Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/NqNZtnoXM7iwpxu3KH3ENc53u_M.roa
File: NqNZtnoXM7iwpxu3KH3ENc53u_M.roa (raw, json)
Hash identifier: tIhk+tugHOEbprNpMaqqI4LseamZ25JrNrb/ctC6o6U=
Subject key identifier: 36:A3:59:B6:7A:17:33:B8:B0:A7:1B:B7:28:7D:C4:35:CE:77:BB:F3
Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738
Certificate serial: 01941FFAB386831146FD326808E2139F7051
Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/NqNZtnoXM7iwpxu3KH3ENc53u_M.roa
Signing time: Wed 01 Jan 2025 03:48:31 +0000
ROA not before: Wed 01 Jan 2025 03:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51103
IP address blocks: 2001:1b28:405::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:b3:86:83:11:46:fd:32:68:08:e2:13:9f:70:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738
Validity
Not Before: Jan 1 03:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36a359b67a1733b8b0a71bb7287dc435ce77bbf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b4:69:59:dc:f4:9d:af:ab:51:6b:1d:b8:66:
94:2b:63:e9:0e:ea:1a:c7:8a:ac:d0:7d:86:84:bc:
bc:cc:33:c4:92:0b:f9:9b:9e:fc:cc:9d:2d:12:76:
2e:5d:c8:62:f4:68:36:45:52:d6:64:09:c3:d8:59:
da:56:2f:89:bb:93:16:d0:cc:56:1e:d9:3e:80:e6:
da:3e:d6:b7:f0:a9:f9:34:1d:08:00:2a:33:fd:f1:
dc:37:37:c6:28:75:46:d1:ab:6b:92:2a:aa:03:97:
b6:d6:a5:cc:88:27:40:d3:8d:71:81:1e:fe:7c:65:
1c:dc:61:c9:d0:cd:37:c6:0e:f1:a2:b5:30:f7:1c:
b1:e7:46:93:b4:10:90:14:80:7f:47:4f:74:c3:cd:
5c:b0:28:4e:a0:ad:17:26:cb:55:90:46:57:a9:6a:
a7:69:34:55:b0:6b:b4:33:44:34:2b:86:b8:5b:70:
6c:7f:1c:5d:7d:e9:1b:e4:03:10:a5:a6:a2:b9:4d:
a6:34:79:c9:5a:39:5a:3f:f1:d1:43:38:00:43:0f:
3c:26:c0:cc:44:7f:34:62:1f:19:d3:9c:02:c3:b3:
3f:a4:e1:31:aa:2f:8c:5e:84:22:83:35:8a:14:9d:
1c:f2:86:30:2b:26:8a:a0:4f:98:77:d4:95:ad:49:
bd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:A3:59:B6:7A:17:33:B8:B0:A7:1B:B7:28:7D:C4:35:CE:77:BB:F3
X509v3 Authority Key Identifier:
keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/NqNZtnoXM7iwpxu3KH3ENc53u_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1b28:405::/48
Signature Algorithm: sha256WithRSAEncryption
96:59:5d:1e:5e:e7:da:2b:f9:df:66:96:5a:9f:f3:00:83:6b:
e3:aa:c3:b1:33:ec:36:b6:14:b6:2f:64:68:00:ba:49:56:d8:
2e:8e:55:d3:52:a4:b2:53:1e:65:82:0b:32:af:61:83:cd:5a:
9a:77:cb:56:d6:4b:bc:5c:9e:cc:7f:63:5d:d0:8c:4a:13:d5:
02:06:3b:87:2d:4b:fb:d3:52:dd:be:3c:f4:1a:35:37:8f:41:
b4:56:7c:5d:9f:1d:9c:6a:b8:19:17:ff:7e:e5:e0:a2:1d:b8:
e8:d7:ab:d8:d9:9e:73:2c:51:9e:81:0f:05:e3:e5:1a:81:5f:
fa:d6:2b:17:cb:7f:4b:42:38:e5:26:88:4b:21:68:fa:fe:f5:
3d:97:c1:de:d1:ab:90:49:97:ee:53:82:e2:72:3f:2e:8a:b1:
ab:e9:28:5b:ec:86:59:c0:fb:3a:d2:4e:4c:0e:bd:75:e4:c7:
68:99:ab:41:cc:39:84:81:0e:f3:f3:0e:24:a7:ac:37:9a:09:
99:62:12:d9:ee:f6:e0:b8:0f:1f:85:e4:ea:79:4d:72:d3:1c:
fb:bf:a4:0d:cc:c2:5f:a1:46:8b:d6:df:e6:0e:de:f4:3a:46:
03:1a:90:66:ed:34:0e:47:94:25:14:4e:78:6f:34:a7:22:93:
a1:07:67:31
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+rOGgxFG/TJoCOITn3BRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDAzMThmMjY4NWUzMmQyZGJhOTIzZjY2NjI3NzE0Mjcz
NTk3MzgwHhcNMjUwMTAxMDM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEzNTliNjdhMTczM2I4YjBhNzFiYjcyODdkYzQzNWNlNzdiYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7RpWdz0na+rUWsduGaUK2PpDuoa
x4qs0H2GhLy8zDPEkgv5m578zJ0tEnYuXchi9Gg2RVLWZAnD2FnaVi+Ju5MW0MxW
Htk+gObaPta38Kn5NB0IACoz/fHcNzfGKHVG0atrkiqqA5e21qXMiCdA041xgR7+
fGUc3GHJ0M03xg7xorUw9xyx50aTtBCQFIB/R090w81csChOoK0XJstVkEZXqWqn
aTRVsGu0M0Q0K4a4W3Bsfxxdfekb5AMQpaaiuU2mNHnJWjlaP/HRQzgAQw88JsDM
RH80Yh8Z05wCw7M/pOExqi+MXoQigzWKFJ0c8oYwKyaKoE+Yd9SVrUm9kQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDajWbZ6FzO4sKcbtyh9xDXOd7vzMB8GA1UdIwQY
MBaAFNnQMY8mheMtLbqSP2ZidxQnNZc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEt
OTZkZGQ1YTAyMzlkLzEvTnFOWnRub1hNN2l3cHh1M0tIM0VOYzUzdV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEtOTZkZGQ1YTAyMzlk
LzEvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEbKAQF
MA0GCSqGSIb3DQEBCwUAA4IBAQCWWV0eXufaK/nfZpZan/MAg2vjqsOxM+w2thS2
L2RoALpJVtgujlXTUqSyUx5lggsyr2GDzVqad8tW1ku8XJ7Mf2Nd0IxKE9UCBjuH
LUv701Ldvjz0GjU3j0G0Vnxdnx2cargZF/9+5eCiHbjo16vY2Z5zLFGegQ8F4+Ua
gV/61isXy39LQjjlJohLIWj6/vU9l8He0auQSZfuU4Licj8uirGr6Shb7IZZwPs6
0k5MDr115MdomatBzDmEgQ7z8w4kp6w3mgmZYhLZ7vbguA8fheTqeU1y0xz7v6QN
zMJfoUaL1t/mDt70OkYDGpBm7TQOR5QlFE54bzSnIpOhB2cx
-----END CERTIFICATE-----
Generated at Fri Apr 25 17:40:58 2025 by rpki-client