Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/nqfgPZyBGUMJjXZ82ONF8M_wX2o.roa
File: nqfgPZyBGUMJjXZ82ONF8M_wX2o.roa (raw, json)
Hash identifier: cAq2+4Plhv+25M/XxaCNm4UA7TT+v8QHyzJDH25TDn4=
Subject key identifier: 9E:A7:E0:3D:9C:81:19:43:09:8D:76:7C:D8:E3:45:F0:CF:F0:5F:6A
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 0194258FA48D41769FEDE70A05CC0C04AFD0
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/nqfgPZyBGUMJjXZ82ONF8M_wX2o.roa
Signing time: Thu 02 Jan 2025 05:49:18 +0000
ROA not before: Thu 02 Jan 2025 05:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210118
IP address blocks: 2a00:6060:ff00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a4:8d:41:76:9f:ed:e7:0a:05:cc:0c:04:af:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 2 05:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ea7e03d9c811943098d767cd8e345f0cff05f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a4:9f:18:a9:4c:2f:96:01:bc:30:96:c8:ce:
83:0e:1a:90:7d:58:2a:80:f6:4e:1a:e9:10:42:80:
cd:d6:c1:01:11:df:2a:7f:81:4c:f3:0a:f5:c8:9d:
80:52:89:9e:da:8c:91:e5:35:51:84:c7:c2:0f:a6:
d2:6a:2b:28:dc:f8:71:18:a8:97:7c:ce:89:1b:b1:
55:ec:e0:7e:b4:f4:ab:74:2e:c8:a7:b7:ad:45:7d:
32:1e:6b:93:14:20:5b:7e:72:26:b4:86:4f:a3:44:
d0:96:c6:ec:8d:98:3e:de:5b:b4:61:25:b7:a9:de:
b3:b7:77:ec:8b:bf:2e:a4:d3:e4:9a:81:94:f8:95:
0a:89:0e:8a:c2:21:29:51:b7:2f:59:38:46:b5:85:
c1:de:2e:0c:70:bc:56:d0:4f:f0:11:be:a3:dc:7c:
46:85:76:b1:f2:da:03:76:8f:e5:ac:3f:33:e3:b2:
52:b4:b2:b5:0a:c7:4a:1c:93:26:f4:7a:af:ee:4d:
2e:4e:55:81:e8:6e:a3:96:2a:3c:09:79:82:e8:a6:
bf:92:9a:b4:cd:8e:d8:e7:04:95:52:f3:86:dc:0a:
b1:a3:dd:15:4d:33:e1:1a:0a:f0:74:13:c4:a5:7c:
76:9a:0f:53:8f:ee:ef:92:cf:db:ae:ba:20:3f:97:
cb:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A7:E0:3D:9C:81:19:43:09:8D:76:7C:D8:E3:45:F0:CF:F0:5F:6A
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/nqfgPZyBGUMJjXZ82ONF8M_wX2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:6060:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
28:93:52:5e:a4:12:3a:f3:f6:4b:f6:cb:13:47:e1:70:c3:61:
89:01:c9:9d:d4:8e:cf:8b:fd:e6:1f:ed:08:fd:96:1b:3c:f5:
29:eb:f3:da:3e:cc:c2:03:cf:08:f6:f0:66:4e:19:62:94:fe:
40:1e:e3:8e:f8:c4:c5:ea:d6:34:98:15:3e:ee:3b:62:99:a5:
2b:ef:83:9e:c5:e2:bd:42:b9:2f:87:2d:9b:47:52:f8:8a:76:
63:1c:25:15:9e:10:97:31:81:5e:b0:3c:9f:a5:e4:d2:8b:a4:
62:e8:97:ba:d3:24:3d:ef:01:ce:94:f6:90:4e:63:51:cc:39:
68:76:71:11:68:4c:c9:d2:2a:b1:0e:52:3e:49:69:f6:a0:fc:
4b:77:48:bd:69:bd:d9:8c:be:c7:46:b2:69:24:75:89:af:57:
20:cb:8d:7e:2f:e1:54:07:29:31:66:b6:cd:af:df:dc:2f:48:
ca:ae:54:de:16:38:b7:b4:d8:6e:18:7c:2b:77:50:f5:c5:4e:
98:ed:74:17:22:aa:74:9d:bd:29:7a:cb:65:d4:cf:fe:83:8c:
b6:4d:76:80:df:c3:3c:07:5c:4a:a4:fb:bd:14:36:82:d2:8a:
d5:f5:7a:b8:7e:17:62:37:c7:44:a5:b3:9e:b2:9b:d7:c2:cf:
96:ee:13:75
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlj6SNQXaf7ecKBcwMBK/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjUwMTAyMDU0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE3ZTAzZDljODExOTQzMDk4ZDc2N2NkOGUzNDVmMGNmZjA1ZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6SfGKlML5YBvDCWyM6DDhqQfVgq
gPZOGukQQoDN1sEBEd8qf4FM8wr1yJ2AUome2oyR5TVRhMfCD6bSaiso3PhxGKiX
fM6JG7FV7OB+tPSrdC7Ip7etRX0yHmuTFCBbfnImtIZPo0TQlsbsjZg+3lu0YSW3
qd6zt3fsi78upNPkmoGU+JUKiQ6KwiEpUbcvWThGtYXB3i4McLxW0E/wEb6j3HxG
hXax8toDdo/lrD8z47JStLK1CsdKHJMm9Hqv7k0uTlWB6G6jlio8CXmC6Ka/kpq0
zY7Y5wSVUvOG3Aqxo90VTTPhGgrwdBPEpXx2mg9Tj+7vks/brrogP5fLUwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJ6n4D2cgRlDCY12fNjjRfDP8F9qMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvbnFmZ1BaeUJHVU1KalhaODJPTkY4TV93WDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgBgYP8A
MA0GCSqGSIb3DQEBCwUAA4IBAQAok1JepBI68/ZL9ssTR+Fww2GJAcmd1I7Pi/3m
H+0I/ZYbPPUp6/PaPszCA88I9vBmThlilP5AHuOO+MTF6tY0mBU+7jtimaUr74Oe
xeK9Qrkvhy2bR1L4inZjHCUVnhCXMYFesDyfpeTSi6Ri6Je60yQ97wHOlPaQTmNR
zDlodnERaEzJ0iqxDlI+SWn2oPxLd0i9ab3ZjL7HRrJpJHWJr1cgy41+L+FUBykx
ZrbNr9/cL0jKrlTeFji3tNhuGHwrd1D1xU6Y7XQXIqp0nb0pestl1M/+g4y2TXaA
38M8B1xKpPu9FDaC0orV9Xq4fhdiN8dEpbOespvXws+W7hN1
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:18 2025 by rpki-client on console.sobornost.net