Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/nc5KXUWUdck8gbw7m_0IyKBWC5g.roa
File: nc5KXUWUdck8gbw7m_0IyKBWC5g.roa (raw, json)
Hash identifier: i0jN8KLoirBy04xz9xtOlV7fBEKQPtgwb2siK57WV1U=
Subject key identifier: 9D:CE:4A:5D:45:94:75:C9:3C:81:BC:3B:9B:FD:08:C8:A0:56:0B:98
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 0194214443E7FB5B3F361796CED3BB7D31AD
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/nc5KXUWUdck8gbw7m_0IyKBWC5g.roa
Signing time: Wed 01 Jan 2025 09:48:29 +0000
ROA not before: Wed 01 Jan 2025 09:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51582
IP address blocks: 2a06:9686:a00::/39 maxlen: 39
2a06:9686:c00::/39 maxlen: 39
2a06:9686:e00::/39 maxlen: 39
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:43:e7:fb:5b:3f:36:17:96:ce:d3:bb:7d:31:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 1 09:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dce4a5d459475c93c81bc3b9bfd08c8a0560b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:68:09:ce:82:e4:eb:67:1c:c9:01:66:32:a3:
59:0a:2e:b9:e0:7f:f7:a9:00:96:66:e4:0a:4b:14:
6d:9f:34:29:f6:b2:b9:7a:c7:a6:b0:1a:d7:39:23:
d6:11:c7:c6:fc:2c:8e:e4:e6:77:89:d8:2b:22:23:
5d:3c:58:a4:a4:c8:66:11:8e:ba:e4:e9:e8:c7:c9:
21:ad:c4:09:dd:e6:af:1c:f3:55:4d:05:bf:ef:33:
c7:98:f0:e9:c8:f8:e6:0b:e8:e3:92:96:54:70:86:
15:7f:a9:64:c6:09:67:c5:9b:e4:e5:ed:69:4d:31:
b4:f0:a9:e4:1d:2f:8f:9d:e6:0a:77:a7:be:df:9b:
b6:22:8c:95:ea:79:54:9b:c8:85:09:b4:21:0f:38:
15:87:97:5e:6c:5b:a0:f5:ea:a2:ad:e3:25:35:ec:
0f:a6:4d:5b:2c:ed:78:42:e3:56:06:42:b8:7b:3f:
25:ea:37:d6:18:fd:90:25:e9:e7:76:95:8b:0a:99:
4a:e5:20:66:e3:7d:64:ad:07:d7:5d:95:0a:b4:c5:
90:56:7d:b6:70:14:2d:29:7f:a4:2e:88:26:b6:a7:
23:0d:7a:25:ec:8c:30:d4:5b:93:73:85:e4:8a:c1:
71:78:ab:4f:35:d7:19:ba:8f:63:b6:80:51:4c:cc:
f5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:CE:4A:5D:45:94:75:C9:3C:81:BC:3B:9B:FD:08:C8:A0:56:0B:98
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/nc5KXUWUdck8gbw7m_0IyKBWC5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9686:a00::-2a06:9686:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
73:2f:c7:bc:ad:de:58:f2:b4:fa:ff:81:70:38:40:8e:d1:5f:
0c:bd:e3:0e:33:31:40:49:cc:d2:1b:f3:c1:78:6a:18:c5:7e:
35:fb:c1:b3:2f:84:31:45:6c:9c:ff:82:6a:d6:f5:79:a8:83:
73:66:e3:4d:4b:7c:f2:5d:e3:d9:93:0d:ee:a1:75:b6:c2:4d:
40:ec:4e:1b:12:ff:a5:a2:f4:cc:b9:22:57:ab:72:fe:3b:e3:
be:88:35:3c:ee:0b:13:48:c0:30:38:8b:ac:0d:7f:41:2a:10:
b7:82:2b:69:07:68:90:f0:02:55:01:31:1a:8a:f2:b6:f9:45:
d4:0c:39:ea:f3:f8:61:ff:84:2b:f7:2c:da:3e:d3:4e:71:5a:
43:22:53:2b:52:d9:ee:5f:18:62:04:20:da:6b:4d:0f:7c:b5:
61:9d:f7:7d:6d:22:18:3b:9f:16:84:b9:6a:bb:cc:b4:2e:a8:
1c:60:58:e7:f6:40:27:08:ef:4f:b5:d8:f6:cd:ed:33:02:9c:
18:cf:bf:59:ec:2a:04:91:70:f5:96:2d:7e:c6:71:39:7b:07:
c0:e8:3c:44:4c:de:ed:75:a1:58:53:e2:85:87:a1:f0:93:bf:
3f:fd:53:a1:0d:b3:fb:ea:6f:1c:c1:3b:f6:25:30:c2:71:32:
5b:2a:09:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhREPn+1s/NheWztO7fTGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjUwMTAxMDk0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNlNGE1ZDQ1OTQ3NWM5M2M4MWJjM2I5YmZkMDhjOGEwNTYwYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mgJzoLk62ccyQFmMqNZCi654H/3
qQCWZuQKSxRtnzQp9rK5esemsBrXOSPWEcfG/CyO5OZ3idgrIiNdPFikpMhmEY66
5Onox8khrcQJ3eavHPNVTQW/7zPHmPDpyPjmC+jjkpZUcIYVf6lkxglnxZvk5e1p
TTG08KnkHS+PneYKd6e+35u2IoyV6nlUm8iFCbQhDzgVh5debFug9eqireMlNewP
pk1bLO14QuNWBkK4ez8l6jfWGP2QJenndpWLCplK5SBm431krQfXXZUKtMWQVn22
cBQtKX+kLogmtqcjDXol7Iww1FuTc4XkisFxeKtPNdcZuo9jtoBRTMz1vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ3OSl1FlHXJPIG8O5v9CMigVguYMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvbmM1S1hVV1VkY2s4Z2J3N21fMEl5S0JXQzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASMBADBgEqBpaG
CgMGBCoGloYAMA0GCSqGSIb3DQEBCwUAA4IBAQBzL8e8rd5Y8rT6/4FwOECO0V8M
veMOMzFASczSG/PBeGoYxX41+8GzL4QxRWyc/4Jq1vV5qINzZuNNS3zyXePZkw3u
oXW2wk1A7E4bEv+lovTMuSJXq3L+O+O+iDU87gsTSMAwOIusDX9BKhC3gitpB2iQ
8AJVATEaivK2+UXUDDnq8/hh/4Qr9yzaPtNOcVpDIlMrUtnuXxhiBCDaa00PfLVh
nfd9bSIYO58WhLlqu8y0LqgcYFjn9kAnCO9Ptdj2ze0zApwYz79Z7CoEkXD1li1+
xnE5ewfA6DxETN7tdaFYU+KFh6Hwk78//VOhDbP76m8cwTv2JTDCcTJbKgk5
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:25:05 2025 by rpki-client