Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/AlG9a-wnZAaNJx4JRcNy6108vy0.roa
File: AlG9a-wnZAaNJx4JRcNy6108vy0.roa (raw, json)
Hash identifier: rW0OCFxv2iZOns3RdhlBfU6Txlo4gEd4MAjshROZlio=
Subject key identifier: 02:51:BD:6B:EC:27:64:06:8D:27:1E:09:45:C3:72:EB:5D:3C:BF:2D
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 0194214460A254F3C964C0C88150D8E721B9
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/AlG9a-wnZAaNJx4JRcNy6108vy0.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216355
IP address blocks: 2a06:d1c1:1f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:60:a2:54:f3:c9:64:c0:c8:81:50:d8:e7:21:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0251bd6bec2764068d271e0945c372eb5d3cbf2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:28:60:b8:dc:8c:db:43:7f:d6:02:32:61:11:
8f:4b:cd:e7:50:b4:7e:e4:48:9b:63:c7:2e:5a:b5:
b7:0e:dd:e9:99:de:d0:f7:4a:a7:b1:90:bc:b9:fc:
7d:f7:2d:de:e6:9f:32:21:d3:47:00:2f:59:40:2a:
f1:8a:e8:ec:5c:a2:b7:e4:94:fa:dd:f1:4e:c2:9d:
a9:93:2c:b8:95:fd:96:73:8b:b4:ed:62:ee:91:7f:
b2:71:c5:fa:10:d7:5a:33:1b:16:c1:a1:f8:c1:4c:
7c:06:d8:a7:43:06:28:fb:d7:a9:6f:03:e3:ba:c6:
5c:ea:25:1b:dd:09:81:bd:b4:c2:9b:ce:9d:09:97:
a8:23:b2:b5:4d:f4:b4:6e:81:1e:1a:38:43:92:22:
d1:8d:6c:47:03:f5:66:81:00:dc:8d:5b:2f:5e:0c:
32:71:ff:f9:74:c0:a3:b2:71:28:2e:56:8c:86:e6:
82:e0:50:bc:a7:f1:2e:e6:1c:cd:d8:74:55:fe:40:
0d:cf:19:ce:39:d2:62:4d:32:d0:1b:56:2d:1c:af:
2b:21:a1:01:7b:ce:41:f5:ec:f1:d6:92:45:02:aa:
b8:30:cc:88:ef:9e:84:81:de:7b:a2:26:ea:d3:95:
84:ef:3f:ce:a5:8d:3a:21:20:f1:ed:17:f2:12:2a:
4f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:51:BD:6B:EC:27:64:06:8D:27:1E:09:45:C3:72:EB:5D:3C:BF:2D
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/AlG9a-wnZAaNJx4JRcNy6108vy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d1c1:1f::/48
Signature Algorithm: sha256WithRSAEncryption
68:29:3e:9a:4c:5a:57:ee:43:f3:cb:4e:c5:b1:1c:d9:4e:62:
ed:97:b5:da:33:0a:9e:6c:8d:11:94:ed:5f:cb:57:04:22:8a:
5d:c2:70:6b:48:64:73:4f:7a:db:e9:c9:05:e1:78:85:85:30:
3c:f3:18:be:11:14:99:29:b8:ce:1f:c7:c0:38:82:d4:0c:34:
95:f4:ba:92:2f:c6:b2:79:86:ab:2c:fe:d8:ea:90:c0:de:8c:
2a:36:4e:2a:42:14:cb:87:b4:b1:31:41:a7:45:cf:02:ab:2c:
6e:e7:09:e0:73:32:0d:fa:40:0d:5b:a1:04:ee:b4:4a:11:fd:
78:57:33:9f:c4:c9:81:a3:f3:e0:a0:57:33:6b:73:d8:68:62:
2f:10:5f:65:ae:14:9c:63:49:78:a3:7a:ae:5a:b2:e6:24:92:
d3:15:6f:b0:a3:aa:74:c1:fd:c8:d1:8f:65:46:ea:cf:24:c5:
1d:93:0e:1c:42:21:d2:ac:df:0e:6b:7b:2d:5f:01:f3:a2:f8:
11:f9:3a:4d:4c:83:71:11:99:ac:d2:c9:c3:1a:ed:23:96:c7:
19:f3:8c:ec:e4:ac:a0:2b:6c:00:49:14:84:bf:a6:51:7b:a1:
7d:5d:b2:4d:df:f5:e7:13:d8:4a:35:0e:57:0b:d0:4a:e1:ad:
cc:e1:07:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQhRGCiVPPJZMDIgVDY5yG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjUxYmQ2YmVjMjc2NDA2OGQyNzFlMDk0NWMzNzJlYjVkM2NiZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApihguNyM20N/1gIyYRGPS83nULR+
5EibY8cuWrW3Dt3pmd7Q90qnsZC8ufx99y3e5p8yIdNHAC9ZQCrxiujsXKK35JT6
3fFOwp2pkyy4lf2Wc4u07WLukX+yccX6ENdaMxsWwaH4wUx8BtinQwYo+9epbwPj
usZc6iUb3QmBvbTCm86dCZeoI7K1TfS0boEeGjhDkiLRjWxHA/VmgQDcjVsvXgwy
cf/5dMCjsnEoLlaMhuaC4FC8p/Eu5hzN2HRV/kANzxnOOdJiTTLQG1YtHK8rIaEB
e85B9ezx1pJFAqq4MMyI756Egd57oibq05WE7z/OpY06ISDx7RfyEipPGQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAJRvWvsJ2QGjSceCUXDcutdPL8tMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvQWxHOWEtd25aQWFOSng0SlJjTnk2MTA4dnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgbRwQAf
MA0GCSqGSIb3DQEBCwUAA4IBAQBoKT6aTFpX7kPzy07FsRzZTmLtl7XaMwqebI0R
lO1fy1cEIopdwnBrSGRzT3rb6ckF4XiFhTA88xi+ERSZKbjOH8fAOILUDDSV9LqS
L8ayeYarLP7Y6pDA3owqNk4qQhTLh7SxMUGnRc8Cqyxu5wngczIN+kANW6EE7rRK
Ef14VzOfxMmBo/PgoFcza3PYaGIvEF9lrhScY0l4o3quWrLmJJLTFW+wo6p0wf3I
0Y9lRurPJMUdkw4cQiHSrN8Oa3stXwHzovgR+TpNTINxEZms0snDGu0jlscZ84zs
5KygK2wASRSEv6ZRe6F9XbJN3/XnE9hKNQ5XC9BK4a3M4Qd/
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:38:45 2025 by rpki-client