Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/b7qxUnwihprk6EJxfIQaAb0gp6Q.roa
File: b7qxUnwihprk6EJxfIQaAb0gp6Q.roa (raw, json)
Hash identifier: VOyUfrMxiSfFt/0NvcMhfgPcd6IcibNILAfmHlZPclg=
Subject key identifier: 6F:BA:B1:52:7C:22:86:9A:E4:E8:42:71:7C:84:1A:01:BD:20:A7:A4
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 0195D7E63A39FA3B992A18E665769EA2FED6
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/b7qxUnwihprk6EJxfIQaAb0gp6Q.roa
Signing time: Thu 27 Mar 2025 13:59:04 +0000
ROA not before: Thu 27 Mar 2025 13:59:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2a02:11c0::/28 maxlen: 28
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d7:e6:3a:39:fa:3b:99:2a:18:e6:65:76:9e:a2:fe:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: Mar 27 13:59:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fbab1527c22869ae4e842717c841a01bd20a7a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:95:df:93:da:6f:6d:c1:74:98:df:bf:29:3f:
80:50:c6:56:89:b4:32:7e:1d:e6:2c:d1:84:1e:aa:
90:e0:24:f4:7e:69:d6:fb:c8:2e:6f:df:db:39:fd:
15:2d:2d:47:12:75:4f:d3:23:48:0b:e3:57:ca:ef:
5f:e2:32:59:28:d1:25:b6:48:13:a1:c1:be:b3:20:
87:64:87:42:5f:73:9e:2f:e5:7e:26:95:f1:4d:b1:
11:3e:58:ff:a4:95:a0:c3:93:29:8c:87:12:2a:2b:
54:c0:36:fb:f0:65:fb:77:bd:42:33:ac:96:88:89:
f8:f7:3c:7c:66:13:0b:90:2f:dc:6f:b3:79:1f:73:
1c:78:d8:a3:e7:92:ff:ca:ba:db:5b:2d:a7:40:78:
82:33:4f:df:43:9b:50:93:14:cf:22:b7:de:a0:4a:
22:1b:87:96:a1:2c:74:9c:f8:b3:f8:2a:d6:3c:98:
01:e9:9c:1a:3a:85:df:03:33:5d:81:03:fe:53:b5:
af:f3:71:c5:7e:df:10:1b:32:4b:6e:1e:2d:1c:4d:
69:d5:4b:df:f7:bb:fb:2d:30:9d:79:22:df:37:b9:
b5:1e:b2:25:75:cf:e3:32:28:e2:30:14:2c:f7:79:
12:46:92:99:f0:3b:35:59:6a:11:b8:cb:bb:80:05:
25:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BA:B1:52:7C:22:86:9A:E4:E8:42:71:7C:84:1A:01:BD:20:A7:A4
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/b7qxUnwihprk6EJxfIQaAb0gp6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:11c0::/28
Signature Algorithm: sha256WithRSAEncryption
25:e2:55:3b:4f:35:96:08:b1:b0:9d:f6:9c:64:ec:6a:b0:e9:
b2:71:62:6c:1e:c7:ed:f9:87:19:3c:ab:9d:69:67:32:d6:6c:
60:9a:99:db:09:62:f2:7b:87:e2:3d:af:c3:e4:a3:84:d5:f9:
81:0c:1b:d1:23:60:71:67:ec:59:34:b2:d3:69:78:65:05:63:
d2:6c:11:7b:87:83:1f:dc:d7:29:4c:b4:cd:29:03:cf:19:b7:
48:99:94:cf:99:ae:6c:93:dc:69:a6:69:e8:a5:49:60:16:42:
41:eb:be:68:77:bc:87:57:1d:3a:a6:b4:8a:44:2d:f0:c3:a4:
da:9e:cd:68:75:3f:91:49:d4:32:99:d8:8c:3c:27:d9:bd:4d:
e6:99:0d:e0:ed:cd:21:48:c6:ec:db:6d:c8:03:69:75:c1:ee:
af:3e:4a:35:3d:5a:c7:ae:29:33:94:de:16:df:76:e9:dd:43:
de:3a:7c:fd:06:56:6c:54:cf:3f:36:82:40:10:05:24:40:04:
8b:6a:00:5f:60:ce:c4:a1:30:4b:58:3b:ec:7b:be:1c:eb:7f:
81:23:83:eb:b1:30:b6:35:ff:ac:67:fb:13:91:36:74:73:58:
3f:57:42:25:6a:6e:46:a3:ba:49:50:48:ab:8c:cf:5b:fe:8a:
f6:e4:a0:f4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXX5jo5+juZKhjmZXaeov7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjUwMzI3MTM1OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJhYjE1MjdjMjI4NjlhZTRlODQyNzE3Yzg0MWEwMWJkMjBhN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Xfk9pvbcF0mN+/KT+AUMZWibQy
fh3mLNGEHqqQ4CT0fmnW+8gub9/bOf0VLS1HEnVP0yNIC+NXyu9f4jJZKNEltkgT
ocG+syCHZIdCX3OeL+V+JpXxTbERPlj/pJWgw5MpjIcSKitUwDb78GX7d71CM6yW
iIn49zx8ZhMLkC/cb7N5H3MceNij55L/yrrbWy2nQHiCM0/fQ5tQkxTPIrfeoEoi
G4eWoSx0nPiz+CrWPJgB6ZwaOoXfAzNdgQP+U7Wv83HFft8QGzJLbh4tHE1p1Uvf
97v7LTCdeSLfN7m1HrIldc/jMijiMBQs93kSRpKZ8Ds1WWoRuMu7gAUlJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG+6sVJ8Ioaa5OhCcXyEGgG9IKekMB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvYjdxeFVud2locHJrNkVKeGZJUWFBYjBncDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUEKgIRwDAN
BgkqhkiG9w0BAQsFAAOCAQEAJeJVO081lgixsJ32nGTsarDpsnFibB7H7fmHGTyr
nWlnMtZsYJqZ2wli8nuH4j2vw+SjhNX5gQwb0SNgcWfsWTSy02l4ZQVj0mwRe4eD
H9zXKUy0zSkDzxm3SJmUz5mubJPcaaZp6KVJYBZCQeu+aHe8h1cdOqa0ikQt8MOk
2p7NaHU/kUnUMpnYjDwn2b1N5pkN4O3NIUjG7NttyANpdcHurz5KNT1ax64pM5Te
Ft926d1D3jp8/QZWbFTPPzaCQBAFJEAEi2oAX2DOxKEwS1g77Hu+HOt/gSOD67Ew
tjX/rGf7E5E2dHNYP1dCJWpuRqO6SVBIq4zPW/6K9uSg9A==
-----END CERTIFICATE-----
Generated at Wed Apr 9 04:27:07 2025 by rpki-client