b:ac:
04:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:95:D5:20:42:F4:7B:16:88:D2:BF:4C:D6:B9:C9:DD:61:80:17:C1
X509v3 Authority Key Identifier:
keyid:51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/nZXVIEL0exaI0r9M1rnJ3WGAF8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cc87:fc02::/48
Signature Algorithm: sha256WithRSAEncryption
84:5b:b4:31:e9:ad:58:cd:ca:79:2e:d1:fb:ac:e6:dc:19:27:
38:85:eb:38:73:b4:4e:ec:5e:79:28:fd:f3:e8:cb:7b:16:a8:
19:2f:69:d9:1e:4c:5e:ba:f0:44:8f:0a:94:e1:99:0f:62:28:
f0:aa:23:30:ae:39:3a:59:4a:48:fc:3d:aa:c3:b0:47:23:30:
25:24:cb:b3:39:44:51:7a:54:51:d1:ee:a9:51:e4:16:7c:b3:
dd:42:92:33:e4:88:68:54:bd:87:55:76:ac:af:19:ad:04:04:
89:ca:60:52:51:f8:b7:0f:1a:b5:50:02:97:06:c0:01:1f:33:
4f:e1:a5:33:e2:45:68:96:23:17:b9:03:da:d8:25:b7:d3:d3:
5c:d9:89:e5:af:96:5d:3b:cb:6b:5b:d8:96:59:b6:3b:d9:2f:
93:6d:0e:ea:e3:8c:33:89:3e:4f:34:b5:40:dd:de:ed:d4:3e:
22:36:d2:04:de:93:6b:20:88:cc:c6:45:5b:40:c5:94:fe:59:
fb:8c:f5:a3:0f:a9:2c:01:3f:b2:8c:fb:6c:9e:71:27:1b:d9:
52:1f:7d:a0:60:fe:9e:3d:f4:48:aa:85:47:d5:93:f2:a8:66:
ca:b9:a8:db:4d:3b:92:c4:13:c2:2c:fb:46:67:1c:de:95:d2:
d6:2b:6e:1b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+guPX8NfGcH6ERqrWP0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxN2EwYzk2ODQyYmFmYzlmNjMwYmExNGI4M2VhNzliZDEy
YTUzYjkwHhcNMjUwMTAxMDM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk1ZDUyMDQyZjQ3YjE2ODhkMmJmNGNkNmI5YzlkZDYxODAxN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV9i4odOaE5bl4I80KzhzOL0NGH5
VmtavJo499tuPlXaXr0yGdpZrn0EEd5YWhRyQNqrDFh4lmst9L8Txo6xI3xzd84v
jtKlrGSgQmo7zR+8eWE2Ons0XHmuNRvLRs2JcS8553wmqCF91s/CurUKu2ol/jgd
2cI37Jfqc8uEcKOr/YqQhUWN6R5euiW7DCvGlHh29JlmWCvtSXg6s/w8k9PeDbg/
i7RLNkRBlkpzfjl7AOOup9HW/fLCX2p2K/UpHeB9rgru4U97W5q8jJ+6AxlHd2jv
SIHbyveu+EJZ+R3ToVJCtLVxTpg3X17k5JaeGF7CsXj/2YOGJa4ie6wEDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ2V1SBC9HsWiNK/TNa5yd1hgBfBMB8GA1UdIwQY
MBaAFFF6DJaEK6/J9jC6FLg+p5vRKlO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMt
YjBlYjY3MTVlMGFmLzEvblpYVklFTDBleGFJMHI5TTFybkozV0dBRjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMtYjBlYjY3MTVlMGFm
LzEvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPMh/wC
MA0GCSqGSIb3DQEBCwUAA4IBAQCEW7Qx6a1Yzcp5LtH7rObcGSc4hes4c7RO7F55
KP3z6Mt7FqgZL2nZHkxeuvBEjwqU4ZkPYijwqiMwrjk6WUpI/D2qw7BHIzAlJMuz
OURRelRR0e6pUeQWfLPdQpIz5IhoVL2HVXasrxmtBASJymBSUfi3Dxq1UAKXBsAB
HzNP4aUz4kVoliMXuQPa2CW309Nc2Ynlr5ZdO8trW9iWWbY72S+TbQ7q44wziT5P
NLVA3d7t1D4iNtIE3pNrIIjMxkVbQMWU/ln7jPWjD6ksAT+yjPtsnnEnG9lSH32g
YP6ePfRIqoVH1ZPyqGbKuajbTTuSxBPCLPtGZxzeldLWK24b
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:35:07 2025 by rpki-client