Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/6ZnfS565qYdUchLZCkFU7aS7slQ.roa
File: 6ZnfS565qYdUchLZCkFU7aS7slQ.roa (raw, json)
Hash identifier: 4t6UU9aRgFRSLJBVwUMaRIV03s5+6yeuigVjxM6Ktp4=
Subject key identifier: E9:99:DF:4B:9E:B9:A9:87:54:72:12:D9:0A:41:54:ED:A4:BB:B2:54
Certificate issuer: /CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Certificate serial: 0194266C22E16CD56AA252AAF1D5C0E5F606
Authority key identifier: 45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/6ZnfS565qYdUchLZCkFU7aS7slQ.roa
Signing time: Thu 02 Jan 2025 09:50:08 +0000
ROA not before: Thu 02 Jan 2025 09:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39351
IP address blocks: 2a07:bdc0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:22:e1:6c:d5:6a:a2:52:aa:f1:d5:c0:e5:f6:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45bbd2193642530a017f4f1cbe562e2170b3dfbd
Validity
Not Before: Jan 2 09:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e999df4b9eb9a987547212d90a4154eda4bbb254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6a:bd:a2:a7:6c:5a:b1:46:bb:68:7b:35:ef:
20:75:64:ba:65:37:d5:ad:9f:a6:94:46:fe:dc:63:
34:fe:c8:58:0a:30:c0:bb:d8:ec:bc:9d:e7:13:7e:
11:06:9d:84:b7:3c:30:6b:94:8e:e9:ef:d4:49:12:
55:06:e0:4d:db:8b:c4:d5:26:e6:13:c0:9c:9f:b8:
17:ad:e0:63:a6:de:d3:0e:ba:f5:43:da:9e:4c:82:
a7:42:23:a0:81:69:1a:f1:b9:ab:5b:10:23:ad:a1:
25:80:8c:fd:3f:a7:7d:ec:ec:42:00:3c:ba:f6:a3:
76:c1:34:de:04:ac:67:1b:f4:1a:c9:89:70:36:44:
ce:fb:52:82:5f:ea:c0:45:f1:95:86:95:c6:9d:58:
67:2e:e7:6c:e6:90:a6:81:5c:9e:54:a4:7c:94:2d:
98:d6:40:83:64:95:b1:6f:9b:b9:a8:01:46:40:8d:
0f:2f:31:46:92:1c:b4:6a:42:75:d1:c8:83:9c:41:
3e:7c:12:8c:d7:f1:f7:42:ee:43:53:46:a8:98:2f:
52:2f:14:24:f9:12:f2:21:79:b4:4f:bb:4d:ec:52:
1a:ae:28:b7:80:b4:d0:67:f5:79:ba:1c:49:b2:82:
22:2c:ec:bb:37:8b:c8:73:78:62:c0:95:f8:87:19:
5b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:99:DF:4B:9E:B9:A9:87:54:72:12:D9:0A:41:54:ED:A4:BB:B2:54
X509v3 Authority Key Identifier:
keyid:45:BB:D2:19:36:42:53:0A:01:7F:4F:1C:BE:56:2E:21:70:B3:DF:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RbvSGTZCUwoBf08cvlYuIXCz370.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/6ZnfS565qYdUchLZCkFU7aS7slQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cffff8-3530-4e5b-a5e2-c77905fbba7b/1/RbvSGTZCUwoBf08cvlYuIXCz370.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bdc0::/32
