Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/7sUlQFo2i2sGz_Vst269K_D-c-U.roa
File: 7sUlQFo2i2sGz_Vst269K_D-c-U.roa (raw, json)
Hash identifier: awgZwYT2+l2C5RaRZHXtrmJNbZfubWqB+2+301bBQBU=
Subject key identifier: EE:C5:25:40:5A:36:8B:6B:06:CF:F5:6C:B7:6E:BD:2B:F0:FE:73:E5
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 019424B3BE18C08F9EDC4341B92EDB6EA213
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/7sUlQFo2i2sGz_Vst269K_D-c-U.roa
Signing time: Thu 02 Jan 2025 01:49:06 +0000
ROA not before: Thu 02 Jan 2025 01:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208886
IP address blocks: 2a09:b280:beef::/48 maxlen: 48
2a09:b280:cccf::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:be:18:c0:8f:9e:dc:43:41:b9:2e:db:6e:a2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Jan 2 01:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eec525405a368b6b06cff56cb76ebd2bf0fe73e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f9:7e:e5:8d:db:02:79:da:28:eb:3c:78:75:
51:6a:f7:aa:57:38:b2:dd:48:7e:f6:70:8f:15:76:
9f:81:9e:60:52:bc:d6:7d:b1:89:0c:37:72:13:f0:
dc:b0:de:ab:4a:d5:3e:4a:91:cf:c3:5e:70:4b:0c:
83:aa:0a:3e:1d:c5:6d:f6:ef:54:a8:2f:9b:c0:e3:
31:ab:8a:3b:58:36:58:c3:35:e0:1f:aa:fd:3e:67:
e6:14:25:43:7b:3a:ab:d1:01:89:e6:dc:c4:36:3e:
f1:d4:58:5a:5d:b4:8a:dc:f0:7d:98:b6:86:49:d8:
2f:95:3a:f0:d5:be:f1:64:ab:f0:ec:a7:17:46:f6:
55:7e:83:e3:c5:0f:6d:36:3f:b4:88:18:c1:50:f3:
83:c0:4e:0a:e4:5c:df:18:65:06:ad:04:fa:09:10:
5d:91:00:e3:a6:7a:50:39:f0:b4:20:13:c9:9e:13:
e1:7a:be:24:cb:71:95:e5:45:b4:1c:ca:fe:5d:c3:
ce:1f:1b:ba:11:91:42:b8:42:d6:76:66:c1:1d:c6:
6a:e7:a6:a4:81:a3:62:d9:64:69:8f:6c:e0:84:30:
b4:70:3e:2d:ce:dd:40:83:62:ad:20:63:a3:bd:36:
91:b4:db:f8:9d:c6:54:ef:5d:09:02:f9:9a:73:50:
cc:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C5:25:40:5A:36:8B:6B:06:CF:F5:6C:B7:6E:BD:2B:F0:FE:73:E5
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/7sUlQFo2i2sGz_Vst269K_D-c-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b280:beef::/48
2a09:b280:cccf::/48
Signature Algorithm: sha256WithRSAEncryption
9c:c2:bc:62:8c:45:85:e6:88:98:e6:17:cf:90:45:7a:0b:7c:
91:2c:c1:e4:9b:c6:14:99:b4:b0:c8:be:1d:18:14:38:bb:c2:
47:5b:ad:48:0f:3f:da:3a:4f:5f:5e:8c:e8:96:0b:7c:92:78:
44:5b:77:8c:ba:d4:03:ec:cf:ce:ca:dd:45:8d:26:67:ff:ec:
54:a4:90:e6:90:d0:2f:1f:4c:7d:28:d0:09:90:ff:0b:71:39:
77:23:5b:b0:d3:a0:65:cb:25:61:ee:fd:d9:e8:25:9f:fe:25:
5b:c9:2a:26:b6:6a:5a:18:fe:c6:23:50:f2:64:b7:e4:7b:3b:
f4:74:49:19:d4:ae:e5:e0:a9:d3:4e:b3:87:85:af:34:4a:a2:
86:b1:b0:35:8e:3f:52:8f:12:22:d7:fc:f8:6a:e0:f1:8c:37:
a7:99:ec:34:70:a0:b1:eb:26:bc:f3:0f:82:81:61:52:17:1c:
dd:79:20:af:75:f9:0e:f2:6a:7a:6b:29:81:c7:a4:74:33:f3:
67:20:b2:46:9a:71:cc:d7:6f:dc:bd:c2:80:2f:45:49:65:c2:
a7:ef:df:d0:db:f8:bd:11:75:8d:96:77:42:c7:42:dd:f0:06:
74:2f:61:40:e5:b9:47:3f:1c:ca:f5:a4:d8:c2:35:1a:35:92:
23:8b:a1:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQks74YwI+e3ENBuS7bbqITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjUwMTAyMDE0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM1MjU0MDVhMzY4YjZiMDZjZmY1NmNiNzZlYmQyYmYwZmU3M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvl+5Y3bAnnaKOs8eHVRaveqVziy
3Uh+9nCPFXafgZ5gUrzWfbGJDDdyE/DcsN6rStU+SpHPw15wSwyDqgo+HcVt9u9U
qC+bwOMxq4o7WDZYwzXgH6r9PmfmFCVDezqr0QGJ5tzENj7x1FhaXbSK3PB9mLaG
SdgvlTrw1b7xZKvw7KcXRvZVfoPjxQ9tNj+0iBjBUPODwE4K5FzfGGUGrQT6CRBd
kQDjpnpQOfC0IBPJnhPher4ky3GV5UW0HMr+XcPOHxu6EZFCuELWdmbBHcZq56ak
gaNi2WRpj2zghDC0cD4tzt1Ag2KtIGOjvTaRtNv4ncZU710JAvmac1DMXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO7FJUBaNotrBs/1bLduvSvw/nPlMB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvN3NVbFFGbzJpMnNHel9Wc3QyNjlLX0QtYy1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgmygL7v
AwcAKgmygMzPMA0GCSqGSIb3DQEBCwUAA4IBAQCcwrxijEWF5oiY5hfPkEV6C3yR
LMHkm8YUmbSwyL4dGBQ4u8JHW61IDz/aOk9fXozolgt8knhEW3eMutQD7M/Oyt1F
jSZn/+xUpJDmkNAvH0x9KNAJkP8LcTl3I1uw06BlyyVh7v3Z6CWf/iVbySomtmpa
GP7GI1DyZLfkezv0dEkZ1K7l4KnTTrOHha80SqKGsbA1jj9SjxIi1/z4auDxjDen
mew0cKCx6ya88w+CgWFSFxzdeSCvdfkO8mp6aymBx6R0M/NnILJGmnHM12/cvcKA
L0VJZcKn79/Q2/i9EXWNlndCx0Ld8AZ0L2FA5blHPxzK9aTYwjUaNZIji6HZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:31:47 2025 by rpki-client