Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/6Eu48A2naORFxVzqOyvVy22s9h0.roa
File: 6Eu48A2naORFxVzqOyvVy22s9h0.roa (raw, json)
Hash identifier: fhtlyh/P4f7kq9tfdwrHFKoZCegblT5+ms+oZBHVNCM=
Subject key identifier: E8:4B:B8:F0:0D:A7:68:E4:45:C5:5C:EA:3B:2B:D5:CB:6D:AC:F6:1D
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018F4D4547404B7D8D1D042832BF2AEAE0EB
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/6Eu48A2naORFxVzqOyvVy22s9h0.roa
Signing time: Mon 06 May 2024 09:38:56 +0000
ROA not before: Mon 06 May 2024 09:38:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205227
IP address blocks: 2a03:b2c0::/29 maxlen: 29
2a09:9c0::/29 maxlen: 29
2a09:7240::/29 maxlen: 29
2a09:a780::/29 maxlen: 29
2a09:a780::/30 maxlen: 30
2a09:a784::/30 maxlen: 30
2a0d:df40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4d:45:47:40:4b:7d:8d:1d:04:28:32:bf:2a:ea:e0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: May 6 09:38:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e84bb8f00da768e445c55cea3b2bd5cb6dacf61d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f7:1f:46:11:40:2d:c5:d9:aa:d2:25:a4:39:
98:cd:a6:78:f3:92:7e:e9:cd:22:3c:0a:6e:4d:6e:
c1:94:4d:81:0e:6c:e5:5c:41:45:41:87:03:01:3b:
e5:34:e8:b6:d1:fa:67:c5:dd:70:db:d2:9c:27:77:
c2:55:2e:3d:0b:33:bc:92:61:35:6e:2c:51:f5:2f:
da:cb:01:08:86:c8:41:e0:f5:11:43:bf:8e:76:6f:
67:eb:17:98:dd:db:ac:73:e4:85:f0:16:65:3e:4b:
7e:02:34:83:e4:a4:85:a7:27:a5:e5:30:dc:66:9b:
e2:ff:aa:57:27:2f:e6:1f:ce:51:1a:d0:0a:46:0d:
c5:7d:8e:bb:b0:4c:ed:b6:e9:4a:23:26:43:79:37:
8b:1a:80:a6:dc:93:c4:6d:ad:b0:4f:75:30:cd:27:
b6:8f:75:7a:ca:fc:ff:b8:0e:dc:0e:fd:86:a7:2d:
45:be:00:28:f4:08:f4:b8:9a:73:1a:83:c3:5c:7f:
fc:64:2e:cb:13:4a:e9:38:e0:fd:3d:b4:8a:86:14:
0d:2e:bc:36:90:36:dd:27:72:3d:80:dd:63:52:eb:
ea:85:31:4a:e6:eb:c6:c5:9f:91:64:3e:fc:73:0b:
c4:90:97:91:e7:42:65:32:05:6c:d4:52:a5:7d:67:
74:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:4B:B8:F0:0D:A7:68:E4:45:C5:5C:EA:3B:2B:D5:CB:6D:AC:F6:1D
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/6Eu48A2naORFxVzqOyvVy22s9h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b2c0::/29
2a09:9c0::/29
2a09:7240::/29
2a09:a780::/29
2a0d:df40::/29
Signature Algorithm: sha256WithRSAEncryption
3f:fb:91:7f:96:da:ec:26:4d:9c:94:e5:84:db:90:90:f1:68:
18:bd:e7:25:6f:69:32:13:93:ea:d5:0b:8f:bb:49:a7:01:2a:
ca:c9:cb:fa:6b:f2:3a:df:84:76:fa:7e:0b:20:23:d7:2f:1b:
c6:eb:8a:78:46:3d:4a:c5:39:c8:1c:b6:4b:70:43:da:3d:89:
56:6a:63:5b:80:e3:2f:49:87:da:f5:91:7c:e8:69:8e:ac:63:
3f:ec:67:95:9a:a3:24:13:b8:39:e6:d3:fa:33:c0:de:73:05:
5c:7d:19:d4:18:8f:6d:58:d0:06:4b:ac:87:0b:34:db:fb:20:
86:7d:60:06:49:83:c7:d4:1f:fe:fa:d9:61:65:ea:7b:eb:d0:
c4:25:fe:72:d1:1a:cb:d1:4c:8e:10:21:45:20:f4:32:a6:41:
b4:e4:e1:73:73:55:26:a9:41:e1:11:03:65:53:0a:de:55:dd:
e0:c5:54:57:76:69:83:c9:1b:67:f1:34:1b:6b:78:f9:be:11:
07:dc:eb:64:0c:4b:ce:fd:ae:74:b4:b5:a8:94:ac:7d:eb:b8:
8d:16:68:a8:95:ad:00:de:ac:9b:42:bc:0c:9b:81:a5:0e:a1:
a1:7c:c8:ef:34:cf:4c:09:e1:28:ee:72:c8:76:02:72:be:37:
ee:7a:ff:52
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY9NRUdAS32NHQQoMr8q6uDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwNTA2MDkzODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODRiYjhmMDBkYTc2OGU0NDVjNTVjZWEzYjJiZDVjYjZkYWNmNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/cfRhFALcXZqtIlpDmYzaZ485J+
6c0iPApuTW7BlE2BDmzlXEFFQYcDATvlNOi20fpnxd1w29KcJ3fCVS49CzO8kmE1
bixR9S/aywEIhshB4PURQ7+Odm9n6xeY3dusc+SF8BZlPkt+AjSD5KSFpyel5TDc
Zpvi/6pXJy/mH85RGtAKRg3FfY67sEzttulKIyZDeTeLGoCm3JPEba2wT3UwzSe2
j3V6yvz/uA7cDv2Gpy1FvgAo9Aj0uJpzGoPDXH/8ZC7LE0rpOOD9PbSKhhQNLrw2
kDbdJ3I9gN1jUuvqhTFK5uvGxZ+RZD78cwvEkJeR50JlMgVs1FKlfWd0xQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOhLuPANp2jkRcVc6jsr1cttrPYdMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvNkV1NDhBMm5hT1JGeFZ6cU95dlZ5MjJzOWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgOywAMF
AyoJCcADBQMqCXJAAwUDKgmngAMFAyoN30AwDQYJKoZIhvcNAQELBQADggEBAD/7
kX+W2uwmTZyU5YTbkJDxaBi95yVvaTITk+rVC4+7SacBKsrJy/pr8jrfhHb6fgsg
I9cvG8brinhGPUrFOcgctktwQ9o9iVZqY1uA4y9Jh9r1kXzoaY6sYz/sZ5WaoyQT
uDnm0/ozwN5zBVx9GdQYj21Y0AZLrIcLNNv7IIZ9YAZJg8fUH/762WFl6nvr0MQl
/nLRGsvRTI4QIUUg9DKmQbTk4XNzVSapQeERA2VTCt5V3eDFVFd2aYPJG2fxNBtr
ePm+EQfc62QMS879rnS0taiUrH3ruI0WaKiVrQDerJtCvAybgaUOoaF8yO80z0wJ
4Sjucsh2AnK+N+56/1I=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:02 2025 by rpki-client