Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SF7imhaazuPfEpJBywM_tm8X9mE.roa
File: SF7imhaazuPfEpJBywM_tm8X9mE.roa (raw, json)
Hash identifier: 8+reCe3POF1ExZIThV5iCt+eheoTKlzITInNmkvijl4=
Subject key identifier: 48:5E:E2:9A:16:9A:CE:E3:DF:12:92:41:CB:03:3F:B6:6F:17:F6:61
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0195D312F5F00ADD7B0B0D2227B8649C96C8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SF7imhaazuPfEpJBywM_tm8X9mE.roa
Signing time: Wed 26 Mar 2025 15:29:49 +0000
ROA not before: Wed 26 Mar 2025 15:29:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 2a0f:b241:40::/44 maxlen: 48
2a0f:b242:6000::/36 maxlen: 36
2a0f:b245::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d3:12:f5:f0:0a:dd:7b:0b:0d:22:27:b8:64:9c:96:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Mar 26 15:29:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=485ee29a169acee3df129241cb033fb66f17f661
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:78:38:52:dc:40:36:5f:b0:1d:7b:fd:7b:74:
63:2e:bb:56:b2:08:d2:77:d3:03:59:4a:ee:9c:dd:
c0:32:bb:ba:97:59:d6:6c:da:34:84:d2:c9:ef:6d:
3f:1a:fa:4a:b9:11:93:3d:23:5e:ea:49:03:24:c2:
b4:46:8e:ed:64:48:ca:2d:52:bf:55:83:39:ed:2d:
c8:da:98:63:e3:ab:b7:26:cd:0c:15:62:bc:6e:4b:
b7:b6:ef:06:82:46:51:e9:e1:fd:f4:6c:0b:0b:cb:
f9:d2:16:9a:c6:7f:d5:0c:96:45:c3:5e:f9:9c:37:
d6:82:b3:da:ae:43:2c:99:6f:58:c8:d4:6d:aa:cf:
7f:10:b8:75:d6:48:bd:17:10:a7:2e:e7:8b:d4:ca:
92:05:44:af:fd:78:14:ed:13:44:0c:b6:3f:c3:c3:
cd:6e:da:67:c4:f6:ff:f2:4f:e7:d6:be:67:06:35:
43:00:d1:51:22:b8:4d:bc:1b:46:29:65:61:9c:49:
e5:88:f0:45:48:5e:06:58:f4:a3:af:5b:c2:9a:85:
45:93:89:71:a8:bc:26:44:c1:b8:ac:38:4f:79:0c:
75:8b:66:63:47:54:59:02:e5:10:af:28:c1:6f:5f:
d1:30:d8:3c:3c:4a:5b:3c:61:ee:cd:2b:f4:65:48:
c5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5E:E2:9A:16:9A:CE:E3:DF:12:92:41:CB:03:3F:B6:6F:17:F6:61
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/SF7imhaazuPfEpJBywM_tm8X9mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:40::/44
2a0f:b242:6000::/36
2a0f:b245::/32
Signature Algorithm: sha256WithRSAEncryption
80:2c:a7:ee:5d:44:a5:c9:74:b6:ac:ce:28:84:1c:2e:8b:aa:
eb:3b:ac:a4:60:42:0f:d2:80:78:61:68:37:ac:b5:67:64:c9:
a9:68:27:2d:27:69:57:3e:b9:17:a7:1c:de:cf:25:fa:e7:90:
f3:6e:e0:f3:2c:01:8b:da:13:b9:08:bd:3b:b0:77:dd:85:23:
6c:10:fe:05:5f:07:41:15:f6:45:17:35:26:dd:de:2f:c9:c3:
1f:b2:22:2f:fc:8d:08:6b:ea:5b:94:ed:fe:29:f1:fd:a7:7a:
8d:f3:db:f3:07:24:93:98:d3:3d:f8:c7:9b:10:04:1f:20:7d:
2b:e6:e9:e9:84:f7:84:d3:76:84:4c:db:c7:b4:3c:11:00:0a:
fb:3f:95:d9:a2:85:81:31:a1:b0:0e:67:40:33:20:93:53:16:
8d:05:80:fd:67:ee:ff:c7:ac:3b:d8:1d:35:bb:ac:59:ba:69:
f3:5a:07:e3:87:d6:3e:37:dc:ee:30:c3:a5:ef:cf:f7:27:97:
21:d3:c5:fc:2f:02:45:4d:3c:c6:04:03:0d:f0:6b:90:10:07:
ba:62:06:9b:67:5a:42:b4:32:a9:6d:4d:8b:77:72:b7:44:aa:
05:c1:b2:79:04:3b:f0:5d:32:e8:8a:a4:ea:e8:cd:ab:0d:a5:
d2:9e:c0:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXTEvXwCt17Cw0iJ7hknJbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMzI2MTUyOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVlZTI5YTE2OWFjZWUzZGYxMjkyNDFjYjAzM2ZiNjZmMTdmNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3g4UtxANl+wHXv9e3RjLrtWsgjS
d9MDWUrunN3AMru6l1nWbNo0hNLJ720/GvpKuRGTPSNe6kkDJMK0Ro7tZEjKLVK/
VYM57S3I2phj46u3Js0MFWK8bku3tu8GgkZR6eH99GwLC8v50haaxn/VDJZFw175
nDfWgrParkMsmW9YyNRtqs9/ELh11ki9FxCnLueL1MqSBUSv/XgU7RNEDLY/w8PN
btpnxPb/8k/n1r5nBjVDANFRIrhNvBtGKWVhnEnliPBFSF4GWPSjr1vCmoVFk4lx
qLwmRMG4rDhPeQx1i2ZjR1RZAuUQryjBb1/RMNg8PEpbPGHuzSv0ZUjF0wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEhe4poWms7j3xKSQcsDP7ZvF/ZhMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvU0Y3aW1oYWF6dVBmRXBKQnl3TV90bThYOW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwcEKg+yQQBA
AwYEKg+yQmADBQAqD7JFMA0GCSqGSIb3DQEBCwUAA4IBAQCALKfuXUSlyXS2rM4o
hBwui6rrO6ykYEIP0oB4YWg3rLVnZMmpaCctJ2lXPrkXpxzezyX655DzbuDzLAGL
2hO5CL07sHfdhSNsEP4FXwdBFfZFFzUm3d4vycMfsiIv/I0Ia+pblO3+KfH9p3qN
89vzBySTmNM9+MebEAQfIH0r5unphPeE03aETNvHtDwRAAr7P5XZooWBMaGwDmdA
MyCTUxaNBYD9Z+7/x6w72B01u6xZumnzWgfjh9Y+N9zuMMOl78/3J5ch08X8LwJF
TTzGBAMN8GuQEAe6YgabZ1pCtDKpbU2Ld3K3RKoFwbJ5BDvwXTLoiqTq6M2rDaXS
nsD0
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:16:12 2025 by rpki-client