Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/h7K92qiMiWFLtkqLXfWLx7T3RS0.roa
File: h7K92qiMiWFLtkqLXfWLx7T3RS0.roa (raw, json)
Hash identifier: SXAVcoWGoZlytOpyw4bPPikyafW7og6IlMVyTr7sX3s=
Subject key identifier: 87:B2:BD:DA:A8:8C:89:61:4B:B6:4A:8B:5D:F5:8B:C7:B4:F7:45:2D
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01942745D08B8F713204BCDB97F0AE9D7929
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/h7K92qiMiWFLtkqLXfWLx7T3RS0.roa
Signing time: Thu 02 Jan 2025 13:47:54 +0000
ROA not before: Thu 02 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206938
IP address blocks: 2a03:2107::/48 maxlen: 48
2a03:2107:1::/48 maxlen: 48
2a03:2107:2::/48 maxlen: 48
2a03:2107:3::/48 maxlen: 48
2a03:2107:4::/48 maxlen: 48
2a03:2107:5::/48 maxlen: 48
2a03:2107:6::/48 maxlen: 48
2a03:2107:7::/48 maxlen: 48
2a03:2107:8::/48 maxlen: 48
2a03:2107:9::/48 maxlen: 48
2a03:2107:a::/48 maxlen: 48
2a03:2107:b::/48 maxlen: 48
2a03:2107:c::/48 maxlen: 48
2a03:2107:d::/48 maxlen: 48
2a03:2107:e::/48 maxlen: 48
2a03:2107:f::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:d0:8b:8f:71:32:04:bc:db:97:f0:ae:9d:79:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 2 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87b2bddaa88c89614bb64a8b5df58bc7b4f7452d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:45:3d:c0:42:de:8f:58:4f:c4:50:b7:da:
c6:55:bf:84:94:d7:5c:23:c7:17:e4:9c:38:66:81:
b3:08:b4:ec:90:0f:1d:33:02:9e:7a:07:95:78:1c:
1c:4c:47:45:5f:3e:d9:49:37:e7:2c:95:6e:e0:2e:
0d:ce:32:d3:ee:b0:e4:67:00:1d:e8:f3:85:a1:9f:
74:7e:7e:f6:05:df:c9:a8:2c:44:a8:22:26:3d:30:
ae:f3:07:b7:50:35:ca:7c:08:60:7e:6f:a2:f0:a6:
49:7e:62:22:84:c2:85:f8:1d:77:89:c6:16:20:4a:
ca:ab:34:a7:6c:4c:24:85:06:35:d4:d9:76:9a:62:
07:ee:82:1f:7d:d6:b3:57:13:f0:b1:eb:38:8a:25:
51:ba:d5:41:a4:2e:d0:1b:83:b0:f9:1d:01:b2:e9:
0d:28:08:41:ab:b8:eb:d1:ce:23:a4:9f:dd:cb:fd:
c3:e4:58:cf:14:3f:be:18:81:db:5b:bb:ac:33:ea:
90:7b:b6:e3:d8:dc:79:f5:f7:f0:c1:2a:6e:8c:26:
d6:f8:5d:75:5e:e7:e1:da:a6:b6:66:3f:78:38:a4:
51:92:e9:a5:55:ff:81:4f:1a:31:f3:f3:43:fa:78:
50:3e:3a:60:b3:da:e3:54:16:ef:e4:bd:b3:87:eb:
f7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B2:BD:DA:A8:8C:89:61:4B:B6:4A:8B:5D:F5:8B:C7:B4:F7:45:2D
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/h7K92qiMiWFLtkqLXfWLx7T3RS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2107::/44
Signature Algorithm: sha256WithRSAEncryption
05:f8:67:7b:4e:5d:4f:8b:51:34:3c:b8:19:9d:2b:62:4c:c0:
e9:fe:dd:83:3d:00:79:86:61:38:55:9d:8f:84:0b:c0:f0:a0:
a8:14:04:af:b2:f6:43:ae:ab:be:0e:4d:0a:58:98:62:1d:84:
89:02:00:2e:c1:cb:33:06:73:3f:28:fb:94:e8:fe:13:26:06:
a9:b0:f8:5e:f2:8f:21:ee:d2:18:cf:5e:0b:d8:eb:c0:6a:28:
3c:d4:08:a4:c8:12:87:cf:83:74:ae:e8:55:8a:c3:69:91:41:
70:ca:73:9c:db:9c:8d:bf:3b:92:60:02:9c:a8:27:f4:0f:51:
76:a9:88:b4:89:cd:70:8e:e6:7b:9e:7a:55:7b:c5:b0:57:9b:
e3:a0:4c:0b:68:27:cf:fb:fa:51:f7:27:1d:4c:63:2f:0f:8c:
6f:3d:ee:5c:c7:e0:4b:52:ab:a3:11:00:6a:f9:6a:57:32:09:
0b:6b:8f:2f:e2:3e:09:d7:3a:bb:9f:92:b9:34:5e:fd:90:41:
aa:2c:df:59:33:53:9a:1e:04:b9:02:ab:1f:62:e0:33:12:a2:
4d:a6:c8:38:8f:c0:e2:92:64:ea:20:63:9c:e6:df:39:e3:5c:
3f:d5:35:9e:70:31:d2:1e:2f:71:fe:b5:b9:2b:b4:d6:ac:21:
1d:b8:40:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnRdCLj3EyBLzbl/CunXkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTAyMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2IyYmRkYWE4OGM4OTYxNGJiNjRhOGI1ZGY1OGJjN2I0Zjc0NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJBFPcBC3o9YT8RQt9rGVb+ElNdc
I8cX5Jw4ZoGzCLTskA8dMwKeegeVeBwcTEdFXz7ZSTfnLJVu4C4NzjLT7rDkZwAd
6POFoZ90fn72Bd/JqCxEqCImPTCu8we3UDXKfAhgfm+i8KZJfmIihMKF+B13icYW
IErKqzSnbEwkhQY11Nl2mmIH7oIffdazVxPwses4iiVRutVBpC7QG4Ow+R0BsukN
KAhBq7jr0c4jpJ/dy/3D5FjPFD++GIHbW7usM+qQe7bj2Nx59ffwwSpujCbW+F11
Xufh2qa2Zj94OKRRkumlVf+BTxox8/ND+nhQPjpgs9rjVBbv5L2zh+v39wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIeyvdqojIlhS7ZKi131i8e090UtMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvaDdLOTJxaU1pV0ZMdGtxTFhmV0x4N1QzUlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgMhBwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAF+Gd7Tl1Pi1E0PLgZnStiTMDp/t2DPQB5hmE4
VZ2PhAvA8KCoFASvsvZDrqu+Dk0KWJhiHYSJAgAuwcszBnM/KPuU6P4TJgapsPhe
8o8h7tIYz14L2OvAaig81AikyBKHz4N0ruhVisNpkUFwynOc25yNvzuSYAKcqCf0
D1F2qYi0ic1wjuZ7nnpVe8WwV5vjoEwLaCfP+/pR9ycdTGMvD4xvPe5cx+BLUquj
EQBq+WpXMgkLa48v4j4J1zq7n5K5NF79kEGqLN9ZM1OaHgS5AqsfYuAzEqJNpsg4
j8DikmTqIGOc5t8541w/1TWecDHSHi9x/rW5K7TWrCEduEBh
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:41:26 2025 by rpki-client