Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/kXO8pPvb-hoKLSUaH08K93t7DHU.roa
File: kXO8pPvb-hoKLSUaH08K93t7DHU.roa (raw, json)
Hash identifier: mEKASbKS/omjY7FFNOE+1bv+eOkizDd5ZmtCBIdcrpw=
Subject key identifier: 91:73:BC:A4:FB:DB:FA:1A:0A:2D:25:1A:1F:4F:0A:F7:7B:7B:0C:75
Certificate issuer: /CN=9ca319ea51c8003aad94a8e27ce69492aa2e33a8
Certificate serial: 019420D617F96CBDB0D285B273F2A9EC16EE
Authority key identifier: 9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nKMZ6lHIADqtlKjifOaUkqouM6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/kXO8pPvb-hoKLSUaH08K93t7DHU.roa
Signing time: Wed 01 Jan 2025 07:48:09 +0000
ROA not before: Wed 01 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34578
IP address blocks: 2a00:9480::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:17:f9:6c:bd:b0:d2:85:b2:73:f2:a9:ec:16:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ca319ea51c8003aad94a8e27ce69492aa2e33a8
Validity
Not Before: Jan 1 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9173bca4fbdbfa1a0a2d251a1f4f0af77b7b0c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e1:b0:03:c6:81:f8:9d:47:fd:9d:fa:f0:31:
0d:66:d2:38:e0:55:53:b6:3c:08:e4:c1:d6:b5:b7:
cb:f5:90:5b:58:75:8d:1a:47:46:08:0a:48:ca:b0:
98:08:bd:b3:45:79:3c:d3:17:6f:1f:37:78:8c:9e:
17:b4:2b:77:88:f4:88:bb:b1:07:78:ff:8e:ec:6f:
c5:dc:84:53:6a:ce:13:25:f3:3b:da:3f:75:65:f6:
e6:0e:11:84:c1:c5:2a:33:24:06:48:b7:17:c8:51:
6b:5b:02:ed:ab:10:6b:5a:d1:0e:20:71:08:b0:cb:
18:a6:30:53:67:15:06:3a:eb:f6:66:e6:d4:6b:94:
a0:51:25:16:4d:fc:4e:d5:bd:0e:7d:bf:9a:71:6a:
d1:d5:8d:64:ef:27:b8:7f:11:9f:39:22:14:1f:07:
64:81:3c:3a:3d:ac:13:1f:4f:d4:dc:8b:e4:17:5b:
cb:99:b1:f2:ef:61:97:98:c9:20:ee:c1:8e:2f:85:
5f:8d:c5:8a:82:9c:9c:04:a0:48:cf:85:51:b8:b0:
ae:52:ca:6c:ad:23:90:2b:30:9c:91:83:02:1e:77:
e6:ce:de:b3:c2:7d:81:c1:94:32:c0:15:f7:c1:d6:
a7:ce:62:1e:f9:0d:85:64:5b:84:72:37:08:c1:de:
0a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:73:BC:A4:FB:DB:FA:1A:0A:2D:25:1A:1F:4F:0A:F7:7B:7B:0C:75
X509v3 Authority Key Identifier:
keyid:9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nKMZ6lHIADqtlKjifOaUkqouM6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/kXO8pPvb-hoKLSUaH08K93t7DHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/nKMZ6lHIADqtlKjifOaUkqouM6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:9480::/32
Signature Algorithm: sha256WithRSAEncryption
4e:99:e0:a6:d0:bd:cb:74:4e:eb:dd:2d:06:0e:c8:0f:32:fc:
