Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/fDWbip1-YNcvwFB10wWogqS6hpg.roa
File: fDWbip1-YNcvwFB10wWogqS6hpg.roa (raw, json)
Hash identifier: 0bycX6lJtic2qo3rY1WaTtAanYsxsXCfO/8R29cbxyU=
Subject key identifier: 7C:35:9B:8A:9D:7E:60:D7:2F:C0:50:75:D3:05:A8:82:A4:BA:86:98
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 0194266B1F83E990080838F24192BE5CACEE
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/fDWbip1-YNcvwFB10wWogqS6hpg.roa
Signing time: Thu 02 Jan 2025 09:49:02 +0000
ROA not before: Thu 02 Jan 2025 09:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208249
IP address blocks: 2a06:1e81::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:1f:83:e9:90:08:08:38:f2:41:92:be:5c:ac:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 2 09:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c359b8a9d7e60d72fc05075d305a882a4ba8698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:29:c6:39:f5:22:78:3e:4b:df:69:83:36:54:
30:bf:1c:ec:18:40:7c:43:2e:07:7c:6d:cc:e0:62:
48:72:06:d6:fb:89:c6:4b:ea:a0:f0:db:6f:7e:b8:
d5:41:93:c4:79:b2:92:c1:97:5e:f3:d5:c5:79:04:
f8:c5:24:0c:61:8c:48:98:33:c1:5f:90:e9:85:b1:
8d:90:22:75:39:82:34:3a:83:17:af:bd:91:64:00:
c7:3d:2b:8c:be:15:b9:b0:f4:07:84:ce:40:ae:84:
2e:61:2a:5b:08:01:18:15:7c:bf:1b:8f:72:a1:6f:
35:4a:0c:dc:03:88:65:ff:ee:1b:9c:2e:ca:b8:eb:
10:d1:a7:ea:05:67:5d:7a:d1:95:db:a6:6f:96:22:
81:a8:5d:77:9c:21:4b:41:ec:e7:98:08:ee:3a:48:
2a:36:41:15:a4:9d:2d:ac:b3:d0:07:da:cd:d7:b5:
61:ec:ee:74:ab:2d:06:f6:12:9d:ca:92:c6:62:37:
16:58:8c:6d:42:56:c5:96:f8:fe:a4:1f:94:3f:a9:
9a:ad:8c:4e:19:41:8e:d1:0b:76:f7:c5:01:de:b1:
fb:05:e8:b4:33:cd:b7:2c:b0:ab:9e:38:01:35:0d:
87:37:6b:a9:72:7d:f9:45:72:5a:ef:f0:9a:d5:2e:
bf:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:35:9B:8A:9D:7E:60:D7:2F:C0:50:75:D3:05:A8:82:A4:BA:86:98
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/fDWbip1-YNcvwFB10wWogqS6hpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1e81::/32
Signature Algorithm: sha256WithRSAEncryption
09:a1:0e:6f:a9:80:27:0b:85:0c:31:94:86:e2:11:b8:b6:d4:
5a:dc:0a:7c:f2:51:8d:cc:27:9e:6b:92:a9:f3:88:0d:45:cb:
16:65:69:b5:5e:79:c8:3a:c0:29:b9:79:d3:51:de:77:3d:0d:
b7:3c:65:33:cc:26:bd:7c:9b:c4:41:2a:d7:e8:9f:61:5a:a8:
66:11:7e:d1:91:cb:10:a6:e0:e8:e5:83:d6:d5:04:21:8d:06:
58:31:2b:1b:ce:d7:a6:2e:99:64:70:10:34:c7:28:16:59:34:
37:83:b4:fe:d0:d6:24:2d:68:95:6d:37:c6:af:58:28:79:fe:
63:6d:d4:a6:4f:e7:c4:d2:3f:58:90:11:0e:97:66:6b:58:fc:
d5:a3:09:e7:73:86:53:90:45:c2:c3:3d:f9:01:40:50:93:01:
9c:c1:bb:85:ab:6e:9f:df:10:7f:05:13:d0:23:df:a4:f9:e1:
58:e0:4b:c4:bd:8c:31:c7:bd:f7:a2:9e:d9:49:f3:f3:ab:5a:
8c:0c:dd:6e:1f:ae:dc:f9:72:41:be:9a:1e:36:e1:f3:a3:53:
31:e6:03:79:db:85:da:f6:e3:60:c2:41:65:cb:08:3a:19:ce:
d0:90:50:38:eb:67:e8:2f:fd:aa:e1:96:f2:3e:f5:7f:eb:7d:
f1:6a:2f:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmax+D6ZAICDjyQZK+XKzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjUwMTAyMDk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM1OWI4YTlkN2U2MGQ3MmZjMDUwNzVkMzA1YTg4MmE0YmE4Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ynGOfUieD5L32mDNlQwvxzsGEB8
Qy4HfG3M4GJIcgbW+4nGS+qg8NtvfrjVQZPEebKSwZde89XFeQT4xSQMYYxImDPB
X5DphbGNkCJ1OYI0OoMXr72RZADHPSuMvhW5sPQHhM5AroQuYSpbCAEYFXy/G49y
oW81SgzcA4hl/+4bnC7KuOsQ0afqBWddetGV26ZvliKBqF13nCFLQeznmAjuOkgq
NkEVpJ0trLPQB9rN17Vh7O50qy0G9hKdypLGYjcWWIxtQlbFlvj+pB+UP6marYxO
GUGO0Qt298UB3rH7Bei0M823LLCrnjgBNQ2HN2upcn35RXJa7/Ca1S6/QwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHw1m4qdfmDXL8BQddMFqIKkuoaYMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvZkRXYmlwMS1ZTmN2d0ZCMTB3V29ncVM2aHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgYegTAN
BgkqhkiG9w0BAQsFAAOCAQEACaEOb6mAJwuFDDGUhuIRuLbUWtwKfPJRjcwnnmuS
qfOIDUXLFmVptV55yDrAKbl501Hedz0NtzxlM8wmvXybxEEq1+ifYVqoZhF+0ZHL
EKbg6OWD1tUEIY0GWDErG87Xpi6ZZHAQNMcoFlk0N4O0/tDWJC1olW03xq9YKHn+
Y23Upk/nxNI/WJARDpdma1j81aMJ53OGU5BFwsM9+QFAUJMBnMG7hatun98QfwUT
0CPfpPnhWOBLxL2MMce996Ke2Unz86tajAzdbh+u3PlyQb6aHjbh86NTMeYDeduF
2vbjYMJBZcsIOhnO0JBQOOtn6C/9quGW8j71f+t98WovZA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:01:47 2025 by rpki-client