Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/_ySRDLzQdwiGbOJn6VG0WghGnvs.roa
File: _ySRDLzQdwiGbOJn6VG0WghGnvs.roa (raw, json)
Hash identifier: iftvJSfyvy0E59eeWCgB+fQqIp2vGxrZU/nTeE6jx9c=
Subject key identifier: FF:24:91:0C:BC:D0:77:08:86:6C:E2:67:E9:51:B4:5A:08:46:9E:FB
Certificate issuer: /CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Certificate serial: 01942369805FF4E32B6E3198BE5705E26726
Authority key identifier: 9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/_ySRDLzQdwiGbOJn6VG0WghGnvs.roa
Signing time: Wed 01 Jan 2025 19:48:24 +0000
ROA not before: Wed 01 Jan 2025 19:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215434
IP address blocks: 2a01:efc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:80:5f:f4:e3:2b:6e:31:98:be:57:05:e2:67:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3ec21e10f3646e4dc0e23f5f7ec44501560de3
Validity
Not Before: Jan 1 19:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff24910cbcd07708866ce267e951b45a08469efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7e:f5:af:00:c8:85:5c:d1:87:3a:75:1d:b7:
20:62:7f:a2:d4:14:ff:93:24:4a:87:0f:e1:73:a6:
29:4d:50:5e:3f:7f:ad:f6:a8:61:f8:a5:e5:b2:03:
86:0b:9f:f7:9b:0d:6f:8c:9e:7a:a2:d8:09:36:cd:
55:61:03:33:15:9a:47:db:49:9d:60:3d:9f:a6:a6:
cf:e8:ab:8d:eb:43:a7:34:7f:6e:a9:81:41:07:62:
af:55:84:57:12:38:36:26:13:65:74:d6:97:e3:0c:
79:d7:ce:96:f4:00:30:d0:44:1b:39:40:0f:c6:e1:
9b:35:ec:af:66:fa:2b:f1:e8:8c:fa:c4:2c:d4:7c:
a5:b2:53:43:17:e6:04:7d:18:69:7f:ff:db:02:73:
7e:ea:43:f6:7e:eb:81:97:ca:39:81:59:cc:2a:9a:
0a:26:5c:45:62:98:0a:97:24:79:45:b4:dc:7f:0b:
f0:e6:a2:b4:03:34:94:ca:6c:fa:96:9a:a2:7c:0a:
9d:ac:e8:72:2d:b0:61:2b:61:79:2f:1c:3f:90:10:
a9:a1:da:a0:de:7d:62:96:6a:ce:21:b2:2b:ff:e3:
a8:f3:eb:c7:19:c4:8a:d7:44:8f:ce:a2:04:3c:22:
0d:84:b2:b1:2c:c0:ca:22:41:55:d1:05:76:f2:93:
4f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:24:91:0C:BC:D0:77:08:86:6C:E2:67:E9:51:B4:5A:08:46:9E:FB
X509v3 Authority Key Identifier:
keyid:9F:3E:C2:1E:10:F3:64:6E:4D:C0:E2:3F:5F:7E:C4:45:01:56:0D:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nz7CHhDzZG5NwOI_X37ERQFWDeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/_ySRDLzQdwiGbOJn6VG0WghGnvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/6bafe9-878b-46fd-a305-7ba25d5595fa/1/nz7CHhDzZG5NwOI_X37ERQFWDeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:efc0::/29
