Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/6f9DfsZDUzdPo3_6eNoeG4QK_-I.roa
File: 6f9DfsZDUzdPo3_6eNoeG4QK_-I.roa (raw, json)
Hash identifier: 4tclq8R1V/fdbnM4AvEGc3ZJVkHqia0uVMOBrni8yPk=
Subject key identifier: E9:FF:43:7E:C6:43:53:37:4F:A3:7F:FA:78:DA:1E:1B:84:0A:FF:E2
Certificate issuer: /CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1
Certificate serial: 0194266C43E782E6245446D9BD3BDA09882A
Authority key identifier: AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/6f9DfsZDUzdPo3_6eNoeG4QK_-I.roa
Signing time: Thu 02 Jan 2025 09:50:16 +0000
ROA not before: Thu 02 Jan 2025 09:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28935
IP address blocks: 195.47.206.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:43:e7:82:e6:24:54:46:d9:bd:3b:da:09:88:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1
Validity
Not Before: Jan 2 09:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9ff437ec64353374fa37ffa78da1e1b840affe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f2:13:e2:40:b4:0c:fe:46:bd:7a:d3:35:89:
04:75:ad:78:f7:12:c1:40:69:81:92:15:21:04:ce:
82:c1:13:fc:5f:e3:13:82:e1:8c:e9:3c:76:4a:23:
78:79:c0:00:40:c6:10:d7:3a:7e:26:3b:75:21:13:
f5:32:66:59:05:9e:3d:1e:da:d0:34:f4:e3:75:06:
58:56:95:8b:4c:6a:39:7a:d4:f9:e7:ce:6f:da:3e:
63:e2:13:73:99:9d:03:6e:47:1a:18:eb:09:c6:10:
ac:9c:5a:c0:5b:43:e4:f2:79:a5:91:da:cc:d1:a5:
0a:d8:c8:fa:b3:12:30:1e:3e:28:82:6a:44:2c:e6:
40:68:78:41:f4:7e:97:67:e5:59:4c:8c:57:5a:02:
ab:72:e4:8b:09:b3:ca:59:df:b9:59:9b:d8:2d:d9:
9d:a8:fd:a6:ca:32:61:cc:4c:45:ea:bf:0a:17:5a:
e1:d1:92:d5:ca:15:1c:9b:ff:ee:14:36:d5:fe:44:
5d:07:32:65:cc:e5:7e:6e:a8:59:a1:b2:5c:fb:36:
03:f5:8f:5d:3b:be:f6:b0:39:b8:50:ef:31:54:46:
e9:97:76:9e:37:36:70:37:cc:57:1d:78:1d:e9:d3:
b9:cd:1d:d7:15:da:fe:d6:5d:e0:4c:2b:a3:6e:21:
9e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:FF:43:7E:C6:43:53:37:4F:A3:7F:FA:78:DA:1E:1B:84:0A:FF:E2
X509v3 Authority Key Identifier:
keyid:AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/6f9DfsZDUzdPo3_6eNoeG4QK_-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.206.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f3:dc:cb:0d:c2:44:54:ac:c8:49:3d:88:0e:d6:af:ee:bc:
a9:e7:9e:84:2d:8a:4e:8b:48:aa:48:b4:14:c0:12:83:f1:74:
95:5e:37:ee:51:a3:35:03:51:d9:43:c7:ac:29:1c:df:2f:4e:
93:b5:63:3e:7f:f1:15:f2:bd:ed:28:1c:cf:90:6b:77:d6:52:
d1:17:84:d3:48:06:3f:d3:ef:9a:8e:4e:86:0b:36:f0:7b:5a:
d5:49:2f:67:43:b2:53:c9:f9:ac:ea:59:7c:34:13:e1:6e:12:
0a:54:6f:b2:d0:04:f1:de:43:ec:ba:67:ae:39:9a:c5:e8:3e:
80:f9:31:07:a9:07:a2:0d:65:72:d3:c2:25:d6:fe:2c:5c:36:
e6:01:37:21:4c:60:36:e4:dd:ae:26:c6:51:f1:4f:72:4b:42:
f1:9b:e9:f3:22:5e:42:cb:3d:4a:de:d6:1b:97:bf:02:3b:f2:
d6:25:fd:30:44:9e:f9:95:e3:4d:bc:78:68:a8:6b:f2:15:09:
7b:b6:da:7f:34:4a:ae:8e:dd:1c:b6:46:3d:a3:df:9f:47:10:
dd:40:7e:56:02:9e:28:d6:b8:63:38:85:47:95:c4:af:3d:0d:
3c:00:85:3b:ae:32:bd:1d:fa:7f:fc:13:8f:f3:50:7b:75:3b:
61:16:36:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbEPnguYkVEbZvTvaCYgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMjFkZDJmNzcyYTViYjQ3OTI1YzI4YmI1ZDE2Y2Q5MzBm
MjA2YjEwHhcNMjUwMTAyMDk1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWZmNDM3ZWM2NDM1MzM3NGZhMzdmZmE3OGRhMWUxYjg0MGFmZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/IT4kC0DP5GvXrTNYkEda149xLB
QGmBkhUhBM6CwRP8X+MTguGM6Tx2SiN4ecAAQMYQ1zp+Jjt1IRP1MmZZBZ49HtrQ
NPTjdQZYVpWLTGo5etT5585v2j5j4hNzmZ0DbkcaGOsJxhCsnFrAW0Pk8nmlkdrM
0aUK2Mj6sxIwHj4ogmpELOZAaHhB9H6XZ+VZTIxXWgKrcuSLCbPKWd+5WZvYLdmd
qP2myjJhzExF6r8KF1rh0ZLVyhUcm//uFDbV/kRdBzJlzOV+bqhZobJc+zYD9Y9d
O772sDm4UO8xVEbpl3aeNzZwN8xXHXgd6dO5zR3XFdr+1l3gTCujbiGeSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOn/Q37GQ1M3T6N/+njaHhuECv/iMB8GA1UdIwQY
MBaAFK8h3S93Klu0eSXCi7XRbNkw8gaxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEt
NTUyZTUxNTQyZDRkLzEvNmY5RGZzWkRVemRQbzNfNmVOb2VHNFFLXy1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEtNTUyZTUxNTQyZDRk
LzEvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/OMA0G
CSqGSIb3DQEBCwUAA4IBAQAh89zLDcJEVKzIST2IDtav7ryp556ELYpOi0iqSLQU
wBKD8XSVXjfuUaM1A1HZQ8esKRzfL06TtWM+f/EV8r3tKBzPkGt31lLRF4TTSAY/
0++ajk6GCzbwe1rVSS9nQ7JTyfms6ll8NBPhbhIKVG+y0ATx3kPsumeuOZrF6D6A
+TEHqQeiDWVy08Il1v4sXDbmATchTGA25N2uJsZR8U9yS0Lxm+nzIl5Cyz1K3tYb
l78CO/LWJf0wRJ75leNNvHhoqGvyFQl7ttp/NEqujt0ctkY9o9+fRxDdQH5WAp4o
1rhjOIVHlcSvPQ08AIU7rjK9Hfp//BOP81B7dTthFjaL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:26 2025 by rpki-client