Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/9unXgezNMxzwNg4bzifOYAuCs0o.roa
File: 9unXgezNMxzwNg4bzifOYAuCs0o.roa (raw, json)
Hash identifier: g4XwuMrRwxeGeiZBFLLb9s8Q1VZBOHGp5ebHoGbs+mc=
Subject key identifier: F6:E9:D7:81:EC:CD:33:1C:F0:36:0E:1B:CE:27:CE:60:0B:82:B3:4A
Certificate issuer: /CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Certificate serial: 0194221FD7289963DE303948018D81DD0DF9
Authority key identifier: 23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/9unXgezNMxzwNg4bzifOYAuCs0o.roa
Signing time: Wed 01 Jan 2025 13:48:19 +0000
ROA not before: Wed 01 Jan 2025 13:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35052
IP address blocks: 2001:67c:133c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:d7:28:99:63:de:30:39:48:01:8d:81:dd:0d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d8448c5cb90398e4c285cec9c0f4766ac931df
Validity
Not Before: Jan 1 13:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6e9d781eccd331cf0360e1bce27ce600b82b34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:58:4f:e7:05:66:a8:87:de:81:b6:bc:cc:
c9:38:d5:25:02:c3:13:66:46:5e:21:5f:bb:43:df:
29:ab:92:de:ce:80:ab:f3:58:05:f0:f0:62:71:df:
9c:0d:f5:c7:21:d8:f0:85:b6:51:20:dc:26:bd:da:
b9:bf:26:52:9f:46:b7:33:94:da:91:24:4d:29:5b:
fc:3c:fa:c2:ec:60:b4:2b:7f:52:50:41:5a:c4:d9:
11:f5:bd:51:ce:f9:f9:f3:e5:29:eb:77:ee:93:de:
3d:4c:c0:ca:ed:cf:f6:e9:f1:00:35:85:40:71:9c:
d6:99:82:56:97:ac:13:de:90:ef:ef:23:7e:bd:5e:
62:f6:ab:96:f9:41:d5:47:3e:54:d8:e7:f3:47:67:
ee:a8:d9:0d:ab:dd:7b:19:af:06:94:27:89:a2:0e:
76:39:7e:08:c7:e8:67:69:c8:d5:75:15:92:2d:db:
48:55:9f:20:63:42:96:95:db:fd:e2:ab:34:c5:a7:
9f:7d:b4:a4:9f:09:88:16:39:e2:09:79:bb:33:9f:
f2:c9:db:6a:8d:ea:07:27:53:a7:34:cd:a7:f0:ef:
c3:be:bb:02:53:90:80:33:f7:31:65:c7:c4:e1:94:
f5:9b:eb:ed:d9:b2:a6:bf:c9:18:83:b5:c7:7d:b8:
7c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E9:D7:81:EC:CD:33:1C:F0:36:0E:1B:CE:27:CE:60:0B:82:B3:4A
X509v3 Authority Key Identifier:
keyid:23:D8:44:8C:5C:B9:03:98:E4:C2:85:CE:C9:C0:F4:76:6A:C9:31:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9hEjFy5A5jkwoXOycD0dmrJMd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/9unXgezNMxzwNg4bzifOYAuCs0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/f4a80d-f5f7-4522-b9b5-f772a0139016/1/I9hEjFy5A5jkwoXOycD0dmrJMd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:133c::/48
Signature Algorithm: sha256WithRSAEncryption
59:0b:70:a4:13:17:0b:87:d6:98:8b:1b:be:2a:a3:ff:f6:75:
74:a6:be:b9:4c:e7:2a:93:df:de:22:01:06:8c:44:60:70:f5:
da:9c:f9:71:ca:78:aa:4c:9f:31:06:5b:6e:02:2c:a7:18:76:
72:f7:0b:8c:b3:d6:27:c8:41:a5:19:15:3b:99:c9:48:c3:61:
d9:2a:6f:af:a3:db:a7:45:47:b0:15:60:df:a8:3a:db:36:d8:
bc:ce:74:8c:51:7a:47:5b:7f:6d:02:cd:ff:61:1c:44:1a:7d:
ee:2d:7b:fd:87:68:6b:65:f8:7c:83:70:64:a5:1e:90:41:cb:
89:a8:bc:34:27:f4:f6:48:86:f4:eb:6c:3e:ff:9d:92:52:34:
61:5b:ff:e8:05:7f:9f:fd:34:63:8e:86:e2:d0:8f:9a:e6:15:
ef:85:8e:09:f2:6e:2b:ef:7d:95:d3:a9:16:37:3b:68:05:c9:
52:ba:da:09:be:f9:fc:21:00:12:8e:b2:13:ca:9b:dd:1c:5a:
5c:fd:19:23:e5:d7:1c:dc:fa:0b:ea:b0:10:8f:f7:04:b6:11:
1a:50:7e:8a:bf:cf:99:98:f0:65:13:00:0d:83:cb:70:6c:78:
c2:41:2b:8b:fd:9c:e7:5a:a0:29:a3:6b:ca:01:3e:20:b2:ae:
5b:98:88:ee
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH9comWPeMDlIAY2B3Q35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZDg0NDhjNWNiOTAzOThlNGMyODVjZWM5YzBmNDc2NmFj
OTMxZGYwHhcNMjUwMTAxMTM0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU5ZDc4MWVjY2QzMzFjZjAzNjBlMWJjZTI3Y2U2MDBiODJiMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGtYT+cFZqiH3oG2vMzJONUlAsMT
ZkZeIV+7Q98pq5LezoCr81gF8PBicd+cDfXHIdjwhbZRINwmvdq5vyZSn0a3M5Ta
kSRNKVv8PPrC7GC0K39SUEFaxNkR9b1Rzvn58+Up63fuk949TMDK7c/26fEANYVA
cZzWmYJWl6wT3pDv7yN+vV5i9quW+UHVRz5U2OfzR2fuqNkNq917Ga8GlCeJog52
OX4Ix+hnacjVdRWSLdtIVZ8gY0KWldv94qs0xaeffbSknwmIFjniCXm7M5/yydtq
jeoHJ1OnNM2n8O/DvrsCU5CAM/cxZcfE4ZT1m+vt2bKmv8kYg7XHfbh8nwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPbp14HszTMc8DYOG84nzmALgrNKMB8GA1UdIwQY
MBaAFCPYRIxcuQOY5MKFzsnA9HZqyTHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUt
Zjc3MmEwMTM5MDE2LzEvOXVuWGdlek5NeHp3Tmc0YnppZk9ZQXVDczBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mNGE4MGQtZjVmNy00NTIyLWI5YjUtZjc3MmEwMTM5MDE2
LzEvSTloRWpGeTVBNWprd29YT3ljRDBkbXJKTWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBM8
MA0GCSqGSIb3DQEBCwUAA4IBAQBZC3CkExcLh9aYixu+KqP/9nV0pr65TOcqk9/e
IgEGjERgcPXanPlxyniqTJ8xBltuAiynGHZy9wuMs9YnyEGlGRU7mclIw2HZKm+v
o9unRUewFWDfqDrbNti8znSMUXpHW39tAs3/YRxEGn3uLXv9h2hrZfh8g3BkpR6Q
QcuJqLw0J/T2SIb062w+/52SUjRhW//oBX+f/TRjjobi0I+a5hXvhY4J8m4r732V
06kWNztoBclSutoJvvn8IQASjrITypvdHFpc/Rkj5dcc3PoL6rAQj/cEthEaUH6K
v8+ZmPBlEwANg8twbHjCQSuL/ZznWqApo2vKAT4gsq5bmIju
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:06:25 2025 by rpki-client