Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kVb7Jw3eFm0rH_2hI_sFxpUe654.roa
File: kVb7Jw3eFm0rH_2hI_sFxpUe654.roa (raw, json)
Hash identifier: DhV0642v9bLRlCfdgD3Msa05srzFpUmzNDU1xI+EO2k=
Subject key identifier: 91:56:FB:27:0D:DE:16:6D:2B:1F:FD:A1:23:FB:05:C6:95:1E:EB:9E
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 0194282573FADBA78A2CA5B73BD2C5CE4FF1
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kVb7Jw3eFm0rH_2hI_sFxpUe654.roa
Signing time: Thu 02 Jan 2025 17:52:10 +0000
ROA not before: Thu 02 Jan 2025 17:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199518
IP address blocks: 2a0f:b241:85::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:73:fa:db:a7:8a:2c:a5:b7:3b:d2:c5:ce:4f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 2 17:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9156fb270dde166d2b1ffda123fb05c6951eeb9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:85:31:4d:35:a5:8d:4f:14:2f:f8:80:00:96:
86:ec:ab:2f:e2:d7:65:fd:21:95:52:72:75:99:65:
26:f9:91:82:b6:6f:20:f6:aa:b8:7c:c6:db:7c:9b:
9c:c0:47:cd:87:65:8e:e9:61:87:2d:66:90:fa:20:
12:91:2a:9a:7d:e8:3d:6d:96:36:5d:ae:ac:aa:58:
4e:b4:cf:c7:69:ca:98:8c:52:c4:31:b5:a9:0b:b6:
92:3a:83:e7:35:4d:08:7f:9a:93:da:da:01:78:ba:
9b:44:2d:f2:30:5d:4a:dc:f9:6b:a1:b1:3e:66:0d:
4d:43:3b:fb:65:9b:23:9f:93:b8:1e:be:80:25:bf:
ae:b8:f1:ff:92:47:18:93:f9:2d:0f:a6:3d:05:e7:
85:a7:11:35:19:0f:86:81:41:e3:36:df:77:55:32:
66:52:6e:aa:34:05:d9:04:2e:e0:ac:31:5d:1f:92:
df:48:ca:bd:be:0f:68:cc:b4:c9:4c:df:16:40:7f:
a2:22:72:72:26:18:df:b0:3a:3d:6e:16:de:b7:10:
34:27:05:c4:c1:48:8e:8e:7c:4f:64:aa:f2:14:b2:
01:ed:84:45:91:47:e6:50:e8:82:39:a1:e0:16:f4:
26:e7:ad:a1:02:22:15:db:c9:ea:c7:91:72:ee:f2:
8d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:56:FB:27:0D:DE:16:6D:2B:1F:FD:A1:23:FB:05:C6:95:1E:EB:9E
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/kVb7Jw3eFm0rH_2hI_sFxpUe654.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:85::/48
Signature Algorithm: sha256WithRSAEncryption
07:ff:35:78:19:0a:b4:51:f2:78:22:75:05:1a:2a:ea:85:0c:
2b:57:23:c6:11:c9:74:63:7e:d4:be:7b:70:5a:5f:d4:ff:60:
91:a0:4b:0f:d6:9c:f7:14:c0:29:49:b9:36:24:fa:00:c1:60:
e7:09:84:e7:b7:a3:79:ae:13:7a:66:10:d7:60:1f:58:d9:4c:
9b:09:60:0e:ce:14:98:51:68:de:10:66:47:67:d9:e7:51:d7:
93:96:44:b9:1f:a7:16:cd:35:35:b3:d8:41:ed:37:85:5c:9c:
9d:f2:a2:08:d3:e4:a8:90:03:bf:63:23:88:d0:bc:83:d3:55:
8d:97:e6:e0:b7:86:c3:b6:df:e3:98:f1:ec:91:97:8a:79:4c:
8d:ee:7b:92:b3:3b:86:8d:52:67:12:47:87:2d:e9:9c:40:13:
86:b8:d4:5e:d1:56:d4:21:1b:16:57:c0:7e:43:91:e5:3c:c7:
8b:69:b0:72:f8:73:d5:60:77:94:13:1f:16:41:63:d1:fb:96:
37:6b:32:a5:43:22:28:2b:b0:90:68:45:a1:b9:19:64:c0:1f:
69:53:59:73:2c:41:98:ee:24:d1:04:70:5b:6f:38:26:34:78:
25:42:a3:47:93:4b:2c:2f:a9:9c:75:57:57:20:49:90:c9:48:
89:ce:ba:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJXP626eKLKW3O9LFzk/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTAyMTc1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTU2ZmIyNzBkZGUxNjZkMmIxZmZkYTEyM2ZiMDVjNjk1MWVlYjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoUxTTWljU8UL/iAAJaG7Ksv4tdl
/SGVUnJ1mWUm+ZGCtm8g9qq4fMbbfJucwEfNh2WO6WGHLWaQ+iASkSqafeg9bZY2
Xa6sqlhOtM/HacqYjFLEMbWpC7aSOoPnNU0If5qT2toBeLqbRC3yMF1K3PlrobE+
Zg1NQzv7ZZsjn5O4Hr6AJb+uuPH/kkcYk/ktD6Y9BeeFpxE1GQ+GgUHjNt93VTJm
Um6qNAXZBC7grDFdH5LfSMq9vg9ozLTJTN8WQH+iInJyJhjfsDo9bhbetxA0JwXE
wUiOjnxPZKryFLIB7YRFkUfmUOiCOaHgFvQm562hAiIV28nqx5Fy7vKNNQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJFW+ycN3hZtKx/9oSP7BcaVHuueMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEva1ZiN0p3M2VGbTBySF8yaElfc0Z4cFVlNjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQCF
MA0GCSqGSIb3DQEBCwUAA4IBAQAH/zV4GQq0UfJ4InUFGirqhQwrVyPGEcl0Y37U
vntwWl/U/2CRoEsP1pz3FMApSbk2JPoAwWDnCYTnt6N5rhN6ZhDXYB9Y2UybCWAO
zhSYUWjeEGZHZ9nnUdeTlkS5H6cWzTU1s9hB7TeFXJyd8qII0+SokAO/YyOI0LyD
01WNl+bgt4bDtt/jmPHskZeKeUyN7nuSszuGjVJnEkeHLemcQBOGuNRe0VbUIRsW
V8B+Q5HlPMeLabBy+HPVYHeUEx8WQWPR+5Y3azKlQyIoK7CQaEWhuRlkwB9pU1lz
LEGY7iTRBHBbbzgmNHglQqNHk0ssL6mcdVdXIEmQyUiJzrqw
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:09 2025 by rpki-client