Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/f7Z0bxV6WvP6TrAA6OSBBYX4psA.roa
File: f7Z0bxV6WvP6TrAA6OSBBYX4psA.roa (raw, json)
Hash identifier: qklBjK4XVzTswZWfvulHwx5MudFa508UfN6c4zgN2sM=
Subject key identifier: 7F:B6:74:6F:15:7A:5A:F3:FA:4E:B0:00:E8:E4:81:05:85:F8:A6:C0
Certificate issuer: /CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Certificate serial: 01856D4ADE5A173115CE48B96672D029ED4E
Authority key identifier: 77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/f7Z0bxV6WvP6TrAA6OSBBYX4psA.roa
Signing time: Sun 01 Jan 2023 12:25:00 +0000
ROA not before: Sun 01 Jan 2023 12:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208249
IP address blocks: 2a06:1e81::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:de:5a:17:31:15:ce:48:b9:66:72:d0:29:ed:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77c8d8bbf05797a75a49c5d70f5971ecdec6dd93
Validity
Not Before: Jan 1 12:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7fb6746f157a5af3fa4eb000e8e4810585f8a6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a9:af:eb:1c:40:b3:41:0e:5c:c5:2f:03:7e:
68:c4:79:41:39:a1:5c:d7:a0:ce:e7:b7:3c:b7:1e:
74:46:36:e3:4c:fb:c7:93:32:78:c7:9a:12:c8:f5:
e5:52:ae:42:9c:da:cb:11:f1:f1:e7:aa:cd:40:58:
bf:96:5a:8d:81:22:ab:74:8c:e1:d4:52:62:d7:9c:
c8:6e:23:41:31:70:4e:87:d2:98:1c:ba:7e:46:2a:
1c:3c:92:ad:78:d0:81:f5:a7:92:b9:5b:ce:7e:eb:
a5:98:a7:01:05:db:37:c2:a8:7b:52:ce:a3:34:c1:
e8:39:a3:cc:66:32:65:83:57:84:e6:8b:fa:1f:0a:
63:33:16:6c:eb:51:ab:fe:ab:e8:a3:1b:50:e7:3f:
71:ff:aa:2c:8e:ff:1b:44:c8:cc:ff:e8:ec:67:b4:
ae:5a:33:fa:84:bf:14:c9:19:52:06:45:cf:cd:4e:
b4:56:83:2a:80:e3:28:2d:c2:bc:ba:a8:d5:54:08:
09:bd:1d:20:06:21:9a:db:96:70:bc:54:0c:a0:87:
46:e9:e6:e6:de:0b:c5:ba:cd:ba:0e:cb:e5:e4:de:
6f:b6:52:fb:a8:ff:11:a6:b5:a6:a0:d7:d6:75:03:
76:54:07:83:d1:09:e2:9a:76:ad:3c:81:79:25:15:
df:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B6:74:6F:15:7A:5A:F3:FA:4E:B0:00:E8:E4:81:05:85:F8:A6:C0
X509v3 Authority Key Identifier:
keyid:77:C8:D8:BB:F0:57:97:A7:5A:49:C5:D7:0F:59:71:EC:DE:C6:DD:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8jYu_BXl6daScXXD1lx7N7G3ZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/f7Z0bxV6WvP6TrAA6OSBBYX4psA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/45abde-5b44-471a-93d9-5345f7e74083/1/d8jYu_BXl6daScXXD1lx7N7G3ZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1e81::/32
Signature Algorithm: sha256WithRSAEncryption
