Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/JaFKfYKslg0WUVhBG8hHu6LqTvw.roa
File: JaFKfYKslg0WUVhBG8hHu6LqTvw.roa (raw, json)
Hash identifier: 4GgDdTVxQxqewTP0EOz1RIPWIQ2EEWazgc1qxopxzyA=
Subject key identifier: 25:A1:4A:7D:82:AC:96:0D:16:51:58:41:1B:C8:47:BB:A2:EA:4E:FC
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 019427B5D00A16DA6F60CB9458D0C86233DA
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/JaFKfYKslg0WUVhBG8hHu6LqTvw.roa
Signing time: Thu 02 Jan 2025 15:50:14 +0000
ROA not before: Thu 02 Jan 2025 15:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29670
IP address blocks: 2001:bf0:c000::/35 maxlen: 48
2001:bf6::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:d0:0a:16:da:6f:60:cb:94:58:d0:c8:62:33:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 2 15:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25a14a7d82ac960d165158411bc847bba2ea4efc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b3:87:42:ef:d6:9c:a0:f3:d2:cf:18:12:5d:
81:74:3e:a7:35:e7:48:19:d0:91:c4:6b:8b:f9:31:
f5:4d:35:7c:c5:61:73:ed:75:8f:5a:76:e7:7f:73:
09:8a:98:1e:a1:54:20:b6:5f:9c:bb:1b:34:04:ea:
e6:20:22:83:81:9e:e0:4d:51:2e:c4:9d:dd:71:04:
83:66:25:75:ab:ba:bb:fd:bb:e6:d4:0d:96:79:32:
ad:e8:ed:0c:c3:37:ed:ba:df:01:af:96:e0:e4:fe:
8f:38:4d:c2:4a:ff:49:99:3a:6b:ee:4b:77:19:17:
15:69:12:e0:97:60:3c:63:b7:88:3e:df:3c:35:17:
a4:d1:04:db:4e:c3:45:27:7c:46:90:be:4c:c3:dd:
89:77:70:fd:7d:1d:46:48:85:65:83:f6:ab:f8:d4:
7d:4f:7c:06:67:9e:c3:14:65:04:d5:16:f4:3c:02:
66:3c:7f:42:47:ea:50:49:a3:dc:4d:ba:47:53:4a:
2d:13:1d:14:f7:f6:06:84:4e:eb:70:38:aa:bb:d5:
22:33:8f:d1:54:91:97:5c:ac:2c:91:bd:47:59:66:
1f:84:4d:b6:f1:dc:7a:15:f4:1f:c5:b1:58:6a:58:
d5:c9:38:17:cc:54:7b:bc:19:7c:49:84:a0:67:cc:
87:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A1:4A:7D:82:AC:96:0D:16:51:58:41:1B:C8:47:BB:A2:EA:4E:FC
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/JaFKfYKslg0WUVhBG8hHu6LqTvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf0:c000::/35
2001:bf6::/32
Signature Algorithm: sha256WithRSAEncryption
00:7a:d5:b0:d9:75:bd:68:47:a2:e4:91:94:79:e8:80:4c:23:
e8:69:a7:46:ce:cc:a7:1c:15:ca:26:95:28:20:36:96:6b:cb:
4a:e7:f7:88:56:32:19:0c:2f:bd:4d:54:14:96:05:b7:2b:5b:
c3:5b:b4:16:13:35:57:99:73:dd:8c:5e:b6:25:9f:21:12:a0:
32:a1:ad:e0:8b:51:5c:6a:60:55:e9:4d:55:d1:c2:25:85:75:
8e:ae:ab:0c:a3:fb:f7:dd:2a:37:7a:98:7d:b3:ca:48:94:1f:
1a:d4:71:f9:1e:03:b1:51:1e:e5:d7:f3:53:4c:19:53:89:89:
b9:59:f4:c2:d4:72:85:9a:d2:04:b6:bb:97:ce:9c:16:18:b2:
89:64:82:f6:36:d7:b8:b3:92:23:13:37:01:71:5c:37:6d:9b:
ce:1c:e4:1d:e3:cb:e3:0e:02:de:60:4f:8e:27:56:14:86:d3:
ae:2b:2d:d9:b0:c8:af:03:68:64:a2:4d:26:3b:fc:a7:11:91:
a5:5e:09:9a:41:3b:6e:57:5e:1b:8f:e5:1a:5d:90:67:b3:67:
62:4f:43:d8:30:aa:b7:32:5f:e9:16:3e:b4:8c:fd:64:a4:ee:
56:79:1d:57:83:38:8c:9f:4e:1d:8a:c2:3b:15:57:8e:a5:5e:
83:18:f5:07
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZQntdAKFtpvYMuUWNDIYjPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjUwMTAyMTU1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWExNGE3ZDgyYWM5NjBkMTY1MTU4NDExYmM4NDdiYmEyZWE0ZWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrOHQu/WnKDz0s8YEl2BdD6nNedI
GdCRxGuL+TH1TTV8xWFz7XWPWnbnf3MJipgeoVQgtl+cuxs0BOrmICKDgZ7gTVEu
xJ3dcQSDZiV1q7q7/bvm1A2WeTKt6O0Mwzftut8Br5bg5P6POE3CSv9JmTpr7kt3
GRcVaRLgl2A8Y7eIPt88NRek0QTbTsNFJ3xGkL5Mw92Jd3D9fR1GSIVlg/ar+NR9
T3wGZ57DFGUE1Rb0PAJmPH9CR+pQSaPcTbpHU0otEx0U9/YGhE7rcDiqu9UiM4/R
VJGXXKwskb1HWWYfhE228dx6FfQfxbFYaljVyTgXzFR7vBl8SYSgZ8yH+QIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFCWhSn2CrJYNFlFYQRvIR7ui6k78MB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvSmFGS2ZZS3NsZzBXVVZoQkc4aEh1NkxxVHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYFIAEL8MAD
BQAgAQv2MA0GCSqGSIb3DQEBCwUAA4IBAQAAetWw2XW9aEei5JGUeeiATCPoaadG
zsynHBXKJpUoIDaWa8tK5/eIVjIZDC+9TVQUlgW3K1vDW7QWEzVXmXPdjF62JZ8h
EqAyoa3gi1FcamBV6U1V0cIlhXWOrqsMo/v33So3eph9s8pIlB8a1HH5HgOxUR7l
1/NTTBlTiYm5WfTC1HKFmtIEtruXzpwWGLKJZIL2Nte4s5IjEzcBcVw3bZvOHOQd
48vjDgLeYE+OJ1YUhtOuKy3ZsMivA2hkok0mO/ynEZGlXgmaQTtuV14bj+UaXZBn
s2diT0PYMKq3Ml/pFj60jP1kpO5WeR1XgziMn04disI7FVeOpV6DGPUH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:29:05 2025 by rpki-client