Signature Algorithm: sha256WithRSAEncryption
07:cd:c1:28:84:7e:dc:6e:91:07:cd:3f:01:34:d4:dd:b1:df:
d9:19:c9:69:a1:c2:db:40:a1:f6:6f:fd:ea:89:a0:54:a8:94:
fe:6f:3d:e7:e9:71:28:21:9c:a5:03:19:6d:cc:34:44:14:e1:
8e:a4:58:32:77:97:3b:ee:3c:5e:0d:6e:7f:d4:7f:13:a6:94:
2f:6a:1a:91:99:c2:26:51:f0:49:9f:4a:45:11:12:70:2c:38:
df:6c:b7:07:cc:a8:47:a1:12:96:ad:c6:31:11:00:3b:b5:6c:
be:69:9c:db:68:de:5b:44:52:46:aa:82:a3:c2:47:53:63:55:
35:b9:72:d0:7a:c1:2c:45:80:98:aa:de:a8:e6:71:67:53:95:
de:eb:04:ac:04:22:1a:7f:f7:a5:31:69:83:9c:f6:1f:10:53:
05:31:af:9b:65:a4:93:5f:42:7e:0c:33:bf:a1:5a:29:15:2a:
8e:28:47:8d:e2:b9:c5:77:bb:c7:91:da:8a:26:e2:96:17:60:
e7:b3:6a:c8:72:5c:c1:62:88:28:2f:14:09:1e:e3:1c:77:78:
d3:66:d9:ac:f6:65:fe:d8:6f:d9:94:0e:c9:99:79:29:73:b9:
14:47:de:b7:37:39:cc:f3:c0:d3:24:93:c9:1d:3d:ac:01:af:
96:5b:7a:b0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQmbCLhbNVqolKq8dXA5fYGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1YmJkMjE5MzY0MjUzMGEwMTdmNGYxY2JlNTYyZTIxNzBi
M2RmYmQwHhcNMjUwMTAyMDk1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTk5ZGY0YjllYjlhOTg3NTQ3MjEyZDkwYTQxNTRlZGE0YmJiMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWq9oqdsWrFGu2h7Ne8gdWS6ZTfV
rZ+mlEb+3GM0/shYCjDAu9jsvJ3nE34RBp2Etzwwa5SO6e/USRJVBuBN24vE1Sbm
E8Ccn7gXreBjpt7TDrr1Q9qeTIKnQiOggWka8bmrWxAjraElgIz9P6d97OxCADy6
9qN2wTTeBKxnG/QayYlwNkTO+1KCX+rARfGVhpXGnVhnLuds5pCmgVyeVKR8lC2Y
1kCDZJWxb5u5qAFGQI0PLzFGkhy0akJ10ciDnEE+fBKM1/H3Qu5DU0aomC9SLxQk
+RLyIXm0T7tN7FIarii3gLTQZ/V5uhxJsoIiLOy7N4vIc3hiwJX4hxlbyQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOmZ30ueuamHVHIS2QpBVO2ku7JUMB8GA1UdIwQY
MBaAFEW70hk2QlMKAX9PHL5WLiFws9+9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTIt
Yzc3OTA1ZmJiYTdiLzEvNlpuZlM1NjVxWWRVY2hMWkNrRlU3YVM3c2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZmZmZjgtMzUzMC00ZTViLWE1ZTItYzc3OTA1ZmJiYTdi
LzEvUmJ2U0dUWkNVd29CZjA4Y3ZsWXVJWEN6MzcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKge9wDAN
BgkqhkiG9w0BAQsFAAOCAQEAB83BKIR+3G6RB80/ATTU3bHf2RnJaaHC20Ch9m/9
6omgVKiU/m895+lxKCGcpQMZbcw0RBThjqRYMneXO+48Xg1uf9R/E6aUL2oakZnC
JlHwSZ9KRREScCw432y3B8yoR6ESlq3GMREAO7Vsvmmc22jeW0RSRqqCo8JHU2NV
Nbly0HrBLEWAmKreqOZxZ1OV3usErAQiGn/3pTFpg5z2HxBTBTGvm2Wkk19Cfgwz
v6FaKRUqjihHjeK5xXe7x5Haiibilhdg57NqyHJcwWKIKC8UCR7jHHd402bZrPZl
/thv2ZQOyZl5KXO5FEfetzc5zPPA0ySTyR09rAGvllt6sA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:33:32 2025 by rpki-client