25:b1:d9:e2:d6:50:b6:57:54:3d:33:3d:e7:3e:69:a2:80:ad:
7f:ea:63:f3:ce:ef:92:75:34:92:66:dc:57:b1:8c:7e:b3:fb:
ad:61:03:ff:1a:c9:58:39:11:ef:ab:ae:b5:a9:44:36:42:43:
44:0e:23:f7:b7:62:62:8f:cc:de:e3:39:ee:f4:d3:c6:a5:80:
83:0d:d5:7d:27:36:2f:74:ed:3a:52:d6:17:d2:26:a6:f1:40:
7a:5b:57:e4:c9:08:32:c0:77:f7:8c:5d:30:20:50:03:bc:7c:
54:4d:82:de:a5:25:73:78:33:95:9e:14:8d:f7:d2:5b:0b:cd:
f9:28:07:fc:58:da:08:5c:db:2f:e8:b1:79:0b:89:63:1d:5e:
c1:d2:e8:d2:57:e6:36:5f:c3:8d:c3:9c:c2:98:70:cc:83:dd:
c1:53:ce:2f:c2:f2:43:a0:4a:e1:d4:77:a8:f2:fb:9d:08:f8:
0f:2a:84:54:c8:f7:6e:57:4b:28:35:15:4e:a0:ab:c0:cc:41:
22:fd:47:87:a9:39:47:7f:13:d9:6b:4a:5e:32:2b:c4:61:80:
2e:8a:02:5b:23:19:75:ea:73:c9:98:23:3b:55:01:f1:64:af:
72:5d:3f:fe
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQg1hf5bL2w0oWyc/Kp7BbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYTMxOWVhNTFjODAwM2FhZDk0YThlMjdjZTY5NDkyYWEy
ZTMzYTgwHhcNMjUwMTAxMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTczYmNhNGZiZGJmYTFhMGEyZDI1MWExZjRmMGFmNzdiN2IwYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uGwA8aB+J1H/Z368DENZtI44FVT
tjwI5MHWtbfL9ZBbWHWNGkdGCApIyrCYCL2zRXk80xdvHzd4jJ4XtCt3iPSIu7EH
eP+O7G/F3IRTas4TJfM72j91ZfbmDhGEwcUqMyQGSLcXyFFrWwLtqxBrWtEOIHEI
sMsYpjBTZxUGOuv2ZubUa5SgUSUWTfxO1b0Ofb+acWrR1Y1k7ye4fxGfOSIUHwdk
gTw6PawTH0/U3IvkF1vLmbHy72GXmMkg7sGOL4VfjcWKgpycBKBIz4VRuLCuUsps
rSOQKzCckYMCHnfmzt6zwn2BwZQywBX3wdanzmIe+Q2FZFuEcjcIwd4KpQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJFzvKT72/oaCi0lGh9PCvd7ewx1MB8GA1UdIwQY
MBaAFJyjGepRyAA6rZSo4nzmlJKqLjOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbktNWjZsSElBRHF0bEtqaWZPYVVrcW91TTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82MTQ5NGMtMDc0NC00OTkxLWFiNjct
MGFkM2M3OTYyYzA5LzEva1hPOHBQdmItaG9LTFNVYUgwOEs5M3Q3REhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82MTQ5NGMtMDc0NC00OTkxLWFiNjctMGFkM2M3OTYyYzA5
LzEvbktNWjZsSElBRHF0bEtqaWZPYVVrcW91TTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCUgDAN
BgkqhkiG9w0BAQsFAAOCAQEATpngptC9y3RO690tBg7IDzL8JbHZ4tZQtldUPTM9
5z5pooCtf+pj887vknU0kmbcV7GMfrP7rWED/xrJWDkR76uutalENkJDRA4j97di
Yo/M3uM57vTTxqWAgw3VfSc2L3TtOlLWF9ImpvFAeltX5MkIMsB394xdMCBQA7x8
VE2C3qUlc3gzlZ4UjffSWwvN+SgH/FjaCFzbL+ixeQuJYx1ewdLo0lfmNl/DjcOc
wphwzIPdwVPOL8LyQ6BK4dR3qPL7nQj4DyqEVMj3bldLKDUVTqCrwMxBIv1Hh6k5
R38T2WtKXjIrxGGALooCWyMZdepzyZgjO1UB8WSvcl0//g==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:50:14 2025 by rpki-client