Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/Cla5c1NehU4owZxYbWxe5QAstj0.roa
File: Cla5c1NehU4owZxYbWxe5QAstj0.roa (raw, json)
Hash identifier: kJV6jFD/Rf8rBVTNLGsW3TqMX9jv4tuD1CIR8TuTHbQ=
Subject key identifier: 0A:56:B9:73:53:5E:85:4E:28:C1:9C:58:6D:6C:5E:E5:00:2C:B6:3D
Certificate issuer: /CN=5d6373f5df99d821dcb57c7fb9202fb4686e5d61
Certificate serial: 01941FFA5092CBA7D5AAE529D6780C0F3B17
Authority key identifier: 5D:63:73:F5:DF:99:D8:21:DC:B5:7C:7F:B9:20:2F:B4:68:6E:5D:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XWNz9d-Z2CHctXx_uSAvtGhuXWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/Cla5c1NehU4owZxYbWxe5QAstj0.roa
Signing time: Wed 01 Jan 2025 03:48:05 +0000
ROA not before: Wed 01 Jan 2025 03:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209589
IP address blocks: 2a07:9cc5::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:50:92:cb:a7:d5:aa:e5:29:d6:78:0c:0f:3b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d6373f5df99d821dcb57c7fb9202fb4686e5d61
Validity
Not Before: Jan 1 03:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a56b973535e854e28c19c586d6c5ee5002cb63d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:63:5e:55:ed:43:fd:a2:6a:19:6d:f8:7f:0a:
20:06:28:a3:08:8c:74:e2:1f:a9:1a:05:41:8f:32:
53:53:18:6e:f8:19:73:31:1b:49:ad:8d:80:2b:0e:
f7:3f:59:3c:2b:8a:03:0e:c1:18:4a:13:f6:b2:1c:
af:6c:8e:c7:72:61:ae:88:b2:38:35:79:62:a3:94:
ea:a8:7b:1f:a8:d9:22:57:7a:00:d3:8f:0b:d3:b9:
73:94:4f:d6:33:93:1d:00:f8:b6:70:2e:c4:fd:90:
c4:31:bf:77:c7:d7:82:48:d4:04:82:09:a5:f1:26:
f6:13:10:15:c5:df:23:8f:d3:6c:78:56:ad:e9:2d:
a2:db:f9:9a:3e:27:92:5b:95:f0:fd:99:5d:82:4e:
06:69:c3:e0:58:04:ad:e5:45:41:b0:94:b8:fb:9f:
c6:ed:43:8b:71:39:e1:20:af:b5:a6:4e:22:b9:cf:
4a:11:33:1c:98:0f:3f:26:20:58:46:d5:d5:80:fa:
4a:71:77:b6:aa:ca:32:b1:22:86:ce:76:c8:99:4e:
81:91:b6:50:00:49:8e:98:ec:d3:2e:89:9c:d1:39:
ad:da:97:4d:25:e1:ff:a8:97:92:85:88:17:24:60:
c1:2e:65:71:ff:96:9e:54:ab:19:f9:5c:0b:fd:66:
e2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:56:B9:73:53:5E:85:4E:28:C1:9C:58:6D:6C:5E:E5:00:2C:B6:3D
X509v3 Authority Key Identifier:
keyid:5D:63:73:F5:DF:99:D8:21:DC:B5:7C:7F:B9:20:2F:B4:68:6E:5D:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWNz9d-Z2CHctXx_uSAvtGhuXWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/Cla5c1NehU4owZxYbWxe5QAstj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0c9128-a043-478c-9920-ad215285c864/1/XWNz9d-Z2CHctXx_uSAvtGhuXWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:9cc5::/32
