Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/NJlcB7hUDRR-RE3xb80LxJnz-u0.roa
File: NJlcB7hUDRR-RE3xb80LxJnz-u0.roa (raw, json)
Hash identifier: J0hfLalGgnRXjghX77NW/arld10JPRhRmjZmERlfBMg=
Subject key identifier: 34:99:5C:07:B8:54:0D:14:7E:44:4D:F1:6F:CD:0B:C4:99:F3:FA:ED
Certificate issuer: /CN=45effe98c24c3d6d6087c8d1d3f901b8ccd40088
Certificate serial: 019425FDA6C26A009D9F187C5D7A5A3EA6EC
Authority key identifier: 45:EF:FE:98:C2:4C:3D:6D:60:87:C8:D1:D3:F9:01:B8:CC:D4:00:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Re_-mMJMPW1gh8jR0_kBuMzUAIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/NJlcB7hUDRR-RE3xb80LxJnz-u0.roa
Signing time: Thu 02 Jan 2025 07:49:27 +0000
ROA not before: Thu 02 Jan 2025 07:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215568
IP address blocks: 2a01:f440::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a6:c2:6a:00:9d:9f:18:7c:5d:7a:5a:3e:a6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45effe98c24c3d6d6087c8d1d3f901b8ccd40088
Validity
Not Before: Jan 2 07:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=34995c07b8540d147e444df16fcd0bc499f3faed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:39:6a:86:60:2b:d9:d0:17:e2:7c:64:a9:
82:08:5c:6e:31:f7:5b:89:9d:3a:87:e2:22:76:89:
6d:64:6a:ae:e2:24:ca:69:85:54:f8:64:21:7e:70:
5b:f8:03:08:a9:82:2e:f8:17:63:64:c0:fd:42:30:
db:ad:3d:d6:ab:e2:33:0a:f8:e4:0b:fe:18:dd:6f:
5b:39:9a:fa:d4:75:91:dc:26:0f:c4:e3:53:4c:8d:
20:f5:8f:99:4f:88:8e:46:cc:05:8d:90:2b:d6:1c:
29:36:ca:18:f1:a4:7b:eb:a5:23:7b:b8:ca:b5:a3:
38:ab:d4:42:82:7f:f6:fb:e8:85:f5:66:bd:d2:19:
29:25:aa:c7:46:d0:e4:bb:16:bd:fb:b0:42:a4:8e:
5c:98:a3:fb:cf:98:60:fa:ca:5b:04:15:b1:81:b0:
41:59:33:c7:d9:2d:e2:e5:e8:61:94:72:fb:b4:b0:
33:27:1c:60:ea:3b:d7:83:73:b6:3f:11:d3:5c:3e:
f7:25:45:14:27:8a:b7:83:df:34:c6:cb:bb:24:57:
f0:d6:5e:d5:1d:84:84:ef:9a:47:ec:43:d2:41:85:
3f:c7:3b:47:71:6a:77:26:47:ae:2e:23:c7:6b:52:
d5:03:2d:54:67:c5:8b:d1:5e:7c:e6:fd:b0:83:9e:
0e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:99:5C:07:B8:54:0D:14:7E:44:4D:F1:6F:CD:0B:C4:99:F3:FA:ED
X509v3 Authority Key Identifier:
keyid:45:EF:FE:98:C2:4C:3D:6D:60:87:C8:D1:D3:F9:01:B8:CC:D4:00:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Re_-mMJMPW1gh8jR0_kBuMzUAIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/NJlcB7hUDRR-RE3xb80LxJnz-u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/Re_-mMJMPW1gh8jR0_kBuMzUAIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f440::/29
Signature Algorithm: sha256WithRSAEncryption
