Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/9LxgfTOJcoE2_jHJSOljCVVPS5Y.roa
File: 9LxgfTOJcoE2_jHJSOljCVVPS5Y.roa (raw, json)
Hash identifier: qp8gK1apqd3e4qrwJ4WSA7TFQheE7slpZrtZy4gGTvM=
Subject key identifier: F4:BC:60:7D:33:89:72:81:36:FE:31:C9:48:E9:63:09:55:4F:4B:96
Certificate issuer: /CN=6d6d1f110f595c635ccbe9fbb3090dbb5fcfbd6e
Certificate serial: 0195C857070165B6699484978EC1978CDA9F
Authority key identifier: 6D:6D:1F:11:0F:59:5C:63:5C:CB:E9:FB:B3:09:0D:BB:5F:CF:BD:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW0fEQ9ZXGNcy-n7swkNu1_PvW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/9LxgfTOJcoE2_jHJSOljCVVPS5Y.roa
Signing time: Mon 24 Mar 2025 13:28:21 +0000
ROA not before: Mon 24 Mar 2025 13:28:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211906
IP address blocks: 2a0c:8cc0::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:57:07:01:65:b6:69:94:84:97:8e:c1:97:8c:da:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6d1f110f595c635ccbe9fbb3090dbb5fcfbd6e
Validity
Not Before: Mar 24 13:28:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4bc607d3389728136fe31c948e96309554f4b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8d:df:41:f6:e6:b3:d3:16:4b:a8:ba:38:4e:
96:bf:b1:81:42:6e:19:3f:a1:34:ad:24:96:39:cb:
b5:46:ab:8e:64:be:c2:b3:92:1d:15:93:57:da:3c:
6e:cf:98:f8:55:87:92:4c:7b:28:62:4c:0c:e4:4b:
3c:59:ad:db:7e:0d:96:e2:ae:0a:8c:c8:ab:ed:77:
55:e2:b9:83:d7:fd:f3:66:51:aa:b5:98:86:b1:eb:
bc:cb:e3:12:23:6b:92:1f:a7:dd:b9:37:f4:0e:ff:
47:2c:70:03:23:62:7d:c6:e8:27:b0:74:6a:75:fd:
34:78:54:28:70:5e:d7:75:44:31:f1:e0:a0:fb:7d:
18:85:2d:f6:63:42:ac:8f:7d:c9:b0:54:a2:c5:6b:
58:f0:90:f6:28:51:09:3a:1e:37:9a:a5:12:84:e2:
a9:fd:40:ad:cd:20:56:d8:ae:99:25:1a:6a:c7:eb:
a3:7e:db:44:74:02:6b:bc:97:23:23:74:56:6c:22:
6e:ac:f2:a8:79:28:9a:72:72:84:ea:28:fa:fb:01:
dc:63:41:09:aa:c8:c7:81:22:86:c3:54:f2:c0:7c:
9f:61:84:d2:d5:27:21:56:45:86:fa:06:a3:23:7f:
12:d6:d7:ab:ee:34:c4:ca:ed:77:f3:c0:4c:3d:da:
b6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BC:60:7D:33:89:72:81:36:FE:31:C9:48:E9:63:09:55:4F:4B:96
X509v3 Authority Key Identifier:
keyid:6D:6D:1F:11:0F:59:5C:63:5C:CB:E9:FB:B3:09:0D:BB:5F:CF:BD:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW0fEQ9ZXGNcy-n7swkNu1_PvW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/9LxgfTOJcoE2_jHJSOljCVVPS5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b247da-3192-4813-bff4-2c7e2e4a9747/1/bW0fEQ9ZXGNcy-n7swkNu1_PvW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:8cc0::/29
