Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/vFC2uylNiU2-KynZ7D80tgt5RFs.roa
File: vFC2uylNiU2-KynZ7D80tgt5RFs.roa (raw, json)
Hash identifier: QeSBEhAjlJvU31T+N79Cbo6bfDL5IEBI1tHuOBKwUeM=
Subject key identifier: BC:50:B6:BB:29:4D:89:4D:BE:2B:29:D9:EC:3F:34:B6:0B:79:44:5B
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01942823D5D509B26E2AA34F64382DCDE568
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/vFC2uylNiU2-KynZ7D80tgt5RFs.roa
Signing time: Thu 02 Jan 2025 17:50:24 +0000
ROA not before: Thu 02 Jan 2025 17:50:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207806
IP address blocks: 2a00:7180:8004::/46 maxlen: 46
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:d5:d5:09:b2:6e:2a:a3:4f:64:38:2d:cd:e5:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 17:50:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc50b6bb294d894dbe2b29d9ec3f34b60b79445b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:49:5f:94:c4:23:49:2c:bf:45:e9:78:0d:4c:
d5:2f:ba:58:2f:80:fb:c0:ba:35:fe:21:e6:3b:f0:
22:0b:dc:1e:3f:ee:fd:61:57:bc:6f:8c:9d:96:69:
34:67:39:15:ba:86:f1:ea:98:6c:7a:c0:a4:c2:ca:
dc:29:08:f0:81:9e:b3:b0:bd:2a:de:ed:57:da:13:
bb:ad:8b:10:df:5c:f1:db:93:51:e5:92:30:a5:7f:
32:5e:4c:a6:35:bb:54:da:3e:fc:23:44:48:b7:d1:
86:4a:01:04:88:54:bd:06:3a:cc:e9:e4:07:45:8c:
09:31:87:3e:9e:e9:11:51:d2:b0:a0:5f:cd:63:de:
35:e2:a2:af:a1:80:24:55:fc:6b:3a:d2:12:df:38:
90:9c:a0:06:83:2b:bf:de:55:8b:1c:e8:84:25:f8:
92:d7:9b:49:f8:8e:93:89:0b:4d:04:36:ee:b1:80:
6b:78:58:f5:8b:cf:80:74:cc:90:d2:98:b8:99:b2:
97:3b:a7:4b:45:d8:ec:09:24:99:6d:be:2b:f3:72:
94:5c:17:cc:11:3c:10:4d:d5:41:30:12:f2:2f:c0:
f6:da:e6:2c:3b:7b:fc:34:6e:68:9e:fd:96:3e:67:
18:a8:0f:7e:fc:4d:60:89:38:41:aa:5d:c3:5c:2d:
4a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:50:B6:BB:29:4D:89:4D:BE:2B:29:D9:EC:3F:34:B6:0B:79:44:5B
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/vFC2uylNiU2-KynZ7D80tgt5RFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:7180:8004::/46
Signature Algorithm: sha256WithRSAEncryption
00:14:45:72:bb:8e:e9:bf:c8:ee:fa:c9:d0:fe:7d:24:c5:17:
04:a9:17:7b:d1:bf:d2:8d:8b:8f:44:2b:e8:6c:e0:4f:a3:9d:
bb:bb:08:c5:f3:fc:85:66:c3:5d:f8:43:9c:0c:10:c0:ea:79:
41:73:45:35:3b:96:d4:4a:f0:58:86:29:67:42:11:c2:03:5a:
dc:b9:92:83:f1:7a:88:81:8a:8f:2d:ba:4d:bc:12:5b:64:1a:
a2:75:5b:22:6d:46:7c:82:74:fc:8a:91:77:a9:1c:d9:77:16:
eb:6e:e5:5f:0f:b3:ee:47:f7:4f:3e:66:82:5f:ef:34:09:3f:
33:10:c4:23:72:13:37:cc:ed:88:d1:7e:65:15:26:52:9e:d3:
5a:c4:6e:dc:58:6a:03:24:08:e2:9e:4f:92:b2:8c:1f:f6:4b:
c1:2d:0e:54:17:cd:1d:14:fe:ee:f8:f9:7c:6f:b0:d3:98:c1:
d7:d4:19:21:be:47:bd:4a:34:c4:7b:67:55:13:22:0a:16:4f:
80:c3:c8:82:ad:bb:80:bb:07:c6:f6:1c:20:ca:da:d7:af:a0:
ec:0e:9b:fd:55:83:1f:20:13:0e:e7:b2:ae:56:9e:11:13:ce:
94:3b:97:b5:70:b1:62:33:40:d1:4c:ff:46:3c:9c:4f:97:5e:
fb:07:b0:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoI9XVCbJuKqNPZDgtzeVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUwMTAyMTc1MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzUwYjZiYjI5NGQ4OTRkYmUyYjI5ZDllYzNmMzRiNjBiNzk0NDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApklflMQjSSy/Rel4DUzVL7pYL4D7
wLo1/iHmO/AiC9weP+79YVe8b4ydlmk0ZzkVuobx6phsesCkwsrcKQjwgZ6zsL0q
3u1X2hO7rYsQ31zx25NR5ZIwpX8yXkymNbtU2j78I0RIt9GGSgEEiFS9BjrM6eQH
RYwJMYc+nukRUdKwoF/NY9414qKvoYAkVfxrOtIS3ziQnKAGgyu/3lWLHOiEJfiS
15tJ+I6TiQtNBDbusYBreFj1i8+AdMyQ0pi4mbKXO6dLRdjsCSSZbb4r83KUXBfM
ETwQTdVBMBLyL8D22uYsO3v8NG5onv2WPmcYqA9+/E1giThBql3DXC1KBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLxQtrspTYlNvisp2ew/NLYLeURbMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvdkZDMnV5bE5pVTItS3luWjdEODB0Z3Q1UkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgBxgIAE
MA0GCSqGSIb3DQEBCwUAA4IBAQAAFEVyu47pv8ju+snQ/n0kxRcEqRd70b/SjYuP
RCvobOBPo527uwjF8/yFZsNd+EOcDBDA6nlBc0U1O5bUSvBYhilnQhHCA1rcuZKD
8XqIgYqPLbpNvBJbZBqidVsibUZ8gnT8ipF3qRzZdxbrbuVfD7PuR/dPPmaCX+80
CT8zEMQjchM3zO2I0X5lFSZSntNaxG7cWGoDJAjink+Ssowf9kvBLQ5UF80dFP7u
+Pl8b7DTmMHX1Bkhvke9SjTEe2dVEyIKFk+Aw8iCrbuAuwfG9hwgytrXr6DsDpv9
VYMfIBMO57KuVp4RE86UO5e1cLFiM0DRTP9GPJxPl177B7Ay
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:22:22 2025 by rpki-client