Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/2BHESDQV91YwVX5jNct9kakcy8s.roa
File: 2BHESDQV91YwVX5jNct9kakcy8s.roa (raw, json)
Hash identifier: o6c2oQrn//1poKGJ52xepZLmWvSJyVfkhRSG+luX1g8=
Subject key identifier: D8:11:C4:48:34:15:F7:56:30:55:7E:63:35:CB:7D:91:A9:1C:CB:CB
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 018CC64B2585847FD3A04BEB838CE42EE695
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/2BHESDQV91YwVX5jNct9kakcy8s.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63800
IP address blocks: 2a12:f8c2:700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:25:85:84:7f:d3:a0:4b:eb:83:8c:e4:2e:e6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d811c4483415f75630557e6335cb7d91a91ccbcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:37:97:0f:8a:b1:72:8a:6d:b6:9e:bb:60:6b:
62:db:2e:c4:f5:f2:d3:39:4a:91:ba:a3:50:9a:ad:
4e:8a:60:39:05:a3:72:fd:48:2d:28:92:d8:0f:ba:
13:0a:19:b1:81:1c:17:12:87:66:20:4a:00:fe:f3:
d6:3f:64:80:79:f4:54:d1:63:46:45:be:1a:e6:63:
1b:61:51:ac:94:2e:07:09:e4:34:da:a3:6b:11:ac:
3f:87:2c:37:11:fa:3c:8a:41:46:43:ca:0a:8b:0b:
b4:c0:ca:41:1b:ff:24:99:04:e3:9b:a1:8f:6a:cd:
8a:15:6c:01:5d:77:8d:20:f9:da:42:a4:0d:59:e2:
f6:a4:02:65:a4:d6:dc:4b:fb:1c:fd:ad:48:e3:a1:
79:23:94:ae:a4:e6:3f:de:10:83:e4:66:76:98:94:
1d:22:4a:1c:db:b1:c2:d3:c3:36:e6:0e:6d:92:2d:
fe:a6:07:17:37:ea:1f:37:98:ea:e5:54:7e:a7:56:
ce:a3:06:c3:3b:51:11:1c:73:16:23:c1:43:a3:76:
da:a9:b4:7a:f8:f8:0c:d5:63:c2:d9:a2:6b:8f:83:
9a:46:76:d7:66:63:64:d6:dc:80:7e:08:00:88:d4:
2b:37:ab:23:a4:ed:09:67:aa:a2:f1:87:b4:fc:37:
72:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:11:C4:48:34:15:F7:56:30:55:7E:63:35:CB:7D:91:A9:1C:CB:CB
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/2BHESDQV91YwVX5jNct9kakcy8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c2:700::/40
Signature Algorithm: sha256WithRSAEncryption
b3:9c:89:05:55:74:35:56:23:5a:cc:9b:1c:6c:6d:26:48:75:
3f:c3:98:7d:b9:fd:d4:90:63:42:a7:e4:7a:32:90:2c:41:bb:
be:0a:96:80:55:f3:f4:22:3c:04:bf:27:25:74:d1:ff:9e:ca:
53:e4:70:19:7b:b0:a7:ea:0d:3f:1c:35:bc:67:ac:4c:f7:73:
cd:82:bd:ea:53:e5:0b:b6:64:e0:1c:f0:b0:2a:b3:4d:b1:51:
0d:9c:66:cb:2e:27:01:41:b2:15:7f:a8:a5:07:73:05:e2:83:
c5:ba:08:1f:d6:60:45:05:85:71:a1:cc:67:61:6c:34:b9:35:
05:7c:62:89:34:22:b7:0a:93:aa:22:73:fb:3b:c8:40:2b:5d:
22:36:f6:a6:3a:00:f5:5e:52:2b:5a:a2:8c:95:68:a9:63:a3:
1a:8a:dc:e8:f5:04:1b:5b:e5:c2:4e:2d:b3:22:16:14:da:0c:
f1:0f:e7:fe:12:a9:cb:ab:6e:e9:0c:35:fb:74:35:5a:10:a5:
96:0a:2e:66:72:d9:68:12:4b:5d:dc:19:84:75:f3:e3:76:d5:
35:30:a1:78:07:88:f0:45:9b:86:68:16:60:3f:7d:d7:6e:4b:
40:fe:27:4a:15:e6:47:eb:81:a5:d6:52:c0:8a:8e:9a:0d:0d:
f2:35:5f:b4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzGSyWFhH/ToEvrg4zkLuaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODExYzQ0ODM0MTVmNzU2MzA1NTdlNjMzNWNiN2Q5MWE5MWNjYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTeXD4qxcopttp67YGti2y7E9fLT
OUqRuqNQmq1OimA5BaNy/UgtKJLYD7oTChmxgRwXEodmIEoA/vPWP2SAefRU0WNG
Rb4a5mMbYVGslC4HCeQ02qNrEaw/hyw3Efo8ikFGQ8oKiwu0wMpBG/8kmQTjm6GP
as2KFWwBXXeNIPnaQqQNWeL2pAJlpNbcS/sc/a1I46F5I5SupOY/3hCD5GZ2mJQd
Ikoc27HC08M25g5tki3+pgcXN+ofN5jq5VR+p1bOowbDO1ERHHMWI8FDo3baqbR6
+PgM1WPC2aJrj4OaRnbXZmNk1tyAfggAiNQrN6sjpO0JZ6qi8Ye0/DdyjwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNgRxEg0FfdWMFV+YzXLfZGpHMvLMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvMkJIRVNEUVY5MVl3Vlg1ak5jdDlrYWtjeThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhL4wgcw
DQYJKoZIhvcNAQELBQADggEBALOciQVVdDVWI1rMmxxsbSZIdT/DmH25/dSQY0Kn
5HoykCxBu74KloBV8/QiPAS/JyV00f+eylPkcBl7sKfqDT8cNbxnrEz3c82CvepT
5Qu2ZOAc8LAqs02xUQ2cZssuJwFBshV/qKUHcwXig8W6CB/WYEUFhXGhzGdhbDS5
NQV8Yok0IrcKk6oic/s7yEArXSI29qY6APVeUitaooyVaKljoxqK3Oj1BBtb5cJO
LbMiFhTaDPEP5/4SqcurbukMNft0NVoQpZYKLmZy2WgSS13cGYR18+N21TUwoXgH
iPBFm4ZoFmA/fdduS0D+J0oV5kfrgaXWUsCKjpoNDfI1X7Q=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:09:04 2025 by rpki-client