Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/6RKHwkUGkLRE0nOS7i-phv0Y7b8.roa
File: 6RKHwkUGkLRE0nOS7i-phv0Y7b8.roa (raw, json)
Hash identifier: YNCF/KzAqV3Fo+hsWHR3r0AQecfE2O/ljxIxKeerc6E=
Subject key identifier: E9:12:87:C2:45:06:90:B4:44:D2:73:92:EE:2F:A9:86:FD:18:ED:BF
Certificate issuer: /CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Certificate serial: 0194236A31E5F22C5107CB34C09D4AB42581
Authority key identifier: 34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/6RKHwkUGkLRE0nOS7i-phv0Y7b8.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209485
IP address blocks: 2a01:b960:2309::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:31:e5:f2:2c:51:07:cb:34:c0:9d:4a:b4:25:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f1726ea4bd6d3c8091ae0c8ad1a03e91e359a2
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e91287c2450690b444d27392ee2fa986fd18edbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1b:8a:ba:e2:ac:5f:e1:4c:1c:e1:d4:d3:16:
fa:15:28:70:1b:91:48:75:a7:2a:7c:a5:67:0e:12:
6e:89:73:79:47:a2:69:b4:d3:f3:9d:b8:9e:b1:5f:
25:90:e2:cd:69:3b:82:0a:1e:ab:9b:ab:d8:0e:52:
5d:e4:90:f9:4a:bc:ac:48:bc:81:7d:af:d3:7d:6d:
10:43:94:23:44:36:31:ea:1d:4b:ed:d1:4a:f4:06:
a3:4b:8b:11:d0:97:25:e8:69:3a:0e:06:63:71:b8:
35:bc:db:34:87:cc:b1:5f:ca:b0:17:78:3e:0e:25:
47:a2:7b:8c:86:e3:35:6b:cc:bd:71:3a:33:cf:bb:
4d:24:75:3b:c0:68:f2:9a:da:6e:a7:98:7b:d7:3c:
8e:cd:f6:a9:99:72:f3:67:08:05:a3:b9:54:8c:5e:
cc:f6:65:b3:ed:77:f2:2f:20:54:3f:5d:54:93:6f:
9c:71:37:6f:ef:39:df:ae:ce:7c:52:16:66:61:ff:
87:91:69:a2:4c:d3:11:9e:8e:9d:06:ef:31:a4:e8:
31:91:52:9e:66:bc:46:03:f8:6f:9c:d8:a3:de:fa:
d0:88:e7:cc:02:05:7b:f2:c3:e8:0c:f9:66:43:a6:
1c:1a:49:76:76:2d:ce:7a:36:cd:be:5b:5c:79:5b:
a4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:12:87:C2:45:06:90:B4:44:D2:73:92:EE:2F:A9:86:FD:18:ED:BF
X509v3 Authority Key Identifier:
keyid:34:F1:72:6E:A4:BD:6D:3C:80:91:AE:0C:8A:D1:A0:3E:91:E3:59:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPFybqS9bTyAka4MitGgPpHjWaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/6RKHwkUGkLRE0nOS7i-phv0Y7b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ef8e84-9161-402c-81ad-e8e8d2fe70fe/1/NPFybqS9bTyAka4MitGgPpHjWaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b960:2309::/48
Signature Algorithm: sha256WithRSAEncryption
32:5e:04:60:c9:5d:9d:17:28:4a:92:b1:66:72:3e:90:8b:04:
53:3d:9a:36:ac:80:d5:55:63:88:e9:c1:c1:96:d2:03:0c:66:
83:34:0d:9d:cd:eb:9a:37:7b:77:6b:ad:69:da:e3:1e:0d:af:
35:eb:7f:86:4f:19:9b:01:b5:12:c8:a8:7b:3a:24:1c:89:ff:
60:07:af:d4:c1:96:ef:d2:b1:3a:16:9e:4a:21:8f:97:aa:b2:
73:a7:96:85:d8:de:a4:c1:fb:87:9b:52:c8:66:d3:8d:d0:be:
e7:6c:ef:c1:e1:62:ee:08:90:d5:f0:a1:d4:36:c0:63:b4:13:
1b:8e:18:ab:c4:27:5c:e2:c8:02:dd:c9:42:13:f5:4a:63:36:
73:88:ce:b2:0c:83:62:1f:d0:c1:2e:e9:b7:43:20:7d:10:d0:
47:c2:81:6b:57:bd:69:14:eb:e7:97:97:01:80:2a:6c:9c:d1:
c4:ad:1b:35:ee:98:29:71:a7:c8:45:89:39:a2:f6:24:03:53:
8c:40:d3:54:1d:ec:70:7b:43:fa:c3:d8:7e:e7:98:03:67:16:
0d:ff:66:10:65:2c:ba:f4:03:91:e8:8f:84:39:93:79:69:b0:
b7:5b:cb:f7:ea:59:f8:f5:89:e0:9e:8d:50:fc:7b:17:99:90:
57:bf:1f:d0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQjajHl8ixRB8s0wJ1KtCWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjE3MjZlYTRiZDZkM2M4MDkxYWUwYzhhZDFhMDNlOTFl
MzU5YTIwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTEyODdjMjQ1MDY5MGI0NDRkMjczOTJlZTJmYTk4NmZkMThlZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRuKuuKsX+FMHOHU0xb6FShwG5FI
dacqfKVnDhJuiXN5R6JptNPznbiesV8lkOLNaTuCCh6rm6vYDlJd5JD5SrysSLyB
fa/TfW0QQ5QjRDYx6h1L7dFK9AajS4sR0Jcl6Gk6DgZjcbg1vNs0h8yxX8qwF3g+
DiVHonuMhuM1a8y9cTozz7tNJHU7wGjymtpup5h71zyOzfapmXLzZwgFo7lUjF7M
9mWz7XfyLyBUP11Uk2+ccTdv7znfrs58UhZmYf+HkWmiTNMRno6dBu8xpOgxkVKe
ZrxGA/hvnNij3vrQiOfMAgV78sPoDPlmQ6YcGkl2di3OejbNvltceVukmwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOkSh8JFBpC0RNJzku4vqYb9GO2/MB8GA1UdIwQY
MBaAFDTxcm6kvW08gJGuDIrRoD6R41miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQt
ZThlOGQyZmU3MGZlLzEvNlJLSHdrVUdrTFJFMG5PUzdpLXBodjBZN2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lZjhlODQtOTE2MS00MDJjLTgxYWQtZThlOGQyZmU3MGZl
LzEvTlBGeWJxUzliVHlBa2E0TWl0R2dQcEhqV2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgG5YCMJ
MA0GCSqGSIb3DQEBCwUAA4IBAQAyXgRgyV2dFyhKkrFmcj6QiwRTPZo2rIDVVWOI
6cHBltIDDGaDNA2dzeuaN3t3a61p2uMeDa8163+GTxmbAbUSyKh7OiQcif9gB6/U
wZbv0rE6Fp5KIY+XqrJzp5aF2N6kwfuHm1LIZtON0L7nbO/B4WLuCJDV8KHUNsBj
tBMbjhirxCdc4sgC3clCE/VKYzZziM6yDINiH9DBLum3QyB9ENBHwoFrV71pFOvn
l5cBgCpsnNHErRs17pgpcafIRYk5ovYkA1OMQNNUHexwe0P6w9h+55gDZxYN/2YQ
ZSy69AOR6I+EOZN5abC3W8v36ln49Yngno1Q/HsXmZBXvx/Q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:35 2025 by rpki-client