Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/nLYb5me-armn2-3mVFm7QFG7G7I.roa
File: nLYb5me-armn2-3mVFm7QFG7G7I.roa (raw, json)
Hash identifier: 97AG7lvsuNuD24pWlbSNdTjsA8vhHR/blpie4HFE/d4=
Subject key identifier: 9C:B6:1B:E6:67:BE:6A:B9:A7:DB:ED:E6:54:59:BB:40:51:BB:1B:B2
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018DEF29C4E1A4416A89936F07373CC53B91
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/nLYb5me-armn2-3mVFm7QFG7G7I.roa
Signing time: Wed 28 Feb 2024 10:01:48 +0000
ROA not before: Wed 28 Feb 2024 10:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208626
IP address blocks: 2a0d:3043:aa08::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:29:c4:e1:a4:41:6a:89:93:6f:07:37:3c:c5:3b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Feb 28 10:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cb61be667be6ab9a7dbede65459bb4051bb1bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:60:41:eb:ff:28:a4:cf:d7:8e:ff:f4:cd:c5:
c5:24:54:72:63:14:73:6a:6d:57:69:fa:b9:41:0a:
2c:3a:9b:19:d8:94:38:a5:a1:59:af:14:16:ea:e3:
03:3b:7f:d9:0e:ad:c6:98:0c:f0:80:b4:87:99:37:
34:c9:51:13:c6:91:6b:de:1f:c7:12:77:3f:89:2f:
2e:4a:07:ed:3e:fd:a9:35:5f:a7:05:8b:80:d3:b2:
15:c0:c7:c3:ef:aa:bf:0a:d2:ab:03:2c:58:b7:57:
37:77:02:c5:7e:95:03:25:ec:60:3a:3c:df:5d:dd:
32:81:5a:49:57:6b:42:f5:03:78:b5:f7:e5:07:ac:
79:61:4e:d9:2a:05:c4:e6:a8:aa:de:0d:a5:45:de:
c5:a5:45:20:11:65:ff:be:d8:d6:cc:fc:d6:2a:30:
0f:b2:38:7f:04:8d:7f:01:ed:37:cb:0d:68:2a:2c:
ac:e0:04:24:49:e1:e9:9a:e0:d9:1f:52:93:4c:fa:
97:f0:04:e5:1d:c6:65:ad:8b:42:33:8c:f7:e5:be:
88:1a:63:67:bd:c0:51:b8:e7:d3:a1:52:fa:d1:2c:
69:a8:cb:5b:60:ac:22:61:c7:29:12:55:e3:4d:7e:
04:d2:75:8a:5f:c5:33:2d:f3:67:98:4c:d4:f3:36:
87:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B6:1B:E6:67:BE:6A:B9:A7:DB:ED:E6:54:59:BB:40:51:BB:1B:B2
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/nLYb5me-armn2-3mVFm7QFG7G7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:3043:aa08::/48
Signature Algorithm: sha256WithRSAEncryption
ca:df:ee:b3:af:cf:4a:63:9c:52:ab:3a:bf:3f:bb:ab:b4:01:
25:70:d6:e3:a6:4b:09:b7:95:6d:42:b2:e9:8d:53:d9:37:0b:
ff:22:1e:c3:6a:79:1f:6a:c2:1e:5d:b9:e0:49:22:60:ac:eb:
a6:4c:e7:b1:97:23:d0:96:f3:1c:37:9a:bd:3b:c1:e7:d5:a9:
7f:9f:e7:9b:6d:6d:1f:6a:86:52:4c:ed:75:ab:4b:29:75:45:
9b:fd:53:42:87:d7:79:57:d1:9e:3a:db:d6:c3:7f:01:05:83:
35:81:1e:ba:6b:ce:08:96:8f:17:cc:da:d4:df:8c:24:92:91:
18:1c:d4:7d:61:ba:c1:6d:fe:5c:0f:fa:61:83:19:c6:d9:96:
31:4d:94:99:53:4f:17:9d:48:ca:2f:45:91:75:27:20:36:25:
60:e7:96:46:9f:68:d0:4b:05:09:27:81:8a:57:f0:06:da:7e:
c1:b1:0b:62:46:97:cd:d8:28:98:6c:d5:ac:95:a5:bd:b7:f6:
b3:d3:11:24:e1:24:57:c6:2f:0d:39:56:1b:38:f5:d6:6e:c0:
85:a2:3d:5e:55:07:30:aa:d2:7b:39:fb:5c:1c:45:93:49:53:
a8:d0:44:33:1c:5e:d1:b0:1d:4c:77:f1:36:b5:34:58:9c:18:
e2:60:37:da
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY3vKcThpEFqiZNvBzc8xTuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQwMjI4MTAwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2I2MWJlNjY3YmU2YWI5YTdkYmVkZTY1NDU5YmI0MDUxYmIxYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmBB6/8opM/Xjv/0zcXFJFRyYxRz
am1Xafq5QQosOpsZ2JQ4paFZrxQW6uMDO3/ZDq3GmAzwgLSHmTc0yVETxpFr3h/H
Enc/iS8uSgftPv2pNV+nBYuA07IVwMfD76q/CtKrAyxYt1c3dwLFfpUDJexgOjzf
Xd0ygVpJV2tC9QN4tfflB6x5YU7ZKgXE5qiq3g2lRd7FpUUgEWX/vtjWzPzWKjAP
sjh/BI1/Ae03yw1oKiys4AQkSeHpmuDZH1KTTPqX8ATlHcZlrYtCM4z35b6IGmNn
vcBRuOfToVL60SxpqMtbYKwiYccpElXjTX4E0nWKX8UzLfNnmEzU8zaHWwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJy2G+Znvmq5p9vt5lRZu0BRuxuyMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvbkxZYjVtZS1hcm1uMi0zbVZGbTdRRkc3RzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0wQ6oI
MA0GCSqGSIb3DQEBCwUAA4IBAQDK3+6zr89KY5xSqzq/P7urtAElcNbjpksJt5Vt
QrLpjVPZNwv/Ih7DankfasIeXbngSSJgrOumTOexlyPQlvMcN5q9O8Hn1al/n+eb
bW0faoZSTO11q0spdUWb/VNCh9d5V9GeOtvWw38BBYM1gR66a84Ilo8XzNrU34wk
kpEYHNR9YbrBbf5cD/phgxnG2ZYxTZSZU08XnUjKL0WRdScgNiVg55ZGn2jQSwUJ
J4GKV/AG2n7BsQtiRpfN2CiYbNWslaW9t/az0xEk4SRXxi8NOVYbOPXWbsCFoj1e
VQcwqtJ7OftcHEWTSVOo0EQzHF7RsB1Md/E2tTRYnBjiYDfa
-----END CERTIFICATE-----
Generated at Wed May 7 08:28:44 2025 by rpki-client