Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/6a7X1voDRZgIfbbKk3z8lwfZxaY.roa
File: 6a7X1voDRZgIfbbKk3z8lwfZxaY.roa (raw, json)
Hash identifier: AaS2aTB6rrSjlOkbBkKHW5hu9doZ/g90zlDcUQsA1d0=
Subject key identifier: E9:AE:D7:D6:FA:03:45:98:08:7D:B6:CA:93:7C:FC:97:07:D9:C5:A6
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 019421446042E03C0A2D759ECDD2A24F122A
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/6a7X1voDRZgIfbbKk3z8lwfZxaY.roa
Signing time: Wed 01 Jan 2025 09:48:36 +0000
ROA not before: Wed 01 Jan 2025 09:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215250
IP address blocks: 2a06:d1c3::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:60:42:e0:3c:0a:2d:75:9e:cd:d2:a2:4f:12:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Jan 1 09:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9aed7d6fa034598087db6ca937cfc9707d9c5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:a6:e8:00:43:bf:40:e3:c8:15:70:81:30:99:
96:b0:20:a2:d3:f4:9b:6f:90:78:ba:b5:27:b4:df:
58:81:0a:7d:6c:21:74:5f:8e:b3:b4:39:19:ac:af:
fc:78:df:76:1e:a5:ce:47:23:71:9d:ef:a6:66:f3:
67:df:db:b4:2d:ec:cd:3c:51:eb:8d:85:e2:c1:93:
53:73:6b:0d:6e:9a:76:c0:3a:35:1d:d6:08:e4:39:
b5:b2:ca:a3:e8:7a:d0:9f:18:f2:69:71:be:2a:79:
17:57:c0:4f:f7:9a:81:f3:18:e0:b2:02:4c:ab:a4:
53:6f:65:24:88:9d:45:9b:6d:ea:10:1e:20:4a:c1:
76:5d:a1:b2:e2:ce:9a:72:3c:e7:20:83:58:ee:d9:
9f:38:88:75:79:98:59:d1:26:34:94:95:36:b6:ff:
ad:ce:90:3d:4e:67:2c:00:f4:59:48:08:44:e5:bb:
ba:83:7f:f1:e7:1e:a4:97:1f:10:58:13:03:d6:b5:
ad:fb:31:33:a5:13:51:cd:67:b2:fb:ea:ea:8c:f1:
4a:dd:ef:c2:3e:92:eb:a8:23:e6:22:47:0a:b7:07:
06:c7:8e:4a:69:f2:a5:d9:8e:1d:81:6e:77:df:0d:
52:f5:4c:e1:d9:5a:30:ca:4b:3b:33:83:6d:f4:8b:
97:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:AE:D7:D6:FA:03:45:98:08:7D:B6:CA:93:7C:FC:97:07:D9:C5:A6
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/6a7X1voDRZgIfbbKk3z8lwfZxaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:d1c3::/32
Signature Algorithm: sha256WithRSAEncryption
35:c6:bd:7d:ec:b3:62:ca:e6:50:58:1a:e5:ee:68:73:97:e3:
bb:53:03:94:62:53:2a:ef:e9:42:af:98:39:a6:cd:59:bf:54:
4c:56:8f:52:f1:11:ab:23:08:d1:46:89:97:d6:a0:74:6d:61:
9f:89:f2:13:74:2d:b3:3f:be:22:0d:02:b9:9f:05:00:c8:a2:
9e:f3:91:85:72:55:ad:ad:c3:27:a6:d9:73:85:f0:f9:1e:75:
9b:c0:fc:2e:a5:9a:aa:76:43:9a:e4:25:04:fc:f4:85:03:dd:
90:e0:02:d5:86:31:9a:95:11:03:eb:52:01:4f:35:1a:98:88:
d1:20:e0:5c:23:98:d0:65:44:a6:35:3b:f5:2b:20:76:28:2e:
51:5e:52:55:6f:c7:a8:2c:4c:83:20:7d:e6:b4:e2:65:2b:6c:
f0:6a:37:08:9e:d1:1e:1c:e5:a6:58:c8:e1:ba:e0:30:21:fd:
00:da:0b:20:01:1d:2c:83:51:f9:a7:94:3f:ef:e5:5a:81:00:
43:c9:aa:0c:23:d1:5b:ea:8c:a8:ce:a4:b9:7b:23:b7:e6:60:
cf:b4:c9:54:3e:22:89:fa:41:7d:fe:66:40:67:46:79:39:dd:
06:55:23:a4:c5:6b:5e:72:6e:e9:5b:24:13:12:6a:be:35:62:
d9:eb:e4:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQhRGBC4DwKLXWezdKiTxIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwMTAxMDk0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWFlZDdkNmZhMDM0NTk4MDg3ZGI2Y2E5MzdjZmM5NzA3ZDljNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96boAEO/QOPIFXCBMJmWsCCi0/Sb
b5B4urUntN9YgQp9bCF0X46ztDkZrK/8eN92HqXORyNxne+mZvNn39u0LezNPFHr
jYXiwZNTc2sNbpp2wDo1HdYI5Dm1ssqj6HrQnxjyaXG+KnkXV8BP95qB8xjgsgJM
q6RTb2UkiJ1Fm23qEB4gSsF2XaGy4s6acjznIINY7tmfOIh1eZhZ0SY0lJU2tv+t
zpA9TmcsAPRZSAhE5bu6g3/x5x6klx8QWBMD1rWt+zEzpRNRzWey++rqjPFK3e/C
PpLrqCPmIkcKtwcGx45KafKl2Y4dgW533w1S9Uzh2Vowyks7M4Nt9IuXswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOmu19b6A0WYCH22ypN8/JcH2cWmMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvNmE3WDF2b0RSWmdJZmJiS2szejhsd2ZaeGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgbRwzAN
BgkqhkiG9w0BAQsFAAOCAQEANca9feyzYsrmUFga5e5oc5fju1MDlGJTKu/pQq+Y
OabNWb9UTFaPUvERqyMI0UaJl9agdG1hn4nyE3Qtsz++Ig0CuZ8FAMiinvORhXJV
ra3DJ6bZc4Xw+R51m8D8LqWaqnZDmuQlBPz0hQPdkOAC1YYxmpURA+tSAU81GpiI
0SDgXCOY0GVEpjU79SsgdiguUV5SVW/HqCxMgyB95rTiZSts8Go3CJ7RHhzlpljI
4brgMCH9ANoLIAEdLINR+aeUP+/lWoEAQ8mqDCPRW+qMqM6kuXsjt+Zgz7TJVD4i
ifpBff5mQGdGeTndBlUjpMVrXnJu6VskExJqvjVi2evkMQ==
-----END CERTIFICATE-----
Generated at Thu Apr 24 22:38:45 2025 by rpki-client