Signature Algorithm: sha256WithRSAEncryption
00:10:db:d2:e9:aa:32:0a:9f:51:61:24:9b:4f:99:ed:c8:e9:
5d:0b:f3:19:80:b4:da:7f:21:41:0c:4e:e3:37:f2:1a:56:e4:
2f:70:52:46:35:76:cb:5a:0c:10:9e:89:9d:66:ae:48:90:58:
6f:7b:24:55:e0:eb:0e:53:56:36:c2:bb:45:ab:02:f7:f8:85:
eb:79:01:3f:70:28:aa:e7:ec:74:f6:4b:fd:15:ca:6d:99:7e:
ca:da:52:02:1f:8a:7f:fb:0a:f4:7a:9b:92:dd:9c:bf:ed:9d:
a0:4d:38:90:6a:89:5c:36:95:10:bc:e8:96:cb:49:3e:25:ec:
f0:1a:8a:6d:32:a4:86:65:57:2e:33:de:12:c7:55:0a:34:99:
36:26:c6:eb:34:84:82:e0:05:9d:5a:b0:99:92:16:fa:38:80:
80:22:65:88:22:23:f1:3b:f0:00:50:f0:99:5c:2a:c0:29:f2:
7f:6d:c9:8d:99:18:7c:12:8a:b0:b3:fe:f1:0a:fb:91:bf:c2:
48:4b:97:f3:cf:e9:b9:7f:c3:7b:88:6b:0b:82:5a:57:e9:55:
6b:ef:db:e4:a9:d4:44:eb:09:3a:d1:1b:a7:b6:af:a8:2f:1b:
70:ba:a5:de:af:76:3d:92:4e:51:ff:f8:23:75:1d:09:5c:20:
bf:1b:67:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZXIVwcBZbZplISXjsGXjNqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNmQxZjExMGY1OTVjNjM1Y2NiZTlmYmIzMDkwZGJiNWZj
ZmJkNmUwHhcNMjUwMzI0MTMyODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJjNjA3ZDMzODk3MjgxMzZmZTMxYzk0OGU5NjMwOTU1NGY0Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA443fQfbms9MWS6i6OE6Wv7GBQm4Z
P6E0rSSWOcu1RquOZL7Cs5IdFZNX2jxuz5j4VYeSTHsoYkwM5Es8Wa3bfg2W4q4K
jMir7XdV4rmD1/3zZlGqtZiGseu8y+MSI2uSH6fduTf0Dv9HLHADI2J9xugnsHRq
df00eFQocF7XdUQx8eCg+30YhS32Y0Ksj33JsFSixWtY8JD2KFEJOh43mqUShOKp
/UCtzSBW2K6ZJRpqx+ujfttEdAJrvJcjI3RWbCJurPKoeSiacnKE6ij6+wHcY0EJ
qsjHgSKGw1TywHyfYYTS1SchVkWG+gajI38S1ter7jTEyu1388BMPdq2bQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPS8YH0ziXKBNv4xyUjpYwlVT0uWMB8GA1UdIwQY
MBaAFG1tHxEPWVxjXMvp+7MJDbtfz71uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlcwZkVROVpYR05jeS1uN3N3a051MV9Qdlc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9iMjQ3ZGEtMzE5Mi00ODEzLWJmZjQt
MmM3ZTJlNGE5NzQ3LzEvOUx4Z2ZUT0pjb0UyX2pISlNPbGpDVlZQUzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9iMjQ3ZGEtMzE5Mi00ODEzLWJmZjQtMmM3ZTJlNGE5NzQ3
LzEvYlcwZkVROVpYR05jeS1uN3N3a051MV9Qdlc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgyMwDAN
BgkqhkiG9w0BAQsFAAOCAQEAABDb0umqMgqfUWEkm0+Z7cjpXQvzGYC02n8hQQxO
4zfyGlbkL3BSRjV2y1oMEJ6JnWauSJBYb3skVeDrDlNWNsK7RasC9/iF63kBP3Ao
qufsdPZL/RXKbZl+ytpSAh+Kf/sK9Hqbkt2cv+2doE04kGqJXDaVELzolstJPiXs
8BqKbTKkhmVXLjPeEsdVCjSZNibG6zSEguAFnVqwmZIW+jiAgCJliCIj8TvwAFDw
mVwqwCnyf23JjZkYfBKKsLP+8Qr7kb/CSEuX88/puX/De4hrC4JaV+lVa+/b5KnU
ROsJOtEbp7avqC8bcLql3q92PZJOUf/4I3UdCVwgvxtnMg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:24:33 2025 by rpki-client