Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/bSQ2KJkghyGNH1xM4L0qwKLgqKc.roa
File: bSQ2KJkghyGNH1xM4L0qwKLgqKc.roa (raw, json)
Hash identifier: ferYAqATun5kAev+OYfREU8H5PWvsH+O2JxdN9vsL3s=
Subject key identifier: 6D:24:36:28:99:20:87:21:8D:1F:5C:4C:E0:BD:2A:C0:A2:E0:A8:A7
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0195084A028F175A7A48A6CC1776A239536F
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/bSQ2KJkghyGNH1xM4L0qwKLgqKc.roa
Signing time: Sat 15 Feb 2025 06:27:02 +0000
ROA not before: Sat 15 Feb 2025 06:27:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213436
IP address blocks: 2a14:67c1:500::/40 maxlen: 48
2a14:67c1:600::/40 maxlen: 48
2a14:67c1:1000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:08:4a:02:8f:17:5a:7a:48:a6:cc:17:76:a2:39:53:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Feb 15 06:27:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d243628992087218d1f5c4ce0bd2ac0a2e0a8a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5d:5a:ca:92:32:37:5e:bf:55:8d:d3:bf:fb:
45:4f:3b:ab:16:df:54:b3:c7:7e:69:32:1d:49:29:
36:77:2c:87:c4:bf:92:2b:4d:4b:27:4a:40:c7:6d:
48:a8:70:e5:55:db:52:4d:27:e5:91:51:f1:2c:ac:
82:18:17:05:d7:a9:c1:c3:62:4c:80:8c:cb:28:69:
ad:47:2c:de:ed:14:60:c3:d0:28:66:98:67:e4:69:
71:03:11:53:46:3e:4a:7c:04:d1:d1:18:8a:5f:ce:
a3:da:22:4c:05:4b:ea:c9:84:b2:4a:eb:48:c7:64:
4f:d7:20:ec:4b:5f:7e:58:c6:5c:bb:1e:59:dd:6f:
01:77:28:e6:de:e7:21:fb:ce:95:d1:14:f7:4e:b6:
00:91:17:2c:12:75:93:21:9f:80:b9:0e:84:38:d4:
3e:29:b9:e7:ef:48:56:46:47:34:62:12:61:08:b1:
ff:3c:db:ff:16:91:1f:27:b1:1d:35:c2:21:b5:95:
54:9f:41:e7:19:e0:cd:36:a6:d9:4b:29:50:76:ee:
09:7f:20:1a:5d:ee:a0:57:a0:20:f3:0d:d5:ef:9e:
45:76:8b:c8:a5:8f:23:15:16:4e:aa:69:a6:b4:c5:
a7:22:b7:dc:ab:aa:2c:c9:3d:ea:e4:e3:5d:fe:3e:
bf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:24:36:28:99:20:87:21:8D:1F:5C:4C:E0:BD:2A:C0:A2:E0:A8:A7
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/bSQ2KJkghyGNH1xM4L0qwKLgqKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:500::-2a14:67c1:6ff:ffff:ffff:ffff:ffff:ffff
2a14:67c1:1000::/36
Signature Algorithm: sha256WithRSAEncryption
a7:26:e3:1d:d5:9e:98:b8:21:a1:92:ae:23:40:00:ef:b3:54:
9d:b5:16:e5:2c:0a:11:d9:82:c6:71:1f:61:a4:8d:59:24:1b:
07:eb:e1:e7:b1:c9:97:9d:dd:24:45:02:a9:dc:fe:f2:a7:a7:
68:0e:01:d9:d7:c5:66:82:46:aa:92:e1:43:23:e1:c1:69:b4:
73:70:1c:c2:29:63:07:6a:cb:47:3b:b4:79:ea:b1:8b:f2:a9:
3d:1e:41:26:30:27:39:76:de:30:81:64:33:03:db:69:1c:8b:
cb:a5:01:ac:12:32:ce:71:61:a0:1e:05:9e:e3:4d:57:e7:37:
8c:c2:15:76:18:78:b0:07:45:b8:a4:ec:9b:ab:92:b0:65:26:
dd:ad:da:8c:06:da:50:ba:d6:79:0e:44:d9:6d:7e:27:ef:a1:
20:7f:19:e7:1a:9b:b2:e9:5c:0a:5e:6c:6f:6d:0e:3f:3b:9b:
fb:04:54:d2:e7:59:bc:36:12:55:7f:aa:50:61:5b:02:04:74:
8a:47:d2:bf:a6:c7:a3:55:13:51:3c:38:09:c8:4e:16:ac:7c:
b3:7b:00:52:21:5d:f7:d0:ed:4c:8b:61:47:4d:1d:1d:4a:23:
0c:b9:38:51:aa:2a:04:f6:c6:98:40:df:65:c3:67:6f:66:47:
77:05:07:98
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZUISgKPF1p6SKbMF3aiOVNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwMjE1MDYyNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDI0MzYyODk5MjA4NzIxOGQxZjVjNGNlMGJkMmFjMGEyZTBhOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA211aypIyN16/VY3Tv/tFTzurFt9U
s8d+aTIdSSk2dyyHxL+SK01LJ0pAx21IqHDlVdtSTSflkVHxLKyCGBcF16nBw2JM
gIzLKGmtRyze7RRgw9AoZphn5GlxAxFTRj5KfATR0RiKX86j2iJMBUvqyYSySutI
x2RP1yDsS19+WMZcux5Z3W8Bdyjm3uch+86V0RT3TrYAkRcsEnWTIZ+AuQ6EONQ+
Kbnn70hWRkc0YhJhCLH/PNv/FpEfJ7EdNcIhtZVUn0HnGeDNNqbZSylQdu4JfyAa
Xe6gV6Ag8w3V755FdovIpY8jFRZOqmmmtMWnIrfcq6osyT3q5ONd/j6/dwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG0kNiiZIIchjR9cTOC9KsCi4KinMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvYlNRMktKa2doeUdOSDF4TTRMMHF3S0xncUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaMBADBgAqFGfB
BQMGACoUZ8EGAwYEKhRnwRAwDQYJKoZIhvcNAQELBQADggEBAKcm4x3Vnpi4IaGS
riNAAO+zVJ21FuUsChHZgsZxH2GkjVkkGwfr4eexyZed3SRFAqnc/vKnp2gOAdnX
xWaCRqqS4UMj4cFptHNwHMIpYwdqy0c7tHnqsYvyqT0eQSYwJzl23jCBZDMD22kc
i8ulAawSMs5xYaAeBZ7jTVfnN4zCFXYYeLAHRbik7JurkrBlJt2t2owG2lC61nkO
RNltfifvoSB/Gecam7LpXApebG9tDj87m/sEVNLnWbw2ElV/qlBhWwIEdIpH0r+m
x6NVE1E8OAnIThasfLN7AFIhXffQ7UyLYUdNHR1KIwy5OFGqKgT2xphA32XDZ29m
R3cFB5g=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:08 2025 by rpki-client