Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/Geu0aGLB3gilPeLK0YORq9XwCrE.roa
File: Geu0aGLB3gilPeLK0YORq9XwCrE.roa (raw, json)
Hash identifier: O6P9kd9bzO9Lr5s1IdTZkfE7+8K8a0na9tcPsSiGEEs=
Subject key identifier: 19:EB:B4:68:62:C1:DE:08:A5:3D:E2:CA:D1:83:91:AB:D5:F0:0A:B1
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 01856D8ABE467BC0BDEF00DB14FC3A607C2D
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/Geu0aGLB3gilPeLK0YORq9XwCrE.roa
Signing time: Sun 01 Jan 2023 13:34:47 +0000
ROA not before: Sun 01 Jan 2023 13:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60927
IP address blocks: 2a0b:b600:3c01::/48 maxlen: 48
2a0b:b601::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:be:46:7b:c0:bd:ef:00:db:14:fc:3a:60:7c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 1 13:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=19ebb46862c1de08a53de2cad18391abd5f00ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:28:98:b3:6f:7b:7f:e0:e0:35:82:13:27:
81:e7:20:67:8e:17:c3:04:66:4c:63:09:f2:02:27:
a5:61:2b:3c:32:70:26:01:c3:b7:56:f5:e1:44:16:
21:d4:a2:51:45:16:c7:47:8a:2b:f1:27:18:4c:59:
a3:a3:61:03:51:9c:aa:f0:55:92:dc:c2:85:ec:fc:
0a:75:33:23:53:dc:ab:8b:b0:15:e2:6c:34:5b:f2:
49:55:ae:0e:1e:de:6f:de:9f:69:29:7b:05:f9:12:
12:10:98:81:6f:59:27:14:6a:a2:a2:bf:f9:20:9e:
35:a2:1b:95:36:f6:bc:73:cc:26:1c:2f:b8:3c:0c:
d8:1d:a7:a2:02:84:ae:0c:26:09:c0:46:a0:ad:ce:
bb:ac:ea:0c:86:7b:b6:34:96:84:f0:d5:fd:ab:1c:
63:05:ab:9e:d4:33:f2:48:f3:23:0d:a9:ba:52:15:
30:ce:45:93:1b:d7:fe:7b:a4:91:d0:9c:8e:ea:ac:
26:0a:32:e8:66:0c:02:91:84:40:96:65:34:32:8b:
6b:d6:cf:1a:12:cd:98:61:1c:1b:d5:ac:54:93:86:
13:98:b1:dc:57:b1:ec:52:08:b5:65:72:dd:de:74:
76:66:b2:25:d2:27:33:44:9a:db:f8:b8:fd:64:73:
61:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EB:B4:68:62:C1:DE:08:A5:3D:E2:CA:D1:83:91:AB:D5:F0:0A:B1
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/Geu0aGLB3gilPeLK0YORq9XwCrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b600:3c01::/48
2a0b:b601::/48
Signature Algorithm: sha256WithRSAEncryption
22:b6:24:c2:80:3d:7b:31:cf:1f:c6:8e:0c:b0:ed:4a:92:84:
17:df:33:9f:f7:35:47:81:98:92:13:df:26:cd:49:b8:74:9b:
d4:d0:56:89:5d:e3:e4:0f:38:65:48:8f:18:09:fb:c0:ab:11:
69:90:c4:83:e3:97:7b:c5:9f:c8:5a:c8:8f:b6:50:e5:49:c3:
8e:41:63:f2:76:3e:36:49:62:48:02:0b:ec:a5:d4:bc:c9:9c:
fb:6f:ed:06:f6:8d:9a:14:ff:0d:3e:92:f5:6e:ec:f1:67:29:
00:8b:c3:01:04:24:85:c7:d5:b1:c7:6d:e7:b5:18:15:d1:78:
79:88:c7:6a:11:6f:5d:ca:5b:bb:63:5b:6e:bf:83:1b:de:0d:
8f:8c:44:e5:25:22:48:5d:e3:b9:d8:f1:c7:b3:18:e0:02:c4:
ec:ce:a9:a1:ea:70:59:38:5c:fb:88:63:9d:d2:b7:0c:68:6e:
59:be:5a:6e:b7:46:87:ca:6c:96:2e:ac:97:36:9f:cc:a2:7f:
70:e3:f2:89:74:fb:6f:6c:30:27:8c:55:df:b2:d6:d0:3e:52:
e8:a2:af:7b:cd:d5:4f:c5:5a:5c:4b:13:4f:12:9b:b7:f0:84:
f9:05:cd:f1:1d:1c:25:6b:e3:83:28:4d:28:04:dd:d5:e8:f6:
54:d0:73:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtir5Ge8C97wDbFPw6YHwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjMwMTAxMTMzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWViYjQ2ODYyYzFkZTA4YTUzZGUyY2FkMTgzOTFhYmQ1ZjAwYWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0IomLNve3/g4DWCEyeB5yBnjhfD
BGZMYwnyAielYSs8MnAmAcO3VvXhRBYh1KJRRRbHR4or8ScYTFmjo2EDUZyq8FWS
3MKF7PwKdTMjU9yri7AV4mw0W/JJVa4OHt5v3p9pKXsF+RISEJiBb1knFGqior/5
IJ41ohuVNva8c8wmHC+4PAzYHaeiAoSuDCYJwEagrc67rOoMhnu2NJaE8NX9qxxj
Baue1DPySPMjDam6UhUwzkWTG9f+e6SR0JyO6qwmCjLoZgwCkYRAlmU0Motr1s8a
Es2YYRwb1axUk4YTmLHcV7HsUgi1ZXLd3nR2ZrIl0iczRJrb+Lj9ZHNhxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBnrtGhiwd4IpT3iytGDkavV8AqxMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvR2V1MGFHTEIzZ2lsUGVMSzBZT1JxOVh3Q3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgu2ADwB
AwcAKgu2AQAAMA0GCSqGSIb3DQEBCwUAA4IBAQAitiTCgD17Mc8fxo4MsO1KkoQX
3zOf9zVHgZiSE98mzUm4dJvU0FaJXePkDzhlSI8YCfvAqxFpkMSD45d7xZ/IWsiP
tlDlScOOQWPydj42SWJIAgvspdS8yZz7b+0G9o2aFP8NPpL1buzxZykAi8MBBCSF
x9Wxx23ntRgV0Xh5iMdqEW9dylu7Y1tuv4Mb3g2PjETlJSJIXeO52PHHsxjgAsTs
zqmh6nBZOFz7iGOd0rcMaG5Zvlput0aHymyWLqyXNp/Mon9w4/KJdPtvbDAnjFXf
stbQPlLooq97zdVPxVpcSxNPEpu38IT5Bc3xHRwla+ODKE0oBN3V6PZU0HNl
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:31:11 2025 by rpki-client