Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/b6UW1tvVhKaihZbrk6nssRPknbs.roa
File: b6UW1tvVhKaihZbrk6nssRPknbs.roa (raw, json)
Hash identifier: QmK7kF1BerU748iQ2k1xl3BS/9DSC/JQFMkkMFACix0=
Subject key identifier: 6F:A5:16:D6:DB:D5:84:A6:A2:85:96:EB:93:A9:EC:B1:13:E4:9D:BB
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 019409B1DE24B9D572E0F4CF08987EE6C5E6
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/b6UW1tvVhKaihZbrk6nssRPknbs.roa
Signing time: Fri 27 Dec 2024 19:57:19 +0000
ROA not before: Fri 27 Dec 2024 19:57:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57327
IP address blocks: 192.211.0.0/24 maxlen: 24
2a0a:3507::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:09:b1:de:24:b9:d5:72:e0:f4:cf:08:98:7e:e6:c5:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Dec 27 19:57:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fa516d6dbd584a6a28596eb93a9ecb113e49dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:22:b8:50:5b:ff:1d:21:a1:7f:e2:e0:d2:c3:
37:0b:3e:85:d6:d5:42:47:ac:f8:73:93:d5:0d:ab:
ca:fb:f7:1b:71:f3:fa:bd:d1:23:7c:0e:87:32:c9:
6d:b0:33:b0:63:70:ec:1d:05:db:a8:ce:ad:8d:47:
cf:9b:16:2f:6b:56:ee:65:9a:e6:78:ec:9d:5f:4a:
ca:d5:b3:66:76:ec:f8:b9:3a:56:a7:77:ae:a1:84:
f7:f1:50:10:05:32:c2:f6:64:9a:cd:54:d9:fb:c7:
c1:a8:1b:1f:d7:42:0f:82:ea:2c:8c:aa:f7:cc:06:
24:8b:50:f0:a7:e4:d7:44:82:4f:a2:f8:d6:fb:09:
07:bf:39:53:94:6f:ae:c0:b2:cc:15:5f:36:d7:e2:
71:01:4c:94:ef:a4:01:1d:01:c5:d2:41:f6:42:67:
a6:75:1f:4c:81:a8:c1:6b:c2:25:15:54:a5:02:9d:
16:40:30:9a:a5:13:1b:67:ba:36:f7:87:42:df:1b:
56:da:17:34:fc:0b:bb:1a:c1:78:d4:94:6f:d1:27:
64:19:b3:2f:aa:bf:e6:0d:9c:26:39:bc:4a:b6:5d:
d3:93:79:9c:85:62:a9:d0:ca:b7:a8:11:6e:e1:61:
d1:e5:63:45:d6:d9:7e:a5:37:1e:0c:42:e6:85:36:
bd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A5:16:D6:DB:D5:84:A6:A2:85:96:EB:93:A9:EC:B1:13:E4:9D:BB
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/b6UW1tvVhKaihZbrk6nssRPknbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.211.0.0/24
IPv6:
2a0a:3507::/48
Signature Algorithm: sha256WithRSAEncryption
06:ed:f7:0d:b1:59:85:12:9b:66:16:c7:6f:dc:5d:7f:b4:18:
cd:62:82:a5:b9:48:cc:0e:77:17:5c:cd:a7:1a:e9:d8:0c:0d:
6e:19:70:1b:25:25:a1:dd:ea:c5:ff:b6:d2:15:bc:39:a9:37:
29:84:b3:49:d1:3a:45:f4:ea:5f:1e:da:8d:37:b3:1c:20:8e:
76:40:3d:4f:b5:aa:fe:a9:82:61:1d:2c:38:74:cf:ab:06:0a:
a9:63:88:2c:bc:04:8f:d3:8b:bf:9a:1c:51:eb:6e:58:78:64:
07:08:78:07:5c:bf:d7:f2:d0:c3:e9:c6:87:49:a9:4b:8c:5a:
b1:07:e3:ad:aa:b8:7e:a2:47:0c:8b:3b:80:8b:5f:4d:47:c3:
1b:4e:62:25:d0:c3:52:23:75:30:f7:44:33:8c:f7:3b:e8:84:
f2:49:b0:e9:c0:f7:e0:b5:5c:90:5f:15:90:3f:51:b8:44:49:
3b:99:0d:80:e7:b1:1e:70:91:97:7e:96:65:3f:aa:b0:20:13:
67:41:f3:36:87:66:04:36:c8:3e:09:6b:b0:7b:7c:bc:92:31:
7e:5c:ee:b5:78:17:3c:87:be:49:c0:45:54:ab:11:5a:6a:76:
d9:f2:29:a8:06:5e:04:22:58:e8:86:14:95:93:91:ad:8b:8e:
2b:52:15:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQJsd4kudVy4PTPCJh+5sXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjQxMjI3MTk1NzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmE1MTZkNmRiZDU4NGE2YTI4NTk2ZWI5M2E5ZWNiMTEzZTQ5ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyK4UFv/HSGhf+Lg0sM3Cz6F1tVC
R6z4c5PVDavK+/cbcfP6vdEjfA6HMsltsDOwY3DsHQXbqM6tjUfPmxYva1buZZrm
eOydX0rK1bNmduz4uTpWp3euoYT38VAQBTLC9mSazVTZ+8fBqBsf10IPguosjKr3
zAYki1Dwp+TXRIJPovjW+wkHvzlTlG+uwLLMFV821+JxAUyU76QBHQHF0kH2Qmem
dR9MgajBa8IlFVSlAp0WQDCapRMbZ7o294dC3xtW2hc0/Au7GsF41JRv0SdkGbMv
qr/mDZwmObxKtl3Tk3mchWKp0Mq3qBFu4WHR5WNF1tl+pTceDELmhTa9iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG+lFtbb1YSmooWW65Op7LET5J27MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvYjZVVzF0dlZoS2FpaFpicms2bnNzUlBrbmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwNMAMA8E
AgACMAkDBwAqCjUHAAAwDQYJKoZIhvcNAQELBQADggEBAAbt9w2xWYUSm2YWx2/c
XX+0GM1igqW5SMwOdxdczaca6dgMDW4ZcBslJaHd6sX/ttIVvDmpNymEs0nROkX0
6l8e2o03sxwgjnZAPU+1qv6pgmEdLDh0z6sGCqljiCy8BI/Ti7+aHFHrblh4ZAcI
eAdcv9fy0MPpxodJqUuMWrEH462quH6iRwyLO4CLX01HwxtOYiXQw1IjdTD3RDOM
9zvohPJJsOnA9+C1XJBfFZA/UbhESTuZDYDnsR5wkZd+lmU/qrAgE2dB8zaHZgQ2
yD4Ja7B7fLySMX5c7rV4FzyHvknARVSrEVpqdtnyKagGXgQiWOiGFJWTka2LjitS
FYo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:19 2025 by rpki-client