Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/9G6E6O6wpgLZ9pKYTooy3mcegTM.roa
File: 9G6E6O6wpgLZ9pKYTooy3mcegTM.roa (raw, json)
Hash identifier: FIlkJBPZahISiqf5HneR28EG8wxuX1KuoSMqeIkSPBA=
Subject key identifier: F4:6E:84:E8:EE:B0:A6:02:D9:F6:92:98:4E:8A:32:DE:67:1E:81:33
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0194236A52573B8B9B42F7E245B10EC1C599
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/9G6E6O6wpgLZ9pKYTooy3mcegTM.roa
Signing time: Wed 01 Jan 2025 19:49:17 +0000
ROA not before: Wed 01 Jan 2025 19:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1102
IP address blocks: 194.104.0.0/24 maxlen: 24
2001:678:230::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:52:57:3b:8b:9b:42:f7:e2:45:b1:0e:c1:c5:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jan 1 19:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f46e84e8eeb0a602d9f692984e8a32de671e8133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8d:bf:4e:89:d9:35:57:98:77:05:fc:8d:0b:
60:82:c0:6c:8e:e4:88:a9:27:66:52:bf:c0:dd:92:
66:ad:56:b2:e1:e6:cc:36:5e:82:ae:3d:0e:7c:07:
de:75:28:9e:f7:0b:87:ac:2b:4b:13:37:b1:e9:f2:
bb:65:79:21:57:c2:85:eb:40:dc:8f:8e:f2:a6:86:
d6:49:e7:2b:51:14:60:37:af:a9:c6:72:cf:2e:a8:
d6:f5:a4:a7:36:3b:be:0d:c5:ac:04:40:f7:bf:dd:
fd:5a:5c:4c:4a:ed:1c:96:b1:28:4b:1e:f4:b9:e0:
10:c3:47:34:39:5c:69:6a:49:41:b7:14:7a:20:2b:
51:3f:1b:82:80:25:2a:b4:64:42:aa:11:92:88:b3:
83:ea:94:a3:a8:1b:75:ed:e2:50:1f:e8:92:76:d3:
51:de:12:57:96:8c:9b:38:d0:f6:e4:2a:ae:75:17:
1b:46:87:ed:c2:5e:0d:76:06:53:37:14:4b:c3:84:
83:30:1e:a6:b9:e6:29:15:da:9c:b0:ff:41:fc:82:
81:02:3e:2a:a9:28:b1:84:b4:35:7b:6a:c4:4a:21:
e5:26:66:e0:46:e0:2c:33:97:ae:07:e9:b5:4e:67:
87:a9:c2:59:ef:9d:40:9a:51:82:cc:c0:a5:30:67:
eb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6E:84:E8:EE:B0:A6:02:D9:F6:92:98:4E:8A:32:DE:67:1E:81:33
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/9G6E6O6wpgLZ9pKYTooy3mcegTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.0.0/24
IPv6:
2001:678:230::/48
Signature Algorithm: sha256WithRSAEncryption
76:fd:d7:90:95:e3:fc:7e:dc:a0:d6:24:62:bc:cf:e0:3e:10:
e2:98:63:eb:6e:b4:a2:5f:c4:6a:b7:3b:d8:79:b7:0f:bd:b1:
a5:28:1e:d9:26:91:37:e9:c0:90:43:29:29:7f:f6:93:43:32:
f8:ac:7b:60:d4:93:f1:a9:d7:1b:4a:9c:79:9f:33:19:1c:3b:
50:04:ba:da:ce:88:8d:fa:c1:82:8c:95:7e:4b:37:82:82:21:
90:a8:3d:8a:58:f0:2e:d5:48:6b:cb:20:ce:52:7d:28:37:87:
de:e3:89:31:10:21:cc:68:15:be:14:60:32:32:84:ae:ca:82:
d9:bf:d3:69:99:85:e0:c0:c0:99:d1:1b:e9:58:5c:ec:9a:1d:
2c:82:b7:8b:bc:fb:3b:75:be:db:f4:91:95:89:76:56:c1:06:
3d:8e:09:18:a0:b8:fb:6b:75:d3:cc:ed:28:b9:2c:7c:e3:7c:
a9:57:ac:73:11:32:0e:da:79:d9:a6:d3:06:01:4e:11:07:d8:
16:9c:9e:f6:1b:cf:8b:0f:1d:6b:f0:63:6e:20:7e:32:b1:12:
23:26:f2:6c:19:75:e7:15:33:f7:36:df:87:6c:7a:6e:46:d5:
d9:07:13:17:35:ce:c7:32:b3:fc:e0:73:db:f1:d3:f4:d0:28:
31:80:a6:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQjalJXO4ubQvfiRbEOwcWZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwMTAxMTk0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZlODRlOGVlYjBhNjAyZDlmNjkyOTg0ZThhMzJkZTY3MWU4MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI2/TonZNVeYdwX8jQtggsBsjuSI
qSdmUr/A3ZJmrVay4ebMNl6Crj0OfAfedSie9wuHrCtLEzex6fK7ZXkhV8KF60Dc
j47ypobWSecrURRgN6+pxnLPLqjW9aSnNju+DcWsBED3v939WlxMSu0clrEoSx70
ueAQw0c0OVxpaklBtxR6ICtRPxuCgCUqtGRCqhGSiLOD6pSjqBt17eJQH+iSdtNR
3hJXloybOND25CqudRcbRoftwl4NdgZTNxRLw4SDMB6mueYpFdqcsP9B/IKBAj4q
qSixhLQ1e2rESiHlJmbgRuAsM5euB+m1TmeHqcJZ751AmlGCzMClMGfr3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPRuhOjusKYC2faSmE6KMt5nHoEzMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvOUc2RTZPNndwZ0xaOXBLWVRvb3kzbWNlZ1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwmgAMA8E
AgACMAkDBwAgAQZ4AjAwDQYJKoZIhvcNAQELBQADggEBAHb915CV4/x+3KDWJGK8
z+A+EOKYY+tutKJfxGq3O9h5tw+9saUoHtkmkTfpwJBDKSl/9pNDMvise2DUk/Gp
1xtKnHmfMxkcO1AEutrOiI36wYKMlX5LN4KCIZCoPYpY8C7VSGvLIM5SfSg3h97j
iTEQIcxoFb4UYDIyhK7Kgtm/02mZheDAwJnRG+lYXOyaHSyCt4u8+zt1vtv0kZWJ
dlbBBj2OCRiguPtrddPM7Si5LHzjfKlXrHMRMg7aedmm0wYBThEH2BacnvYbz4sP
HWvwY24gfjKxEiMm8mwZdecVM/c234dsem5G1dkHExc1zscys/zgc9vx0/TQKDGA
puA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:44:32 2025 by rpki-client