Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/9IMJEhU9cwZnj5RrF1Myybjj004.roa
File: 9IMJEhU9cwZnj5RrF1Myybjj004.roa (raw, json)
Hash identifier: xqWR3tjhkJLohibyPz5kCzd/ogLtHaiChUPlLNFeUcM=
Subject key identifier: F4:83:09:12:15:3D:73:06:67:8F:94:6B:17:53:32:C9:B8:E3:D3:4E
Certificate issuer: /CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Certificate serial: 019420D5C6D9F40293D1C5B7E4B39DFE54B9
Authority key identifier: CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/9IMJEhU9cwZnj5RrF1Myybjj004.roa
Signing time: Wed 01 Jan 2025 07:47:48 +0000
ROA not before: Wed 01 Jan 2025 07:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29663
IP address blocks: 2001:67c:2ac0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c6:d9:f4:02:93:d1:c5:b7:e4:b3:9d:fe:54:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Validity
Not Before: Jan 1 07:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4830912153d7306678f946b175332c9b8e3d34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:05:79:29:49:d6:54:50:3a:65:69:bb:08:52:
1b:fd:74:98:7a:6c:36:a7:5c:49:12:9d:64:c6:84:
80:9f:15:4a:e6:99:b7:e4:07:4e:53:2e:c1:86:70:
6e:7b:3e:0b:83:7a:44:a2:9b:07:e5:ac:6d:ea:85:
e7:ca:75:3f:f6:9e:4d:e0:4a:be:37:8c:b4:7d:59:
2f:32:9e:10:9f:bb:33:6b:b5:1d:5c:e3:4d:38:4f:
ba:6a:1f:11:71:e8:8a:3a:8a:8e:21:3c:45:96:33:
00:7a:0a:7b:66:11:9b:38:fe:6c:86:14:64:77:db:
71:56:b2:a0:ba:a4:d4:6e:18:fe:bd:a3:02:f7:44:
29:e5:45:10:e5:07:df:3f:d6:1d:01:27:18:8d:a1:
00:c4:88:40:9b:ee:0f:9f:b5:38:d9:a4:99:c1:27:
a7:ff:c5:78:02:73:41:2a:99:b2:70:5f:a8:36:3c:
48:76:39:d4:ec:4b:36:6a:4b:47:70:cd:07:f2:e8:
6f:49:2c:da:a0:d1:c8:59:f7:05:de:72:10:7c:88:
1e:1b:09:9e:43:32:4d:98:a9:9d:7f:b7:61:40:f7:
a7:57:d4:0d:6c:d7:bc:98:c2:00:e5:9d:06:0f:01:
9d:c4:0c:6d:0b:62:10:87:6f:07:29:47:ad:a8:be:
76:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:83:09:12:15:3D:73:06:67:8F:94:6B:17:53:32:C9:B8:E3:D3:4E
X509v3 Authority Key Identifier:
keyid:CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/9IMJEhU9cwZnj5RrF1Myybjj004.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ac0::/48
Signature Algorithm: sha256WithRSAEncryption
22:e8:26:4b:39:98:92:b0:05:2e:31:cc:ce:30:22:1b:e0:d2:
a8:16:9c:1b:34:2d:7c:2e:e1:e0:51:5d:7d:ff:eb:bf:8b:5a:
5a:06:c9:81:ac:72:65:b0:a1:d8:a3:c7:42:3a:05:a1:aa:ce:
74:1f:3f:2e:7c:b0:ae:ad:7d:af:23:03:ba:6a:47:d2:78:87:
60:b0:da:16:67:6f:21:96:b3:d6:f1:16:7e:eb:c3:ea:c9:fa:
4a:3f:1b:10:3f:25:11:59:31:d0:44:1c:7a:83:45:6e:45:6a:
16:d3:3b:ec:ec:10:dd:6f:f8:63:ed:19:b0:25:85:c8:e1:3d:
e8:9e:cb:23:bc:ad:87:27:d9:a6:67:11:db:1b:ed:dc:4a:e4:
85:b4:51:c9:b6:d4:00:61:e9:04:5f:52:88:16:e7:52:94:b7:
1f:d4:66:12:f0:d5:d8:dd:c6:fc:6f:89:53:08:95:7e:08:64:
47:a4:d5:3e:02:f6:4a:d6:dd:bc:37:26:43:c4:a0:f9:e3:77:
02:52:35:0a:22:3f:6c:c7:b3:45:7f:8f:f4:3c:45:7a:3b:09:
ae:02:96:63:a7:81:09:54:18:e3:fa:46:af:f9:c1:db:d9:f4:
bb:40:21:4b:79:47:f0:c7:7e:4d:98:21:3d:f1:35:50:c4:55:
cb:f8:11:6c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQg1cbZ9AKT0cW35LOd/lS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODljYjg4OWY5OTIxMmU4YmY1M2QwNmU0NWQ4N2FiYjkx
Njk1MDYwHhcNMjUwMTAxMDc0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDgzMDkxMjE1M2Q3MzA2Njc4Zjk0NmIxNzUzMzJjOWI4ZTNkMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQV5KUnWVFA6ZWm7CFIb/XSYemw2
p1xJEp1kxoSAnxVK5pm35AdOUy7BhnBuez4Lg3pEopsH5axt6oXnynU/9p5N4Eq+
N4y0fVkvMp4Qn7sza7UdXONNOE+6ah8RceiKOoqOITxFljMAegp7ZhGbOP5shhRk
d9txVrKguqTUbhj+vaMC90Qp5UUQ5QffP9YdAScYjaEAxIhAm+4Pn7U42aSZwSen
/8V4AnNBKpmycF+oNjxIdjnU7Es2aktHcM0H8uhvSSzaoNHIWfcF3nIQfIgeGwme
QzJNmKmdf7dhQPenV9QNbNe8mMIA5Z0GDwGdxAxtC2IQh28HKUetqL528wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPSDCRIVPXMGZ4+UaxdTMsm449NOMB8GA1UdIwQY
MBaAFM+Jy4ifmSEui/U9BuRdh6u5FpUGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRuTGlKLVpJUzZMOVQwRzVGMkhxN2tXbFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8wYjg5NTEtMjY5OS00NGIzLTkwNjct
ZDlhNDBjNGQzMjkxLzEvOUlNSkVoVTljd1puajVSckYxTXl5YmpqMDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8wYjg5NTEtMjY5OS00NGIzLTkwNjctZDlhNDBjNGQzMjkx
LzEvejRuTGlKLVpJUzZMOVQwRzVGMkhxN2tXbFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCrA
MA0GCSqGSIb3DQEBCwUAA4IBAQAi6CZLOZiSsAUuMczOMCIb4NKoFpwbNC18LuHg
UV19/+u/i1paBsmBrHJlsKHYo8dCOgWhqs50Hz8ufLCurX2vIwO6akfSeIdgsNoW
Z28hlrPW8RZ+68PqyfpKPxsQPyURWTHQRBx6g0VuRWoW0zvs7BDdb/hj7RmwJYXI
4T3onssjvK2HJ9mmZxHbG+3cSuSFtFHJttQAYekEX1KIFudSlLcf1GYS8NXY3cb8
b4lTCJV+CGRHpNU+AvZK1t28NyZDxKD543cCUjUKIj9sx7NFf4/0PEV6OwmuApZj
p4EJVBjj+kav+cHb2fS7QCFLeUfwx35NmCE98TVQxFXL+BFs
-----END CERTIFICATE-----
Generated at Fri Apr 25 14:25:04 2025 by rpki-client