Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/nUJoZVEyJ7Ch6Htt7Gy_l4EGdUs.roa
File: nUJoZVEyJ7Ch6Htt7Gy_l4EGdUs.roa (raw, json)
Hash identifier: DEXI+dom+CuVEOOs+wIFSM6Zic3MADgfCsnWrZCTC3o=
Subject key identifier: 9D:42:68:65:51:32:27:B0:A1:E8:7B:6D:EC:6C:BF:97:81:06:75:4B
Certificate issuer: /CN=8405c07192a8106fedb0760b8945032ca1d3054b
Certificate serial: 019425215B366F21C27170D8D2559EA30500
Authority key identifier: 84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/nUJoZVEyJ7Ch6Htt7Gy_l4EGdUs.roa
Signing time: Thu 02 Jan 2025 03:48:50 +0000
ROA not before: Thu 02 Jan 2025 03:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41320
IP address blocks: 2a0c:3a81:100::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:5b:36:6f:21:c2:71:70:d8:d2:55:9e:a3:05:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8405c07192a8106fedb0760b8945032ca1d3054b
Validity
Not Before: Jan 2 03:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d426865513227b0a1e87b6dec6cbf978106754b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:98:83:f2:a5:e8:58:24:54:d3:e2:aa:c7:1a:
0c:33:4f:c6:ca:9e:db:3b:35:db:a4:a4:70:17:20:
db:bc:c4:9a:04:e7:63:86:2e:7a:b6:53:2c:81:16:
a7:32:a9:03:79:d6:02:ea:5c:d0:d6:5c:21:ea:54:
18:16:f3:27:c9:a6:9d:26:52:ec:9d:f4:bb:98:6c:
b4:13:41:dc:6d:0d:59:d4:b5:a9:7c:e4:1a:e3:8e:
03:c1:c3:e6:72:ef:64:c7:f5:9b:f7:47:3d:b5:65:
ad:ca:3a:8f:ee:0a:28:7e:54:a0:16:22:1f:98:58:
b8:f8:2c:c9:5c:36:0c:46:fb:7f:88:72:27:5e:d4:
b7:98:82:e6:f0:53:fe:43:e5:5c:de:75:f2:bb:25:
44:d8:9b:57:2e:ae:60:6a:49:6e:33:be:6a:7d:41:
f6:25:e6:aa:a4:99:ed:d9:ff:3b:5c:20:e1:bd:fd:
34:ac:6f:19:a2:cb:12:8d:0b:ef:c0:d5:98:fe:8c:
27:9b:c3:c8:d9:ad:a0:6e:d8:0b:59:b5:31:7f:0c:
d9:19:38:78:62:6a:bc:2e:13:69:7f:87:fb:ee:d2:
d4:05:5a:4c:c9:92:28:b0:ae:4a:14:ed:9e:29:e7:
a5:f3:ab:30:51:4c:a6:fe:95:3a:cd:d6:17:c0:08:
9c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:42:68:65:51:32:27:B0:A1:E8:7B:6D:EC:6C:BF:97:81:06:75:4B
X509v3 Authority Key Identifier:
keyid:84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/nUJoZVEyJ7Ch6Htt7Gy_l4EGdUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/hAXAcZKoEG_tsHYLiUUDLKHTBUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:3a81:100::/40
Signature Algorithm: sha256WithRSAEncryption
86:40:b4:34:db:19:69:08:c6:b2:8e:1e:2a:96:4a:7b:42:01:
db:4a:04:cc:f0:7a:dc:ca:70:11:f9:08:19:d8:1a:58:61:66:
