Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bAfrNG87SK-oKZX5BiSptFrFL9Q.roa
File: bAfrNG87SK-oKZX5BiSptFrFL9Q.roa (raw, json)
Hash identifier: uNSTEgI3AQAiGq4z2+1wQf01q3kPl9mWyGOOFDwrLUk=
Subject key identifier: 6C:07:EB:34:6F:3B:48:AF:A8:29:95:F9:06:24:A9:B4:5A:C5:2F:D4
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019425222288DACAE4ACA4E51880F0EF7190
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bAfrNG87SK-oKZX5BiSptFrFL9Q.roa
Signing time: Thu 02 Jan 2025 03:49:41 +0000
ROA not before: Thu 02 Jan 2025 03:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205977
IP address blocks: 2a0e:b107:760::/44 maxlen: 48
2a0e:b107:760::/48 maxlen: 48
2a0e:b107:761::/48 maxlen: 48
2a0e:b107:762::/48 maxlen: 48
2a0e:b107:763::/48 maxlen: 48
2a0e:b107:764::/48 maxlen: 48
2a0e:b107:765::/48 maxlen: 48
2a0e:b107:766::/48 maxlen: 48
2a0e:b107:767::/48 maxlen: 48
2a0e:b107:768::/45 maxlen: 48
2a0e:b107:768::/48 maxlen: 48
2a10:2f00:120::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:22:88:da:ca:e4:ac:a4:e5:18:80:f0:ef:71:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 03:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c07eb346f3b48afa82995f90624a9b45ac52fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b0:5d:51:3c:4d:10:6b:cd:37:e3:f9:ff:c9:
84:d2:85:93:0d:3e:db:44:e6:2f:12:2c:9f:42:65:
af:91:8f:82:ae:11:5a:94:02:8c:45:54:a4:fe:a0:
14:fb:6e:01:c9:7f:b8:11:09:a7:0d:97:db:75:a0:
a5:ab:49:10:d9:15:c5:01:ef:33:a8:01:63:dd:23:
73:f4:54:31:b3:d4:bb:fe:33:99:96:04:63:10:29:
2e:1e:0b:75:d3:14:ca:36:8f:db:58:27:6d:d4:ce:
ac:32:03:65:2e:6d:94:3c:81:a3:ba:ec:5e:59:9b:
73:31:87:55:47:0c:5c:10:ba:0f:54:43:9a:68:ec:
ee:b9:83:5e:a0:4a:3d:97:ed:83:e0:86:ae:ff:8b:
a5:96:de:88:f8:4d:4e:2c:17:8a:51:6e:3d:92:10:
d6:4a:37:7f:65:48:04:b4:80:9d:76:f8:51:93:2a:
1d:f8:cf:3d:ef:cf:72:e6:51:05:a8:fa:e3:25:bd:
dd:23:53:5e:93:21:e6:3a:ea:58:66:c0:f4:24:5d:
52:64:1f:f7:ec:ea:ac:54:d0:2b:ed:4a:87:5d:c2:
65:c1:95:05:a7:d4:f2:28:5c:13:52:08:ca:2c:fc:
02:5a:3d:25:da:0f:24:01:52:dc:7f:09:df:cc:31:
0b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:07:EB:34:6F:3B:48:AF:A8:29:95:F9:06:24:A9:B4:5A:C5:2F:D4
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/bAfrNG87SK-oKZX5BiSptFrFL9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:760::/44
2a10:2f00:120::/48
Signature Algorithm: sha256WithRSAEncryption
03:b5:bb:5c:33:60:e7:9d:c5:a8:a5:ee:a7:50:fd:a3:f7:98:
98:6b:d9:60:18:ed:f3:45:08:bf:34:05:f5:de:a6:90:74:4b:
39:aa:48:a5:13:78:76:58:72:76:eb:f0:56:97:40:9b:81:c9:
90:28:83:fc:bf:ab:37:d2:bc:93:dd:11:5b:c2:ea:40:8d:ec:
e5:23:af:83:ac:fd:d7:bb:8d:55:28:7b:27:8c:c1:69:99:25:
90:df:de:c7:21:34:c0:59:bf:8c:9a:24:e8:92:62:2f:83:4d:
b0:eb:f5:95:d9:05:3e:ce:d5:e4:2b:53:6a:07:39:6d:2b:11:
b3:ac:45:11:23:68:bc:79:a5:18:43:4f:db:b8:68:b0:2e:1c:
e1:60:f4:20:2d:cb:d5:dc:9b:19:94:5f:6d:ea:84:84:d3:6b:
f3:4c:d2:81:6a:19:b3:0f:4f:3f:bf:14:0c:19:b9:3c:9a:c0:
2a:f2:99:3d:ac:49:53:86:55:d6:ba:55:09:3d:41:af:9e:fe:
c7:5c:ba:4d:2d:ca:63:dc:5d:0d:4a:bd:00:d4:af:5e:4e:81:
a2:e1:61:9a:c3:90:6e:2d:29:7b:77:5d:30:77:1b:8a:e2:9e:
11:2c:eb:28:22:5d:a7:4c:03:3a:91:dd:ae:9e:f7:c2:c6:17:
a2:c9:71:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlIiKI2srkrKTlGIDw73GQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMTAyMDM0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA3ZWIzNDZmM2I0OGFmYTgyOTk1ZjkwNjI0YTliNDVhYzUyZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLBdUTxNEGvNN+P5/8mE0oWTDT7b
ROYvEiyfQmWvkY+CrhFalAKMRVSk/qAU+24ByX+4EQmnDZfbdaClq0kQ2RXFAe8z
qAFj3SNz9FQxs9S7/jOZlgRjECkuHgt10xTKNo/bWCdt1M6sMgNlLm2UPIGjuuxe
WZtzMYdVRwxcELoPVEOaaOzuuYNeoEo9l+2D4Iau/4ullt6I+E1OLBeKUW49khDW
Sjd/ZUgEtICddvhRkyod+M89789y5lEFqPrjJb3dI1NekyHmOupYZsD0JF1SZB/3
7OqsVNAr7UqHXcJlwZUFp9TyKFwTUgjKLPwCWj0l2g8kAVLcfwnfzDELMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGwH6zRvO0ivqCmV+QYkqbRaxS/UMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvYkFmck5HODdTSy1vS1pYNUJpU3B0RnJGTDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6xBwdg
AwcAKhAvAAEgMA0GCSqGSIb3DQEBCwUAA4IBAQADtbtcM2DnncWope6nUP2j95iY
a9lgGO3zRQi/NAX13qaQdEs5qkilE3h2WHJ26/BWl0CbgcmQKIP8v6s30ryT3RFb
wupAjezlI6+DrP3Xu41VKHsnjMFpmSWQ397HITTAWb+MmiTokmIvg02w6/WV2QU+
ztXkK1NqBzltKxGzrEURI2i8eaUYQ0/buGiwLhzhYPQgLcvV3JsZlF9t6oSE02vz
TNKBahmzD08/vxQMGbk8msAq8pk9rElThlXWulUJPUGvnv7HXLpNLcpj3F0NSr0A
1K9eToGi4WGaw5BuLSl7d10wdxuK4p4RLOsoIl2nTAM6kd2unvfCxheiyXGG
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:26:05 2025 by rpki-client