Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/rYFL1WIWkdmkPcEVGgEE0gSrUrI.roa
File: rYFL1WIWkdmkPcEVGgEE0gSrUrI.roa (raw, json)
Hash identifier: eZdWD46woZaX5xOLNtB6wzK8ZhELlZ7IAp/5CIcACD0=
Subject key identifier: AD:81:4B:D5:62:16:91:D9:A4:3D:C1:15:1A:01:04:D2:04:AB:52:B2
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019335F9987192103C0875CFAD7A5D3F20E1
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/rYFL1WIWkdmkPcEVGgEE0gSrUrI.roa
Signing time: Sat 16 Nov 2024 17:16:10 +0000
ROA not before: Sat 16 Nov 2024 17:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214168
IP address blocks: 2a0d:7340::/29 maxlen: 29
2a0d:9440::/29 maxlen: 29
2a0f:9480::/29 maxlen: 29
2a10:5d40::/29 maxlen: 29
2a10:9580::/29 maxlen: 29
2a11:3d40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:35:f9:98:71:92:10:3c:08:75:cf:ad:7a:5d:3f:20:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Nov 16 17:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad814bd5621691d9a43dc1151a0104d204ab52b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2b:98:10:d2:46:a6:c0:87:eb:78:43:da:fb:
63:67:08:ad:6a:3b:f2:41:58:95:e1:e4:9a:fb:e6:
12:dc:c0:45:29:9a:88:bd:5f:1d:54:b0:a5:6f:ff:
89:ae:22:2f:d7:9d:c4:c6:1e:9e:f5:d1:30:18:6e:
80:af:a3:73:a1:91:4b:ba:e2:e4:55:56:83:21:52:
cc:69:78:7a:17:4d:a8:e2:46:f0:ab:be:fd:46:36:
7c:22:c8:b6:8c:d7:15:e0:3c:37:17:94:cd:18:61:
d9:b7:d2:ac:e4:aa:c9:47:d5:ee:01:0d:7f:c7:0f:
80:a0:1a:40:1e:ca:9a:7e:1d:63:1d:c7:cf:59:0e:
d5:b0:9e:2f:ed:72:58:84:5f:46:6e:bc:16:0e:3b:
4b:43:1e:ec:ea:af:6c:6c:e5:5d:96:13:af:0d:4a:
53:a5:d5:17:af:50:df:ab:e3:68:a2:05:c9:52:79:
7b:09:0e:3f:24:22:39:37:a6:ca:1d:8e:00:9b:a3:
29:bc:7c:02:f0:1c:8e:99:c0:f9:28:3b:9e:ce:77:
2b:4b:bd:1c:e1:a7:f7:2a:f4:37:3f:ee:0e:04:65:
f7:62:0d:e9:c0:31:19:5d:da:b7:70:6b:c8:e3:4f:
c0:53:36:bd:57:fa:9a:dd:39:c1:a4:17:71:93:e5:
ad:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:81:4B:D5:62:16:91:D9:A4:3D:C1:15:1A:01:04:D2:04:AB:52:B2
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/rYFL1WIWkdmkPcEVGgEE0gSrUrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:7340::/29
2a0d:9440::/29
2a0f:9480::/29
2a10:5d40::/29
2a10:9580::/29
2a11:3d40::/29
Signature Algorithm: sha256WithRSAEncryption
14:4c:ab:9f:e3:8d:71:50:80:d6:9e:48:e8:de:a1:fa:4f:d5:
bb:94:38:d2:44:7d:b6:dc:a9:f9:a4:05:3f:d1:d7:42:d8:26:
fb:71:bc:1a:82:5f:e2:80:cb:84:96:12:bb:31:3e:72:12:eb:
27:0d:32:45:f1:eb:8e:a5:83:18:31:67:c8:ca:ed:c7:bb:7f:
4b:a4:1f:61:e8:04:12:df:78:3d:89:90:8f:61:86:0f:b0:32:
1f:4e:dd:3c:d4:8f:a2:73:0d:40:64:f2:83:bb:d5:5c:1a:1b:
37:f1:48:84:2d:df:63:44:0f:44:f0:de:ff:5e:2c:f3:19:32:
a7:af:40:e5:21:37:98:a8:41:45:c2:3c:0c:f1:d3:be:62:a1:
27:87:8c:58:99:5d:f8:c8:19:e3:da:5a:7f:82:9a:77:11:88:
7f:e3:48:10:5a:22:89:53:e6:14:6a:0c:7a:a1:36:b0:78:f0:
65:82:a6:d0:02:08:f6:4b:16:fb:37:fa:cf:8c:0c:a7:72:b5:
60:e9:08:1b:d9:3b:51:17:c5:6e:81:ac:b6:c0:70:ce:d1:fb:
37:30:76:d6:57:3b:74:67:b5:56:4b:bc:86:47:a5:0c:bc:14:
f7:ee:4e:89:ae:77:e0:48:03:8c:7e:0d:67:ed:ed:6a:bc:03:
52:7e:45:fb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZM1+ZhxkhA8CHXPrXpdPyDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQxMTE2MTcxNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgxNGJkNTYyMTY5MWQ5YTQzZGMxMTUxYTAxMDRkMjA0YWI1MmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSuYENJGpsCH63hD2vtjZwitajvy
QViV4eSa++YS3MBFKZqIvV8dVLClb/+JriIv153Exh6e9dEwGG6Ar6NzoZFLuuLk
VVaDIVLMaXh6F02o4kbwq779RjZ8Isi2jNcV4Dw3F5TNGGHZt9Ks5KrJR9XuAQ1/
xw+AoBpAHsqafh1jHcfPWQ7VsJ4v7XJYhF9GbrwWDjtLQx7s6q9sbOVdlhOvDUpT
pdUXr1Dfq+NoogXJUnl7CQ4/JCI5N6bKHY4Am6MpvHwC8ByOmcD5KDuezncrS70c
4af3KvQ3P+4OBGX3Yg3pwDEZXdq3cGvI40/AUza9V/qa3TnBpBdxk+WtCwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFK2BS9ViFpHZpD3BFRoBBNIEq1KyMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvcllGTDFXSVdrZG1rUGNFVkdnRUUwZ1NyVXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg1zQAMF
AyoNlEADBQMqD5SAAwUDKhBdQAMFAyoQlYADBQMqET1AMA0GCSqGSIb3DQEBCwUA
A4IBAQAUTKuf441xUIDWnkjo3qH6T9W7lDjSRH223Kn5pAU/0ddC2Cb7cbwagl/i
gMuElhK7MT5yEusnDTJF8euOpYMYMWfIyu3Hu39LpB9h6AQS33g9iZCPYYYPsDIf
Tt081I+icw1AZPKDu9VcGhs38UiELd9jRA9E8N7/XizzGTKnr0DlITeYqEFFwjwM
8dO+YqEnh4xYmV34yBnj2lp/gpp3EYh/40gQWiKJU+YUagx6oTawePBlgqbQAgj2
Sxb7N/rPjAyncrVg6Qgb2TtRF8Vugay2wHDO0fs3MHbWVzt0Z7VWS7yGR6UMvBT3
7k6JrnfgSAOMfg1n7e1qvANSfkX7
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:19:16 2025 by rpki-client