Signature Algorithm: sha256WithRSAEncryption
66:8e:7b:ed:f1:27:04:73:b1:90:7c:44:ae:83:67:f5:09:17:
d6:8e:32:f9:43:a3:c1:1a:20:66:bc:86:6f:b8:7b:42:20:62:
d0:69:ef:d8:34:8d:f0:85:cf:96:06:b7:be:a1:14:e6:99:27:
7a:b6:95:44:36:72:68:c8:2e:1b:4a:46:0a:64:3f:e8:72:c2:
b1:6c:e9:2d:c1:60:b4:f2:0c:21:1b:d8:be:a5:21:7f:8a:cd:
dd:94:ca:dd:3b:c4:06:6d:22:3b:dc:c6:fc:34:e4:1d:d7:f7:
d1:13:2b:fd:59:20:a3:40:db:2b:47:b3:88:7c:cf:c2:d7:4c:
47:1f:cc:7f:62:a0:bf:93:e3:31:d4:7f:a4:de:d6:2e:69:74:
cd:b9:85:f2:04:57:81:bd:72:6c:d0:c4:c7:ec:84:4c:29:4a:
0c:a1:c2:47:5e:00:49:8c:8f:44:77:5c:f9:9c:b1:2f:07:f8:
99:c1:50:54:82:22:df:4c:07:fb:b5:41:55:1a:85:36:5a:3b:
10:ba:b6:9b:13:d1:58:ca:fa:c5:af:b8:e3:08:0b:90:6c:18:
ae:34:da:3b:06:50:48:86:1f:ee:52:d6:8c:1e:9a:c0:86:b5:
7d:63:2e:c3:ac:4b:54:f1:09:57:fc:95:9f:a0:d1:29:16:ef:
0c:80:b0:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQf+lCSy6fVquUp1ngMDzsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjM3M2Y1ZGY5OWQ4MjFkY2I1N2M3ZmI5MjAyZmI0Njg2
ZTVkNjEwHhcNMjUwMTAxMDM0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU2Yjk3MzUzNWU4NTRlMjhjMTljNTg2ZDZjNWVlNTAwMmNiNjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWNeVe1D/aJqGW34fwogBiijCIx0
4h+pGgVBjzJTUxhu+BlzMRtJrY2AKw73P1k8K4oDDsEYShP2shyvbI7HcmGuiLI4
NXlio5TqqHsfqNkiV3oA048L07lzlE/WM5MdAPi2cC7E/ZDEMb93x9eCSNQEggml
8Sb2ExAVxd8jj9NseFat6S2i2/maPieSW5Xw/Zldgk4GacPgWASt5UVBsJS4+5/G
7UOLcTnhIK+1pk4iuc9KETMcmA8/JiBYRtXVgPpKcXe2qsoysSKGznbImU6BkbZQ
AEmOmOzTLomc0Tmt2pdNJeH/qJeShYgXJGDBLmVx/5aeVKsZ+VwL/WbiiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFApWuXNTXoVOKMGcWG1sXuUALLY9MB8GA1UdIwQY
MBaAFF1jc/Xfmdgh3LV8f7kgL7Robl1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdOejlkLVoyQ0hjdFh4X3VTQXZ0R2h1WFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wYzkxMjgtYTA0My00NzhjLTk5MjAt
YWQyMTUyODVjODY0LzEvQ2xhNWMxTmVoVTRvd1p4WWJXeGU1UUFzdGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wYzkxMjgtYTA0My00NzhjLTk5MjAtYWQyMTUyODVjODY0
LzEvWFdOejlkLVoyQ0hjdFh4X3VTQXZ0R2h1WFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgecxTAN
BgkqhkiG9w0BAQsFAAOCAQEAZo577fEnBHOxkHxEroNn9QkX1o4y+UOjwRogZryG
b7h7QiBi0Gnv2DSN8IXPlga3vqEU5pkneraVRDZyaMguG0pGCmQ/6HLCsWzpLcFg
tPIMIRvYvqUhf4rN3ZTK3TvEBm0iO9zG/DTkHdf30RMr/Vkgo0DbK0eziHzPwtdM
Rx/Mf2Kgv5PjMdR/pN7WLml0zbmF8gRXgb1ybNDEx+yETClKDKHCR14ASYyPRHdc
+ZyxLwf4mcFQVIIi30wH+7VBVRqFNlo7ELq2mxPRWMr6xa+44wgLkGwYrjTaOwZQ
SIYf7lLWjB6awIa1fWMuw6xLVPEJV/yVn6DRKRbvDICwpA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:24:05 2025 by rpki-client