Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/epKjs9Cop9bTcPdcczOa3MX64XQ.roa
File: epKjs9Cop9bTcPdcczOa3MX64XQ.roa (raw, json)
Hash identifier: dZdc4p0SlOZDSHVw30QmzlVba9DKc0gWwarT2NW9cCg=
Subject key identifier: 7A:92:A3:B3:D0:A8:A7:D6:D3:70:F7:5C:73:33:9A:DC:C5:FA:E1:74
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 01942825773DC1062FED3FCFAF1AE3B587F8
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/epKjs9Cop9bTcPdcczOa3MX64XQ.roa
Signing time: Thu 02 Jan 2025 17:52:11 +0000
ROA not before: Thu 02 Jan 2025 17:52:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212858
IP address blocks: 2a0f:b241:16::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:77:3d:c1:06:2f:ed:3f:cf:af:1a:e3:b5:87:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 2 17:52:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a92a3b3d0a8a7d6d370f75c73339adcc5fae174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:84:93:5d:5c:d8:f4:0e:50:4f:de:8e:33:44:
a3:b6:09:d5:d7:77:f7:a6:11:81:38:6f:18:a7:54:
d2:92:30:98:a6:68:e5:26:59:a3:59:eb:f2:8e:37:
51:ed:14:20:36:25:ad:92:53:8f:ba:ff:b7:d8:67:
39:89:a6:09:da:b0:15:fb:63:80:6b:61:47:f2:86:
80:63:a2:b3:10:e6:e5:00:eb:bd:e9:71:48:d9:6c:
06:89:b6:44:03:bc:9e:92:f5:75:4a:83:97:a3:be:
b4:64:a6:09:eb:ea:54:74:62:3a:b7:e4:78:50:8e:
07:46:46:66:8d:32:00:1c:2c:ac:b7:47:60:f8:13:
50:f2:7e:42:3a:4a:7b:71:77:93:f3:14:19:04:05:
d1:bd:65:86:9f:8c:94:60:4c:eb:2b:9f:0a:18:e1:
f7:31:a1:06:e8:b6:08:01:65:00:b1:a5:1d:50:c3:
1e:85:ad:9f:01:45:70:51:d8:c7:35:3b:47:04:df:
f2:32:75:8b:78:c5:0b:23:48:1b:68:b6:de:88:8a:
35:b9:86:03:f5:bb:92:6f:97:99:d4:76:25:45:bb:
18:84:99:3c:3e:f8:7e:64:83:fd:db:45:10:44:f8:
4f:5c:3d:73:c0:35:48:fd:0e:3c:c5:f2:dc:d5:7c:
fd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:92:A3:B3:D0:A8:A7:D6:D3:70:F7:5C:73:33:9A:DC:C5:FA:E1:74
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/epKjs9Cop9bTcPdcczOa3MX64XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:16::/48
Signature Algorithm: sha256WithRSAEncryption
6c:05:48:2b:97:21:d1:94:01:a0:f2:f6:b9:25:46:7e:85:5d:
4b:aa:45:df:9e:1e:2a:f4:8b:b6:4c:8f:3c:4b:fd:f4:2e:6e:
4b:c9:54:37:8c:1c:f8:56:0a:b8:f5:e6:4e:3f:32:46:73:aa:
76:82:5d:c9:43:75:57:13:fb:a4:82:8d:8f:f5:83:30:90:be:
7f:99:24:77:aa:88:76:57:1f:99:13:46:b9:bf:4c:4c:47:f9:
67:05:b1:ae:a2:99:ae:5a:49:b9:5e:e1:33:dc:7a:ee:15:0b:
fe:15:41:3d:ba:7e:61:be:c1:4b:5a:0b:0a:85:18:60:6e:2a:
dc:78:cd:cd:e9:ce:bb:46:fa:80:6f:99:da:0e:19:69:5d:0f:
67:9e:15:5d:af:cd:0e:04:54:9e:42:de:9f:c4:ba:b1:ec:76:
a3:65:ab:81:50:c7:20:32:df:17:6d:9d:12:a0:5d:9c:90:ce:
01:b8:1c:46:16:77:08:ae:41:6a:6a:48:3f:ed:6c:fb:05:2a:
4b:9c:ad:5e:04:f6:46:40:f5:03:26:64:98:8d:cc:05:1f:07:
ce:f4:17:e6:cf:fb:61:7f:f8:9c:40:6f:b9:53:7d:e4:d4:fe:
13:3a:f8:04:38:a9:f1:bc:b3:98:9f:a4:a2:80:80:64:48:5a:
21:d6:4a:82
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJXc9wQYv7T/PrxrjtYf4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTAyMTc1MjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTkyYTNiM2QwYThhN2Q2ZDM3MGY3NWM3MzMzOWFkY2M1ZmFlMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYSTXVzY9A5QT96OM0SjtgnV13f3
phGBOG8Yp1TSkjCYpmjlJlmjWevyjjdR7RQgNiWtklOPuv+32Gc5iaYJ2rAV+2OA
a2FH8oaAY6KzEOblAOu96XFI2WwGibZEA7yekvV1SoOXo760ZKYJ6+pUdGI6t+R4
UI4HRkZmjTIAHCyst0dg+BNQ8n5COkp7cXeT8xQZBAXRvWWGn4yUYEzrK58KGOH3
MaEG6LYIAWUAsaUdUMMeha2fAUVwUdjHNTtHBN/yMnWLeMULI0gbaLbeiIo1uYYD
9buSb5eZ1HYlRbsYhJk8Pvh+ZIP920UQRPhPXD1zwDVI/Q48xfLc1Xz9xwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHqSo7PQqKfW03D3XHMzmtzF+uF0MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZXBLanM5Q29wOWJUY1BkY2N6T2EzTVg2NFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAW
MA0GCSqGSIb3DQEBCwUAA4IBAQBsBUgrlyHRlAGg8va5JUZ+hV1LqkXfnh4q9Iu2
TI88S/30Lm5LyVQ3jBz4Vgq49eZOPzJGc6p2gl3JQ3VXE/ukgo2P9YMwkL5/mSR3
qoh2Vx+ZE0a5v0xMR/lnBbGuopmuWkm5XuEz3HruFQv+FUE9un5hvsFLWgsKhRhg
birceM3N6c67RvqAb5naDhlpXQ9nnhVdr80OBFSeQt6fxLqx7HajZauBUMcgMt8X
bZ0SoF2ckM4BuBxGFncIrkFqakg/7Wz7BSpLnK1eBPZGQPUDJmSYjcwFHwfO9Bfm
z/thf/icQG+5U33k1P4TOvgEOKnxvLOYn6SigIBkSFoh1kqC
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:17:37 2025 by rpki-client