Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fPRmVWH15z-V8WVQ7BhiecogqeQ.roa
File: fPRmVWH15z-V8WVQ7BhiecogqeQ.roa (raw, json)
Hash identifier: ZpP+VaTvsOeVkeQGkZ3la58nY+OutVHtj8QNMvuDJnk=
Subject key identifier: 7C:F4:66:55:61:F5:E7:3F:95:F1:65:50:EC:18:62:79:CA:20:A9:E4
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 019557C409CFF53691B5BC58D9E70D69D3AC
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fPRmVWH15z-V8WVQ7BhiecogqeQ.roa
Signing time: Sun 02 Mar 2025 16:50:20 +0000
ROA not before: Sun 02 Mar 2025 16:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62513
IP address blocks: 2a0f:b243::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:57:c4:09:cf:f5:36:91:b5:bc:58:d9:e7:0d:69:d3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Mar 2 16:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cf4665561f5e73f95f16550ec186279ca20a9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dd:cc:3e:ea:e1:17:6b:f6:59:cf:0d:e6:c2:
fd:6b:49:74:70:e4:05:02:88:c1:94:b3:bc:41:bf:
a4:5d:17:c0:9d:9d:ae:2b:f8:98:79:e1:5d:9e:6c:
61:f4:57:92:df:4a:92:d6:ba:d2:f0:f9:63:fd:e6:
fc:71:9c:7b:bb:2f:a5:d2:8f:0c:11:e3:88:da:91:
32:9b:31:ca:2a:59:a1:dd:ca:9c:47:b9:4f:6f:0b:
d5:ab:3b:94:88:4b:b3:10:ef:de:c3:1e:b3:4c:32:
7f:f2:d5:ab:92:86:a2:d4:64:71:a9:00:84:7d:2f:
45:ad:f6:b7:7b:61:3d:b3:8d:3c:fc:a8:d5:26:3f:
23:cf:76:95:d4:d9:d4:2f:d9:4b:5e:db:06:9d:73:
5c:a3:bb:cb:ac:2c:ad:b3:0a:5c:a1:b7:bb:72:0d:
cf:f3:b0:ad:b0:12:ba:eb:b6:e4:fb:34:70:36:8f:
46:7f:e5:1a:58:87:8d:36:fc:7a:2a:54:26:ff:06:
6a:e5:14:89:6b:e3:32:97:4d:2e:ca:68:12:34:9f:
cb:45:ac:df:75:ce:f4:68:5f:c4:7a:40:b0:cc:3e:
7c:e0:58:da:02:ce:ad:35:8a:59:0e:ab:28:18:51:
07:b2:e4:bb:da:6c:46:de:9d:05:35:02:47:8e:eb:
fe:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F4:66:55:61:F5:E7:3F:95:F1:65:50:EC:18:62:79:CA:20:A9:E4
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/fPRmVWH15z-V8WVQ7BhiecogqeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b243::/32
Signature Algorithm: sha256WithRSAEncryption
70:de:51:19:cb:b5:ef:d6:82:9d:35:ce:f5:ae:b6:ea:ed:e8:
24:fc:ca:24:52:f1:37:60:28:db:89:6a:40:28:1b:3b:90:92:
33:bc:93:0e:9b:9e:8c:74:65:e4:de:ae:da:db:f6:97:c2:ef:
18:47:6f:69:ab:38:5c:75:07:02:25:69:c8:e7:4e:5c:40:13:
6c:64:2d:72:a7:57:80:3b:72:ab:13:74:7c:c4:c1:67:a4:d1:
ee:17:30:e5:c2:cf:43:6e:80:85:76:b4:c5:e1:c8:04:a0:32:
ba:e1:ba:62:60:88:8e:da:c9:7f:d5:c5:f9:e8:25:28:49:e7:
5e:3d:4f:e8:00:5c:70:e7:6d:63:67:6b:b2:b6:66:35:64:07:
c5:52:13:29:46:f0:b0:3b:1d:6f:4f:89:fa:b7:77:e0:ba:e4:
66:19:c4:53:5d:d4:5d:6d:2a:c4:6a:8f:f0:96:11:63:b2:0f:
8a:12:b1:65:1a:cc:b6:ec:6d:5c:62:f5:3c:89:ad:f4:e2:ed:
27:00:dd:5a:2f:34:ab:41:2e:89:44:e2:7b:2a:7e:06:dd:ed:
28:02:45:32:51:1f:a5:35:6c:ab:74:eb:cd:e4:74:56:02:e8:
57:2f:aa:7f:16:29:45:b0:bc:f7:bd:f9:ae:90:fc:a0:6f:3f:
c0:77:0f:74
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVXxAnP9TaRtbxY2ecNadOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMzAyMTY1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y0NjY1NTYxZjVlNzNmOTVmMTY1NTBlYzE4NjI3OWNhMjBhOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvN3MPurhF2v2Wc8N5sL9a0l0cOQF
AojBlLO8Qb+kXRfAnZ2uK/iYeeFdnmxh9FeS30qS1rrS8Plj/eb8cZx7uy+l0o8M
EeOI2pEymzHKKlmh3cqcR7lPbwvVqzuUiEuzEO/ewx6zTDJ/8tWrkoai1GRxqQCE
fS9Frfa3e2E9s408/KjVJj8jz3aV1NnUL9lLXtsGnXNco7vLrCytswpcobe7cg3P
87CtsBK667bk+zRwNo9Gf+UaWIeNNvx6KlQm/wZq5RSJa+Myl00uymgSNJ/LRazf
dc70aF/EekCwzD584FjaAs6tNYpZDqsoGFEHsuS72mxG3p0FNQJHjuv+swIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHz0ZlVh9ec/lfFlUOwYYnnKIKnkMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvZlBSbVZXSDE1ei1WOFdWUTdCaGllY29ncWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg+yQzAN
BgkqhkiG9w0BAQsFAAOCAQEAcN5RGcu179aCnTXO9a626u3oJPzKJFLxN2Ao24lq
QCgbO5CSM7yTDpuejHRl5N6u2tv2l8LvGEdvaas4XHUHAiVpyOdOXEATbGQtcqdX
gDtyqxN0fMTBZ6TR7hcw5cLPQ26AhXa0xeHIBKAyuuG6YmCIjtrJf9XF+eglKEnn
Xj1P6ABccOdtY2drsrZmNWQHxVITKUbwsDsdb0+J+rd34LrkZhnEU13UXW0qxGqP
8JYRY7IPihKxZRrMtuxtXGL1PImt9OLtJwDdWi80q0EuiUTieyp+Bt3tKAJFMlEf
pTVsq3TrzeR0VgLoVy+qfxYpRbC89735rpD8oG8/wHcPdA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:27:27 2025 by rpki-client