Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/f017PzkxNN7Z5ETh0qCvv8t0lNo.roa
File: f017PzkxNN7Z5ETh0qCvv8t0lNo.roa (raw, json)
Hash identifier: RBBJWOHQn7zT4E3wUOt8OhgmQHDecS8xI1YeXa1Jnyc=
Subject key identifier: 7F:4D:7B:3F:39:31:34:DE:D9:E4:44:E1:D2:A0:AF:BF:CB:74:94:DA
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0194282576EFAAB025C660BA75DBEFA5765C
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/f017PzkxNN7Z5ETh0qCvv8t0lNo.roa
Signing time: Thu 02 Jan 2025 17:52:11 +0000
ROA not before: Thu 02 Jan 2025 17:52:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212149
IP address blocks: 2a0f:b241:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:76:ef:aa:b0:25:c6:60:ba:75:db:ef:a5:76:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 2 17:52:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f4d7b3f393134ded9e444e1d2a0afbfcb7494da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7f:cb:d2:b2:8a:1d:47:ab:c9:06:6f:38:11:
63:07:43:2e:1d:86:92:76:28:fe:c2:eb:fe:92:b5:
2e:03:f2:e7:58:cb:38:68:79:7a:58:59:59:05:07:
e4:78:03:4f:f3:91:94:cb:01:84:78:ff:b2:d5:71:
73:c6:f0:69:a2:bf:00:d5:56:e1:19:36:4f:8f:52:
7b:7b:ba:da:68:7f:c8:a8:67:c5:99:e5:58:14:9c:
31:62:0b:e6:97:78:54:0b:59:36:50:a0:ff:1e:c0:
8b:80:ae:16:e1:c1:5d:19:8b:93:12:e9:d4:9a:c3:
8f:cb:9f:99:7f:a7:9f:67:c6:19:55:34:5b:48:53:
a2:95:0e:7e:24:6e:fd:da:21:91:58:78:8a:45:ac:
cb:9f:6c:8c:96:0f:3d:69:c9:d4:16:00:0f:5c:e2:
5c:02:40:71:ce:56:0b:ef:75:14:2e:32:98:c9:28:
67:f6:0d:65:db:fb:18:c1:30:20:56:00:a2:7c:7d:
22:42:22:e5:90:bb:35:b9:7b:9c:6b:9e:2a:df:08:
b0:b6:cd:6a:2e:9b:61:1b:17:5d:fb:30:e9:f2:c7:
57:0f:58:cf:b5:5f:96:40:7c:8e:b5:9b:3a:34:aa:
8b:da:91:5a:a6:7d:fb:ff:fa:c3:0a:b9:2c:9f:d3:
36:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4D:7B:3F:39:31:34:DE:D9:E4:44:E1:D2:A0:AF:BF:CB:74:94:DA
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/f017PzkxNN7Z5ETh0qCvv8t0lNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
04:04:d2:c1:87:d2:b7:78:36:e7:3c:1e:84:95:36:ca:4f:14:
f8:d9:15:5e:63:5f:c2:88:28:8d:b7:65:6b:fc:f6:d6:d3:7a:
b7:ba:9b:a1:17:07:8f:5e:47:91:4c:7e:b0:08:73:f8:08:bf:
f0:04:f0:a3:9d:f2:c3:93:85:d3:5c:92:75:e2:24:40:d7:21:
8c:1a:27:0b:59:d9:a9:43:2a:75:5f:4f:b5:4d:81:40:82:46:
60:66:17:db:7d:f7:5c:c8:6b:b1:30:76:62:3d:ed:99:e9:4c:
5a:1d:d4:11:f2:d5:12:ed:58:d5:0b:8f:71:a3:da:1d:2a:ce:
39:aa:d6:1d:19:36:ac:bf:27:01:64:1b:8f:a0:51:a0:00:47:
17:fd:7c:e6:be:cf:cb:68:ec:ae:00:07:e0:26:ad:ac:37:a7:
83:7d:e1:8c:4e:b0:69:61:6c:fa:c3:88:f3:bd:df:a5:e8:ec:
1a:be:80:3b:cc:3c:ae:be:70:41:ef:26:97:61:b2:36:d3:60:
c9:97:1b:a1:d2:70:68:b8:21:36:0b:a4:4a:96:4c:d9:11:5c:
31:04:27:74:5c:70:06:e4:a0:e7:ce:a9:2d:d0:d4:73:ba:bd:
1d:9b:9c:61:08:8b:5c:ee:49:19:1c:0e:e7:a8:39:35:a0:6e:
16:a0:65:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJXbvqrAlxmC6ddvvpXZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTAyMTc1MjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjRkN2IzZjM5MzEzNGRlZDllNDQ0ZTFkMmEwYWZiZmNiNzQ5NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX/L0rKKHUeryQZvOBFjB0MuHYaS
dij+wuv+krUuA/LnWMs4aHl6WFlZBQfkeANP85GUywGEeP+y1XFzxvBpor8A1Vbh
GTZPj1J7e7raaH/IqGfFmeVYFJwxYgvml3hUC1k2UKD/HsCLgK4W4cFdGYuTEunU
msOPy5+Zf6efZ8YZVTRbSFOilQ5+JG792iGRWHiKRazLn2yMlg89acnUFgAPXOJc
AkBxzlYL73UULjKYyShn9g1l2/sYwTAgVgCifH0iQiLlkLs1uXuca54q3wiwts1q
LpthGxdd+zDp8sdXD1jPtV+WQHyOtZs6NKqL2pFapn37//rDCrksn9M2kQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH9Nez85MTTe2eRE4dKgr7/LdJTaMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZjAxN1B6a3hOTjdaNUVUaDBxQ3Z2OHQwbE5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQbAL
MA0GCSqGSIb3DQEBCwUAA4IBAQAEBNLBh9K3eDbnPB6ElTbKTxT42RVeY1/CiCiN
t2Vr/PbW03q3upuhFwePXkeRTH6wCHP4CL/wBPCjnfLDk4XTXJJ14iRA1yGMGicL
WdmpQyp1X0+1TYFAgkZgZhfbffdcyGuxMHZiPe2Z6UxaHdQR8tUS7VjVC49xo9od
Ks45qtYdGTasvycBZBuPoFGgAEcX/Xzmvs/LaOyuAAfgJq2sN6eDfeGMTrBpYWz6
w4jzvd+l6OwavoA7zDyuvnBB7yaXYbI202DJlxuh0nBouCE2C6RKlkzZEVwxBCd0
XHAG5KDnzqkt0NRzur0dm5xhCItc7kkZHA7nqDk1oG4WoGVC
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:09:51 2025 by rpki-client