Signature Algorithm: sha256WithRSAEncryption
37:91:5e:cb:64:15:40:4e:d7:76:73:6e:a9:bc:fd:19:2d:d2:
7d:e2:4e:f3:c5:bc:4d:7b:aa:09:b3:e7:e0:a6:e7:dd:1c:5d:
ff:17:48:89:cb:c1:64:1a:5e:e2:17:b8:13:1b:b2:7b:73:4f:
04:e7:70:f3:5c:40:35:c8:a4:08:7f:4f:a0:32:01:73:5f:43:
a4:0f:2b:53:ec:fe:79:88:c0:91:01:78:eb:16:ba:e3:4d:f1:
7b:87:fd:74:cc:99:f4:dc:cd:d2:bf:d9:dd:a0:68:22:b2:d2:
c9:b1:1f:26:be:68:3b:7b:90:c6:c9:95:82:82:1e:9a:07:9c:
4d:89:6d:7f:86:4b:1c:6f:73:c8:12:69:54:1c:91:d8:43:2f:
3b:7e:db:8d:ca:e0:ac:4b:3c:0b:89:8f:0d:a5:b5:40:72:90:
c4:88:b1:54:a6:c1:a1:a5:56:99:98:c7:d9:97:2a:09:47:b3:
8b:62:ca:65:ac:6b:87:e6:e9:4d:20:59:f2:ec:84:2d:5b:30:
ff:a8:25:10:2b:97:fe:26:28:66:9f:c1:dc:80:14:89:d4:b2:
00:12:e2:cf:94:00:ab:0a:a1:a6:97:45:0c:30:95:94:ee:89:
03:89:bf:80:c9:36:a9:04:d3:dc:ad:07:c8:f0:2e:3a:7e:e1:
ec:dc:2c:cf
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjaYBf9OMrbjGYvlcF4mcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmM2VjMjFlMTBmMzY0NmU0ZGMwZTIzZjVmN2VjNDQ1MDE1
NjBkZTMwHhcNMjUwMTAxMTk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjI0OTEwY2JjZDA3NzA4ODY2Y2UyNjdlOTUxYjQ1YTA4NDY5ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx371rwDIhVzRhzp1HbcgYn+i1BT/
kyRKhw/hc6YpTVBeP3+t9qhh+KXlsgOGC5/3mw1vjJ56otgJNs1VYQMzFZpH20md
YD2fpqbP6KuN60OnNH9uqYFBB2KvVYRXEjg2JhNldNaX4wx5186W9AAw0EQbOUAP
xuGbNeyvZvor8eiM+sQs1HylslNDF+YEfRhpf//bAnN+6kP2fuuBl8o5gVnMKpoK
JlxFYpgKlyR5RbTcfwvw5qK0AzSUymz6lpqifAqdrOhyLbBhK2F5Lxw/kBCpodqg
3n1ilmrOIbIr/+Oo8+vHGcSK10SPzqIEPCINhLKxLMDKIkFV0QV28pNP8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFP8kkQy80HcIhmziZ+lRtFoIRp77MB8GA1UdIwQY
MBaAFJ8+wh4Q82RuTcDiP19+xEUBVg3jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUt
N2JhMjVkNTU5NWZhLzEvX3lTUkRMelFkd2lHYk9KbjZWRzBXZ2hHbnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82YmFmZTktODc4Yi00NmZkLWEzMDUtN2JhMjVkNTU5NWZh
LzEvbno3Q0hoRHpaRzVOd09JX1gzN0VSUUZXRGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHvwDAN
BgkqhkiG9w0BAQsFAAOCAQEAN5Fey2QVQE7XdnNuqbz9GS3SfeJO88W8TXuqCbPn
4Kbn3Rxd/xdIicvBZBpe4he4Exuye3NPBOdw81xANcikCH9PoDIBc19DpA8rU+z+
eYjAkQF46xa6403xe4f9dMyZ9NzN0r/Z3aBoIrLSybEfJr5oO3uQxsmVgoIemgec
TYltf4ZLHG9zyBJpVByR2EMvO37bjcrgrEs8C4mPDaW1QHKQxIixVKbBoaVWmZjH
2ZcqCUezi2LKZaxrh+bpTSBZ8uyELVsw/6glECuX/iYoZp/B3IAUidSyABLiz5QA
qwqhppdFDDCVlO6JA4m/gMk2qQTT3K0HyPAuOn7h7Nwszw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:07:04 2025 by rpki-client