04:ed:12:15:6a:6e:94:b1:44:ac:48:c0:9f:46:7e:9c:d5:ae:
f5:e3:4e:19:32:5c:64:0e:63:78:d6:97:25:69:c0:e8:14:d0:
4e:78:63:b8:1e:fa:9c:65:db:8e:f4:67:ee:51:7d:89:02:d2:
71:eb:c2:71:48:ad:12:47:22:a6:0a:87:4a:e5:d2:dc:f7:c0:
89:ca:1c:6d:be:a3:5c:1b:32:f1:47:59:a9:76:4d:98:ef:8d:
e0:5e:13:dd:04:77:c4:66:88:14:62:29:6f:fd:dd:72:e6:48:
cc:a5:c0:14:1d:1c:fd:33:42:d4:2e:3c:96:d5:25:49:78:ac:
26:20:3d:f0:7c:ee:5f:ec:7e:dd:72:29:f8:79:f4:f9:ca:2e:
a7:e6:5c:ac:b5:3b:d4:12:27:38:98:e2:07:1c:39:a9:ef:79:
be:18:c7:bf:ce:01:37:fd:34:2a:16:b9:3f:a7:eb:56:03:40:
a9:e3:cb:d6:9b:04:54:8c:06:cb:86:3b:f2:99:6f:0d:05:41:
32:45:11:bc:02:5f:de:30:d6:cc:95:3d:f3:2d:e2:cf:5a:53:
a1:7f:00:ed:e5:6c:48:74:de:87:7d:a8:c6:7f:43:37:2a:fb:
9a:2a:38:0d:f0:cc:5b:c4:c3:1c:79:16:33:d8:7d:f2:bf:c2:
60:50:47:3c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQl/abCagCdnxh8XXpaPqbsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZWZmZTk4YzI0YzNkNmQ2MDg3YzhkMWQzZjkwMWI4Y2Nk
NDAwODgwHhcNMjUwMTAyMDc0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk5NWMwN2I4NTQwZDE0N2U0NDRkZjE2ZmNkMGJjNDk5ZjNmYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv45aoZgK9nQF+J8ZKmCCFxuMfdb
iZ06h+IidoltZGqu4iTKaYVU+GQhfnBb+AMIqYIu+BdjZMD9QjDbrT3Wq+IzCvjk
C/4Y3W9bOZr61HWR3CYPxONTTI0g9Y+ZT4iORswFjZAr1hwpNsoY8aR766Uje7jK
taM4q9RCgn/2++iF9Wa90hkpJarHRtDkuxa9+7BCpI5cmKP7z5hg+spbBBWxgbBB
WTPH2S3i5ehhlHL7tLAzJxxg6jvXg3O2PxHTXD73JUUUJ4q3g980xsu7JFfw1l7V
HYSE75pH7EPSQYU/xztHcWp3JkeuLiPHa1LVAy1UZ8WL0V585v2wg54OEQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDSZXAe4VA0UfkRN8W/NC8SZ8/rtMB8GA1UdIwQY
MBaAFEXv/pjCTD1tYIfI0dP5AbjM1ACIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmVfLW1NSk1QVzFnaDhqUjBfa0J1TXpVQUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xZTRhNjQtN2FhMC00Yzk0LTliYjAt
ZGViN2I5MTg5MTY5LzEvTkpsY0I3aFVEUlItUkUzeGI4MEx4Sm56LXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xZTRhNjQtN2FhMC00Yzk0LTliYjAtZGViN2I5MTg5MTY5
LzEvUmVfLW1NSk1QVzFnaDhqUjBfa0J1TXpVQUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgH0QDAN
BgkqhkiG9w0BAQsFAAOCAQEABO0SFWpulLFErEjAn0Z+nNWu9eNOGTJcZA5jeNaX
JWnA6BTQTnhjuB76nGXbjvRn7lF9iQLScevCcUitEkcipgqHSuXS3PfAicocbb6j
XBsy8UdZqXZNmO+N4F4T3QR3xGaIFGIpb/3dcuZIzKXAFB0c/TNC1C48ltUlSXis
JiA98HzuX+x+3XIp+Hn0+coup+ZcrLU71BInOJjiBxw5qe95vhjHv84BN/00Kha5
P6frVgNAqePL1psEVIwGy4Y78plvDQVBMkURvAJf3jDWzJU98y3iz1pToX8A7eVs
SHTeh32oxn9DNyr7mio4DfDMW8TDHHkWM9h98r/CYFBHPA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 02:57:49 2025 by rpki-client