Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sYcIUF9JZUL8nalnP6guQpiQpFo.roa
File: sYcIUF9JZUL8nalnP6guQpiQpFo.roa (raw, json)
Hash identifier: O15muEWAoO/BLk3AT82wezr5i9pcEWqA91vts9pFe9Q=
Subject key identifier: B1:87:08:50:5F:49:65:42:FC:9D:A9:67:3F:A8:2E:42:98:90:A4:5A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 019428257437EABBCBE0293A8CE74B7E0FC7
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sYcIUF9JZUL8nalnP6guQpiQpFo.roa
Signing time: Thu 02 Jan 2025 17:52:10 +0000
ROA not before: Thu 02 Jan 2025 17:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200454
IP address blocks: 2a0f:b241:10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:74:37:ea:bb:cb:e0:29:3a:8c:e7:4b:7e:0f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Jan 2 17:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b18708505f496542fc9da9673fa82e429890a45a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ad:24:99:83:0f:eb:c2:98:5f:69:bb:a9:6f:
aa:83:8a:e9:59:20:4c:f4:d2:8a:1a:36:e3:65:5b:
1d:55:1f:bc:40:43:51:d5:aa:45:01:f9:4b:cc:7d:
31:a3:ed:4e:3e:dd:4b:44:c5:cb:f5:61:2e:80:94:
5c:64:55:16:b4:76:f7:44:a1:e6:be:48:8a:b1:63:
55:90:e4:ef:48:27:72:f5:6c:9b:93:c3:b5:99:95:
c5:cf:4b:f8:e8:b5:5e:c6:89:8f:59:4f:e8:bd:eb:
2c:32:8a:1a:75:68:96:f9:7f:37:21:e0:0a:cd:da:
fc:b0:47:3c:ae:d1:f8:ef:21:29:a6:c7:68:7e:0f:
a5:6b:1c:2a:f2:0c:d6:0b:57:4d:9d:76:5b:8d:ea:
c1:ba:19:7f:1c:ac:43:0f:89:fd:df:e1:30:57:a3:
7a:f2:1d:48:27:2f:27:9a:53:26:fd:7a:31:25:66:
2b:d9:27:d2:4c:f0:83:fc:50:3b:1a:27:77:5c:b2:
f2:47:ee:4b:87:48:eb:8b:ee:c1:2b:0b:b8:fe:00:
21:86:87:62:f9:8a:1e:b1:23:4f:9a:cf:3f:85:3c:
29:43:13:0c:cd:b4:92:d5:22:85:8e:23:7d:75:da:
dd:f1:ba:26:1f:52:02:df:bd:8b:6e:3f:73:47:84:
dc:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:87:08:50:5F:49:65:42:FC:9D:A9:67:3F:A8:2E:42:98:90:A4:5A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/sYcIUF9JZUL8nalnP6guQpiQpFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:10::/48
Signature Algorithm: sha256WithRSAEncryption
43:5a:8b:ed:92:d3:d1:20:0b:a5:c8:17:8c:6f:10:1e:99:b5:
80:ec:82:8a:57:e0:24:99:61:56:c8:fc:1b:8d:ed:7d:82:6e:
56:5f:7c:f7:44:14:38:b6:10:8a:21:54:d6:74:9e:b5:4c:f6:
f7:0a:49:80:21:13:10:38:2b:d8:73:83:57:11:bf:93:4e:1a:
b2:50:2a:04:dd:d4:0c:13:a7:65:95:72:39:a9:dd:ec:46:18:
4e:25:5f:01:59:3a:82:4b:92:ce:12:80:1d:ad:b5:da:1b:12:
c4:f2:df:78:87:cd:e0:21:33:22:ae:b1:14:06:cf:ae:b5:e5:
37:75:56:e8:a6:b0:e0:99:f8:01:d1:4a:8f:20:ec:32:37:a4:
1c:bd:dd:a4:bc:07:b8:54:5f:68:c4:1d:c3:f4:28:d3:2e:1f:
71:fe:a6:8d:9e:e2:fd:a2:74:31:dc:b5:28:5c:88:a7:27:1a:
c2:6c:b5:d1:9f:28:a0:6d:18:c6:ad:f9:65:e9:f5:7f:14:ad:
00:e6:7b:06:07:9e:2e:78:22:4a:0b:7e:24:7e:71:3f:bf:fe:
dc:7c:b5:8f:97:ce:dd:a5:3c:0d:6a:19:1d:c8:b2:99:8f:6f:
a3:86:93:13:49:87:ec:3a:00:c2:9d:01:2b:83:54:b3:07:92:
af:9b:eb:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQoJXQ36rvL4Ck6jOdLfg/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjUwMTAyMTc1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTg3MDg1MDVmNDk2NTQyZmM5ZGE5NjczZmE4MmU0Mjk4OTBhNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvq0kmYMP68KYX2m7qW+qg4rpWSBM
9NKKGjbjZVsdVR+8QENR1apFAflLzH0xo+1OPt1LRMXL9WEugJRcZFUWtHb3RKHm
vkiKsWNVkOTvSCdy9Wybk8O1mZXFz0v46LVexomPWU/ovessMooadWiW+X83IeAK
zdr8sEc8rtH47yEppsdofg+laxwq8gzWC1dNnXZbjerBuhl/HKxDD4n93+EwV6N6
8h1IJy8nmlMm/XoxJWYr2SfSTPCD/FA7Gid3XLLyR+5Lh0jri+7BKwu4/gAhhodi
+YoesSNPms8/hTwpQxMMzbSS1SKFjiN9ddrd8bomH1IC372Lbj9zR4TcSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLGHCFBfSWVC/J2pZz+oLkKYkKRaMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvc1ljSVVGOUpaVUw4bmFsblA2Z3VRcGlRcEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBDWovtktPRIAulyBeMbxAembWA7IKKV+AkmWFW
yPwbje19gm5WX3z3RBQ4thCKIVTWdJ61TPb3CkmAIRMQOCvYc4NXEb+TThqyUCoE
3dQME6dllXI5qd3sRhhOJV8BWTqCS5LOEoAdrbXaGxLE8t94h83gITMirrEUBs+u
teU3dVboprDgmfgB0UqPIOwyN6Qcvd2kvAe4VF9oxB3D9CjTLh9x/qaNnuL9onQx
3LUoXIinJxrCbLXRnyigbRjGrfll6fV/FK0A5nsGB54ueCJKC34kfnE/v/7cfLWP
l87dpTwNahkdyLKZj2+jhpMTSYfsOgDCnQErg1SzB5Kvm+v9
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:21:10 2025 by rpki-client