b6:3a:d2:1c:41:66:d9:af:d3:07:56:d4:24:77:6d:c4:df:05:
ee:af:f6:a8:dd:51:d4:de:5d:1b:33:c8:3f:39:32:93:7a:5f:
be:d0:09:5e:94:06:1f:c2:69:f1:1d:b1:b4:31:7d:c7:64:b4:
fe:d3:1f:02:ae:21:62:1a:0b:46:69:44:f1:fb:4c:0e:cd:b1:
7e:35:95:a3:f2:8a:21:5b:8a:c5:08:f9:7b:5d:8e:19:b2:6e:
b3:0a:62:15:7e:09:23:3c:ef:70:21:1e:80:a3:36:3b:02:d0:
d8:99:97:5a:cb:77:e1:b9:88:45:b6:04:65:3e:4b:0b:e1:a7:
61:d5:33:6f:95:fe:28:5f:c1:2f:23:27:7c:b3:b0:44:50:fd:
5c:9c:a6:55:ec:f6:ec:26:49:25:38:3e:e8:fb:e2:5b:01:e8:
50:2d:6b:3e:0f:bf:c2:85:f7:9c:ed:79:eb:bf:fb:05:be:3f:
d5:e1:53:67:ea:4d:69:6c:93:46:3c:e7:ae:1a:2b:4d:f6:02:
91:d0:e1:85:8c:f5:1f:a8:90:72:f5:56:78:6b:bf:69:bb:1f:
93:f1:f3:40
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIVs2byHCcXDY0lWeowUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MDVjMDcxOTJhODEwNmZlZGIwNzYwYjg5NDUwMzJjYTFk
MzA1NGIwHhcNMjUwMTAyMDM0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDQyNjg2NTUxMzIyN2IwYTFlODdiNmRlYzZjYmY5NzgxMDY3NTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJiD8qXoWCRU0+KqxxoMM0/Gyp7b
OzXbpKRwFyDbvMSaBOdjhi56tlMsgRanMqkDedYC6lzQ1lwh6lQYFvMnyaadJlLs
nfS7mGy0E0HcbQ1Z1LWpfOQa444DwcPmcu9kx/Wb90c9tWWtyjqP7gooflSgFiIf
mFi4+CzJXDYMRvt/iHInXtS3mILm8FP+Q+Vc3nXyuyVE2JtXLq5gakluM75qfUH2
JeaqpJnt2f87XCDhvf00rG8ZossSjQvvwNWY/ownm8PI2a2gbtgLWbUxfwzZGTh4
Ymq8LhNpf4f77tLUBVpMyZIosK5KFO2eKeel86swUUym/pU6zdYXwAicCwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ1CaGVRMiewoeh7bexsv5eBBnVLMB8GA1UdIwQY
MBaAFIQFwHGSqBBv7bB2C4lFAyyh0wVLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEFYQWNaS29FR190c0hZTGlVVURMS0hUQlVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNjE1YjAtNGQ5OC00YTNkLThiZDIt
NGM5M2JlZTI3ZDU0LzEvblVKb1pWRXlKN0NoNkh0dDdHeV9sNEVHZFVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNjE1YjAtNGQ5OC00YTNkLThiZDItNGM5M2JlZTI3ZDU0
LzEvaEFYQWNaS29FR190c0hZTGlVVURMS0hUQlVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgw6gQEw
DQYJKoZIhvcNAQELBQADggEBAIZAtDTbGWkIxrKOHiqWSntCAdtKBMzwetzKcBH5
CBnYGlhhZrY60hxBZtmv0wdW1CR3bcTfBe6v9qjdUdTeXRszyD85MpN6X77QCV6U
Bh/CafEdsbQxfcdktP7THwKuIWIaC0ZpRPH7TA7NsX41laPyiiFbisUI+Xtdjhmy
brMKYhV+CSM873AhHoCjNjsC0NiZl1rLd+G5iEW2BGU+Swvhp2HVM2+V/ihfwS8j
J3yzsERQ/VycplXs9uwmSSU4Puj74lsB6FAtaz4Pv8KF95zteeu/+wW+P9XhU2fq
TWlsk0Y8564aK032ApHQ4YWM9R+okHL1Vnhrv2m7H5Px80A=
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:05:36 2025 by rpki-client