Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/85qcDMcjLqQnzbE54IPdBgkcH9Y.roa
File: 85qcDMcjLqQnzbE54IPdBgkcH9Y.roa (raw, json)
Hash identifier: 3X3bWwm8ISuHS4iYPZSCpHFpzkfx3pCbkdQW7MZPNLA=
Subject key identifier: F3:9A:9C:0C:C7:23:2E:A4:27:CD:B1:39:E0:83:DD:06:09:1C:1F:D6
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0194282578664F48D946CE05A3FBE003516C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/85qcDMcjLqQnzbE54IPdBgkcH9Y.roa
Signing time: Thu 02 Jan 2025 17:52:11 +0000
ROA not before: Thu 02 Jan 2025 17:52:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215473
IP address blocks: 2a0f:b241:19::/48 maxlen: 48
2a0f:b241:82::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:78:66:4f:48:d9:46:ce:05:a3:fb:e0:03:51:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 2 17:52:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f39a9c0cc7232ea427cdb139e083dd06091c1fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:82:99:3c:52:5f:59:da:39:9e:80:f5:57:9b:
b7:56:3e:8a:78:73:95:c4:3f:a5:2b:e0:35:a4:a5:
b3:a7:68:00:f5:32:3d:0d:3d:85:ae:b5:80:ef:b4:
c2:07:ca:71:80:ad:37:f3:d0:1c:e5:1d:07:20:1d:
fe:82:12:42:b8:ce:cb:5e:7c:fc:ff:b6:d5:91:0f:
29:90:7c:46:13:e3:63:a8:14:d7:9c:55:94:04:44:
d7:8b:93:d0:2c:35:a4:58:e5:d5:84:2b:c2:10:fa:
49:ee:95:05:18:b2:3f:1b:00:84:0f:4a:4c:4b:24:
a6:e9:b5:76:cd:08:1a:72:52:69:57:be:0e:5c:72:
15:0e:51:76:33:ca:83:95:cd:ca:a3:fe:45:95:ea:
e4:09:bf:a7:d5:45:4e:1a:6a:c4:32:fd:6c:64:ad:
d5:79:27:6a:f7:79:5b:9a:04:fa:d8:6a:ed:51:f8:
7c:85:d0:87:9c:da:2b:e6:13:f7:70:fc:ef:e1:9c:
5b:4b:ad:0f:23:13:31:59:ca:f0:5e:95:97:07:7c:
e4:39:10:a6:9d:8a:cb:6f:e2:09:4c:e6:5e:f6:6a:
20:8c:b4:6e:ce:b1:b8:fc:71:c3:54:c2:4b:aa:b2:
ef:f4:f3:59:75:5a:90:5c:ed:8e:6d:a7:d1:69:1c:
92:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9A:9C:0C:C7:23:2E:A4:27:CD:B1:39:E0:83:DD:06:09:1C:1F:D6
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/85qcDMcjLqQnzbE54IPdBgkcH9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:19::/48
2a0f:b241:82::/48
Signature Algorithm: sha256WithRSAEncryption
24:da:fc:0b:6b:38:4e:d8:ed:20:89:f7:1f:3a:d0:f7:3b:e4:
77:27:b6:d4:1a:84:3b:89:ff:4f:0d:8e:54:dd:85:ee:c7:a9:
e9:41:27:8c:c3:ed:22:fc:6b:de:81:72:ae:01:8c:0d:dc:e3:
5a:1d:4b:aa:a1:26:79:30:06:57:fc:61:aa:05:3c:2b:ad:a3:
81:46:93:3a:6d:58:c9:81:8c:2d:bb:3e:39:fa:c5:a9:92:d3:
70:38:2b:5a:6b:ec:c7:f5:0a:f4:0d:e4:02:a2:35:2a:97:f7:
ff:33:76:60:13:d6:bf:06:c5:08:f3:10:5b:28:bf:40:08:1f:
5a:4e:9f:ea:42:2d:0a:c8:ac:c3:3a:70:81:ec:d4:b3:c5:c1:
66:ba:c8:aa:fc:85:4e:09:eb:cb:9a:a6:40:30:2c:5f:71:a8:
99:3c:dd:4e:b9:ae:91:97:9f:3c:40:0b:a5:2d:6f:4f:34:4d:
fb:0a:d9:70:62:4a:03:2d:dd:45:55:70:9e:fd:09:1b:ff:74:
3e:1a:66:ec:51:82:50:d1:87:13:6f:d6:21:e0:c5:ce:85:04:
91:8f:c8:f6:f4:cb:b9:25:f2:ed:f4:19:2a:31:d4:60:ee:47:
8b:b1:4a:c4:e9:60:f3:4d:f0:b0:8d:64:00:f7:ee:45:8c:45:
14:32:28:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJXhmT0jZRs4Fo/vgA1FsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTAyMTc1MjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzlhOWMwY2M3MjMyZWE0MjdjZGIxMzllMDgzZGQwNjA5MWMxZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4KZPFJfWdo5noD1V5u3Vj6KeHOV
xD+lK+A1pKWzp2gA9TI9DT2FrrWA77TCB8pxgK0389Ac5R0HIB3+ghJCuM7LXnz8
/7bVkQ8pkHxGE+NjqBTXnFWUBETXi5PQLDWkWOXVhCvCEPpJ7pUFGLI/GwCED0pM
SySm6bV2zQgaclJpV74OXHIVDlF2M8qDlc3Ko/5FlerkCb+n1UVOGmrEMv1sZK3V
eSdq93lbmgT62GrtUfh8hdCHnNor5hP3cPzv4ZxbS60PIxMxWcrwXpWXB3zkORCm
nYrLb+IJTOZe9mogjLRuzrG4/HHDVMJLqrLv9PNZdVqQXO2ObafRaRySXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPOanAzHIy6kJ82xOeCD3QYJHB/WMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvODVxY0RNY2pMcVFuemJFNTRJUGRCZ2tjSDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+yQQAZ
AwcAKg+yQQCCMA0GCSqGSIb3DQEBCwUAA4IBAQAk2vwLazhO2O0gifcfOtD3O+R3
J7bUGoQ7if9PDY5U3YXux6npQSeMw+0i/GvegXKuAYwN3ONaHUuqoSZ5MAZX/GGq
BTwrraOBRpM6bVjJgYwtuz45+sWpktNwOCtaa+zH9Qr0DeQCojUql/f/M3ZgE9a/
BsUI8xBbKL9ACB9aTp/qQi0KyKzDOnCB7NSzxcFmusiq/IVOCevLmqZAMCxfcaiZ
PN1Oua6Rl588QAulLW9PNE37CtlwYkoDLd1FVXCe/Qkb/3Q+GmbsUYJQ0YcTb9Yh
4MXOhQSRj8j29Mu5JfLt9BkqMdRg7keLsUrE6WDzTfCwjWQA9+5FjEUUMih6
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:02:46 2025 by rpki-client