Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/6kvBNM7QxzqNFUQY6UJAUSlEXG0.roa
File: 6kvBNM7QxzqNFUQY6UJAUSlEXG0.roa (raw, json)
Hash identifier: VzytZI3MZIGD76NTvtSVMrgwhYYU4KZfB6J50PMrkLQ=
Subject key identifier: EA:4B:C1:34:CE:D0:C7:3A:8D:15:44:18:E9:42:40:51:29:44:5C:6D
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0194274798EECA38DEB3DA64F6497D8185A3
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/6kvBNM7QxzqNFUQY6UJAUSlEXG0.roa
Signing time: Thu 02 Jan 2025 13:49:51 +0000
ROA not before: Thu 02 Jan 2025 13:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12660
IP address blocks: 2.189.80.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:98:ee:ca:38:de:b3:da:64:f6:49:7d:81:85:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 13:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea4bc134ced0c73a8d154418e942405129445c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:20:3a:10:b8:06:55:ff:65:a8:d2:71:5d:de:
16:d6:7e:64:22:6f:30:14:8b:bd:85:50:19:61:2d:
5f:07:fe:e1:16:1b:6b:f5:fd:a0:ae:0b:a8:a2:a4:
db:8e:8b:4b:4b:46:95:7a:d2:ad:87:85:64:e6:da:
db:1f:e8:35:dc:9d:87:bd:ca:aa:1f:08:50:3e:b3:
b2:db:b0:69:30:8a:7e:c5:45:ad:f7:8e:a7:df:f5:
e8:1d:90:3a:a8:c2:81:07:ac:0d:92:cb:81:72:2c:
8b:81:d2:ad:95:1f:0b:94:ca:4d:04:1b:1f:5f:5f:
50:bf:e5:f6:90:13:00:e1:59:3e:9f:59:75:e9:44:
64:10:52:d4:a0:fa:1f:50:59:0b:44:2f:27:33:1e:
7d:76:51:14:94:92:bd:71:45:33:19:81:6c:97:7e:
ab:ec:de:cb:25:45:6c:bf:e2:93:8e:95:3a:2a:13:
ba:52:fd:e4:3c:b8:c1:f0:ed:9b:1f:0e:f8:73:2e:
0f:e9:0b:49:d5:87:2a:8c:06:82:34:c7:ac:fc:61:
14:e9:b6:d0:b5:db:82:1f:27:35:30:cf:91:77:08:
de:2d:51:6f:ce:bf:8d:d7:d7:d8:18:d9:12:a9:24:
3e:7a:c3:7a:52:0e:0d:82:06:6c:bb:25:58:76:bb:
2c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:4B:C1:34:CE:D0:C7:3A:8D:15:44:18:E9:42:40:51:29:44:5C:6D
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/6kvBNM7QxzqNFUQY6UJAUSlEXG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.80.0/21
Signature Algorithm: sha256WithRSAEncryption
23:0b:2b:81:8b:1a:e2:54:28:e0:fc:36:1f:d9:a2:b5:a9:4b:
e2:5a:3a:d5:2e:2f:8c:60:54:eb:09:bd:49:40:fa:c0:c5:20:
95:48:6b:3d:59:0b:28:7d:ef:bd:c7:ef:8a:e7:11:6e:62:a0:
e9:ce:c1:84:a8:c3:b1:75:4f:4f:c9:cc:e9:14:89:a6:b8:f8:
8b:e9:91:6f:3e:11:17:2f:a4:15:af:c1:f1:38:11:e5:ef:7c:
17:ad:26:92:70:bf:2e:7f:66:86:69:f9:f2:4e:52:df:f8:3c:
37:a9:f9:cb:c3:05:6b:81:71:26:f8:32:ee:02:9c:37:6a:8b:
f9:c1:12:c8:fb:73:27:d6:b1:91:3b:f0:98:48:eb:1b:99:4f:
26:79:8a:57:21:41:51:29:dd:7d:d8:d4:39:50:58:45:af:ac:
ae:5d:9e:e1:cd:57:36:32:7c:20:34:8c:53:91:29:22:06:8c:
c5:68:9f:51:f2:de:46:9c:61:9f:4b:26:4a:a6:30:d7:4d:fb:
ef:66:26:87:f5:2c:a1:2e:58:4e:fc:a7:40:7c:2d:2e:d3:ee:
07:fe:65:12:cf:e5:7d:8d:33:bc:f2:7b:0f:8e:61:17:a1:77:
dd:ae:d9:c3:c6:55:10:29:18:b4:ad:1f:4c:04:71:f6:94:68:
5e:17:00:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR5juyjjes9pk9kl9gYWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwMTAyMTM0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTRiYzEzNGNlZDBjNzNhOGQxNTQ0MThlOTQyNDA1MTI5NDQ1YzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiA6ELgGVf9lqNJxXd4W1n5kIm8w
FIu9hVAZYS1fB/7hFhtr9f2grguooqTbjotLS0aVetKth4Vk5trbH+g13J2Hvcqq
HwhQPrOy27BpMIp+xUWt946n3/XoHZA6qMKBB6wNksuBciyLgdKtlR8LlMpNBBsf
X19Qv+X2kBMA4Vk+n1l16URkEFLUoPofUFkLRC8nMx59dlEUlJK9cUUzGYFsl36r
7N7LJUVsv+KTjpU6KhO6Uv3kPLjB8O2bHw74cy4P6QtJ1YcqjAaCNMes/GEU6bbQ
tduCHyc1MM+RdwjeLVFvzr+N19fYGNkSqSQ+esN6Ug4NggZsuyVYdrss1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOpLwTTO0Mc6jRVEGOlCQFEpRFxtMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvNmt2Qk5NN1F4enFORlVRWTZVSkFVU2xFWEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDAr1QMA0G
CSqGSIb3DQEBCwUAA4IBAQAjCyuBixriVCjg/DYf2aK1qUviWjrVLi+MYFTrCb1J
QPrAxSCVSGs9WQsofe+9x++K5xFuYqDpzsGEqMOxdU9PyczpFImmuPiL6ZFvPhEX
L6QVr8HxOBHl73wXrSaScL8uf2aGafnyTlLf+Dw3qfnLwwVrgXEm+DLuApw3aov5
wRLI+3Mn1rGRO/CYSOsbmU8meYpXIUFRKd192NQ5UFhFr6yuXZ7hzVc2MnwgNIxT
kSkiBozFaJ9R8t5GnGGfSyZKpjDXTfvvZiaH9SyhLlhO/KdAfC0u0+4H/mUSz+V9
jTO88nsPjmEXoXfdrtnDxlUQKRi0rR9MBHH2lGheFwAF
-----END CERTIFICATE-----
Generated at Sat Apr 26 23:00:27 2025 by rpki-client