86:fe:30:3c:35:3c:88:5f:f9:cf:a2:01:22:c6:39:19:6e:33:
96:48:b2:94:57:fa:f3:a7:40:4f:5c:34:51:77:0d:91:1b:c8:
a0:be:80:7b:1e:fe:e5:3a:fa:d3:16:7f:ce:74:c3:32:02:5d:
1a:60:b2:4c:e5:a8:57:83:1c:f7:90:b4:70:e6:c9:aa:01:b8:
18:2e:00:11:1a:34:ff:7c:dc:71:64:38:76:1a:a6:60:0b:38:
bb:86:e5:88:13:9e:97:99:4a:3c:7f:a3:18:d0:1c:b1:7e:fe:
e0:7d:7e:98:c0:ff:b8:e2:b3:56:fe:f1:3a:6e:5b:a8:88:60:
10:eb:26:58:18:b9:20:16:2a:3c:94:2e:78:b9:b6:43:38:8c:
13:15:20:98:7c:7e:e4:9e:21:a1:34:7d:cd:bd:1d:77:c4:8b:
4e:92:aa:b9:bf:1b:16:b3:d9:c8:9b:fe:fa:88:81:03:5b:a2:
1a:eb:b5:fd:6b:4e:f9:68:a9:10:22:0c:58:55:c7:6a:1e:a1:
04:57:59:36:31:e2:cf:21:c8:ce:29:b9:ab:93:b9:0e:41:c3:
93:c1:34:88:b3:c8:10:ce:41:02:8e:17:ff:36:61:5b:a8:eb:
10:71:af:99:2f:e1:36:a7:79:2b:d1:82:9a:4a:c4:71:eb:bd:
ff:02:04:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtSt5aFzEVzki5ZnLQKe1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YzhkOGJiZjA1Nzk3YTc1YTQ5YzVkNzBmNTk3MWVjZGVj
NmRkOTMwHhcNMjMwMTAxMTIyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmI2NzQ2ZjE1N2E1YWYzZmE0ZWIwMDBlOGU0ODEwNTg1ZjhhNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjamv6xxAs0EOXMUvA35oxHlBOaFc
16DO57c8tx50RjbjTPvHkzJ4x5oSyPXlUq5CnNrLEfHx56rNQFi/llqNgSKrdIzh
1FJi15zIbiNBMXBOh9KYHLp+RiocPJKteNCB9aeSuVvOfuulmKcBBds3wqh7Us6j
NMHoOaPMZjJlg1eE5ov6HwpjMxZs61Gr/qvooxtQ5z9x/6osjv8bRMjM/+jsZ7Su
WjP6hL8UyRlSBkXPzU60VoMqgOMoLcK8uqjVVAgJvR0gBiGa25ZwvFQMoIdG6ebm
3gvFus26Dsvl5N5vtlL7qP8RprWmoNfWdQN2VAeD0QnimnatPIF5JRXflwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFH+2dG8Velrz+k6wAOjkgQWF+KbAMB8GA1UdIwQY
MBaAFHfI2LvwV5enWknF1w9Zcezext2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhqWXVfQlhsNmRhU2NYWEQxbHg3TjdHM1pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC80NWFiZGUtNWI0NC00NzFhLTkzZDkt
NTM0NWY3ZTc0MDgzLzEvZjdaMGJ4VjZXdlA2VHJBQTZPU0JCWVg0cHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC80NWFiZGUtNWI0NC00NzFhLTkzZDktNTM0NWY3ZTc0MDgz
LzEvZDhqWXVfQlhsNmRhU2NYWEQxbHg3TjdHM1pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgYegTAN
BgkqhkiG9w0BAQsFAAOCAQEAhv4wPDU8iF/5z6IBIsY5GW4zlkiylFf686dAT1w0
UXcNkRvIoL6Aex7+5Tr60xZ/znTDMgJdGmCyTOWoV4Mc95C0cObJqgG4GC4AERo0
/3zccWQ4dhqmYAs4u4bliBOel5lKPH+jGNAcsX7+4H1+mMD/uOKzVv7xOm5bqIhg
EOsmWBi5IBYqPJQueLm2QziMExUgmHx+5J4hoTR9zb0dd8SLTpKqub8bFrPZyJv+
+oiBA1uiGuu1/WtO+WipECIMWFXHah6hBFdZNjHizyHIzim5q5O5DkHDk8E0iLPI
EM5BAo4X/zZhW6jrEHGvmS/hNqd5K9GCmkrEceu9/wIEVg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:29 2025 by rpki-client