Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/CB5CBkSp5_XbHhCbu5gzuxr-ikE.roa
File: CB5CBkSp5_XbHhCbu5gzuxr-ikE.roa (raw, json)
Hash identifier: RUmusAvqURlnzrmtwhQ7n7F5V/356hqfU5kGMA3LrDU=
Subject key identifier: 08:1E:42:06:44:A9:E7:F5:DB:1E:10:9B:BB:98:33:BB:1A:FE:8A:41
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 01856D8ABA5A7185060D53884208154E312F
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/CB5CBkSp5_XbHhCbu5gzuxr-ikE.roa
Signing time: Sun 01 Jan 2023 13:34:46 +0000
ROA not before: Sun 01 Jan 2023 13:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39765
IP address blocks: 2a0b:b600:3c02::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ba:5a:71:85:06:0d:53:88:42:08:15:4e:31:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 1 13:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=081e420644a9e7f5db1e109bbb9833bb1afe8a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ba:11:75:24:df:97:c1:c9:6f:14:33:8a:f7:
8e:ff:b7:de:2c:98:c6:8f:0c:3c:61:91:80:37:93:
d3:2b:99:26:74:b3:94:68:1b:8f:86:30:9f:58:c2:
b3:ab:cf:9d:00:52:cd:35:26:d1:46:48:6d:c3:a9:
ad:78:1c:ae:5a:f2:fc:9f:9a:25:39:e1:c9:f6:51:
3c:96:0a:a4:97:96:b3:5d:c9:8d:b7:eb:53:c0:ca:
ac:f7:9c:ec:76:b4:60:70:cf:f8:57:97:f0:6f:c5:
82:36:dc:e4:06:44:1a:fc:10:78:26:6b:8d:ee:69:
8d:93:37:ed:22:87:2c:95:a9:5c:e3:8c:96:3b:6a:
d0:65:3f:0c:29:05:cb:b9:af:4d:90:30:55:d1:70:
ee:92:d3:bf:66:e3:42:33:e6:ee:f5:9d:11:d3:f4:
ef:34:eb:2a:7d:56:72:cb:be:17:63:62:9b:d4:85:
ae:31:0e:fc:85:87:77:56:e8:fe:21:d2:79:20:a9:
b1:a8:b8:6e:11:46:a3:07:ca:b9:e9:97:34:c8:cb:
ff:50:7c:81:b4:3d:50:e6:8a:b8:3f:3d:af:a5:fc:
15:ae:2c:60:fa:1f:aa:f7:f7:86:8c:9d:78:1d:3c:
f9:5f:1a:5c:c8:58:6f:84:e3:1a:1a:f5:45:39:c1:
24:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1E:42:06:44:A9:E7:F5:DB:1E:10:9B:BB:98:33:BB:1A:FE:8A:41
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/CB5CBkSp5_XbHhCbu5gzuxr-ikE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b600:3c02::/48
Signature Algorithm: sha256WithRSAEncryption
7e:9d:41:0a:92:c2:0d:2d:3d:67:b5:8d:85:44:2a:cf:ad:a0:
57:af:5a:4a:7c:95:b1:7a:bd:f2:59:df:3d:17:ac:2f:bd:71:
f5:f6:4c:13:ec:17:0e:a4:00:f1:db:76:c5:6f:ab:2e:da:20:
3c:ff:4a:19:d3:fc:9b:d3:08:26:cf:c2:e9:f6:ef:73:92:f7:
12:29:ac:59:60:41:65:42:8a:15:d8:b7:0b:07:c6:c2:76:47:
1a:dc:71:e3:72:a3:a8:fb:92:9f:51:ec:b1:fb:1e:17:e6:63:
91:eb:99:f4:51:d9:23:89:e1:eb:00:28:86:ec:7d:e2:45:7a:
9c:1f:6c:ff:24:9a:ea:7d:91:4d:b7:1b:75:ba:99:00:d8:b4:
71:32:d7:5b:68:f5:a7:b6:63:d8:92:92:e4:db:81:52:54:54:
4d:10:c9:a2:8f:16:bc:66:95:7f:c9:f4:a3:24:40:d4:59:cf:
10:63:55:48:e1:36:ef:ab:03:89:66:33:f3:8d:90:08:67:96:
95:c8:fb:8a:27:c8:bd:54:3e:08:d2:b5:d8:a9:0f:0e:b9:9d:
24:8c:55:a9:32:85:5b:f0:90:89:5b:51:a1:29:2f:03:9b:ce:
2d:fb:0f:77:0a:f8:bd:2f:52:76:c7:5f:99:c5:cd:22:5c:08:
c8:06:1d:36
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVtirpacYUGDVOIQggVTjEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjMwMTAxMTMzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODFlNDIwNjQ0YTllN2Y1ZGIxZTEwOWJiYjk4MzNiYjFhZmU4YTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7oRdSTfl8HJbxQziveO/7feLJjG
jww8YZGAN5PTK5kmdLOUaBuPhjCfWMKzq8+dAFLNNSbRRkhtw6mteByuWvL8n5ol
OeHJ9lE8lgqkl5azXcmNt+tTwMqs95zsdrRgcM/4V5fwb8WCNtzkBkQa/BB4JmuN
7mmNkzftIocslalc44yWO2rQZT8MKQXLua9NkDBV0XDuktO/ZuNCM+bu9Z0R0/Tv
NOsqfVZyy74XY2Kb1IWuMQ78hYd3Vuj+IdJ5IKmxqLhuEUajB8q56Zc0yMv/UHyB
tD1Q5oq4Pz2vpfwVrixg+h+q9/eGjJ14HTz5XxpcyFhvhOMaGvVFOcEkfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAgeQgZEqef12x4Qm7uYM7sa/opBMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvQ0I1Q0JrU3A1X1hiSGhDYnU1Z3p1eHItaWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgu2ADwC
MA0GCSqGSIb3DQEBCwUAA4IBAQB+nUEKksINLT1ntY2FRCrPraBXr1pKfJWxer3y
Wd89F6wvvXH19kwT7BcOpADx23bFb6su2iA8/0oZ0/yb0wgmz8Lp9u9zkvcSKaxZ
YEFlQooV2LcLB8bCdkca3HHjcqOo+5KfUeyx+x4X5mOR65n0UdkjieHrACiG7H3i
RXqcH2z/JJrqfZFNtxt1upkA2LRxMtdbaPWntmPYkpLk24FSVFRNEMmijxa8ZpV/
yfSjJEDUWc8QY1VI4TbvqwOJZjPzjZAIZ5aVyPuKJ8i9VD4I0rXYqQ8OuZ0kjFWp
MoVb8JCJW1GhKS8Dm84t+w93Cvi9L1J2x1+Zxc0iXAjIBh02
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:31:10 2025 by rpki-client