Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/bCaBS4aQHjuaa_tTVMTRXq8OR_U.roa
File: bCaBS4aQHjuaa_tTVMTRXq8OR_U.roa (raw, json)
Hash identifier: 7H4q9uVHSlMkwQO5xRA3Q4nmZoDkIn1SJmtZoSSXixQ=
Subject key identifier: 6C:26:81:4B:86:90:1E:3B:9A:6B:FB:53:54:C4:D1:5E:AF:0E:47:F5
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0194744CA0B58AFCF7418C5049BE804CDDF6
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/bCaBS4aQHjuaa_tTVMTRXq8OR_U.roa
Signing time: Fri 17 Jan 2025 12:46:06 +0000
ROA not before: Fri 17 Jan 2025 12:46:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215096
IP address blocks: 2a0d:d940:30::/44 maxlen: 44
2a0d:d940:9000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:74:4c:a0:b5:8a:fc:f7:41:8c:50:49:be:80:4c:dd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jan 17 12:46:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c26814b86901e3b9a6bfb5354c4d15eaf0e47f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:22:1e:0b:a2:d3:59:80:1a:f3:2c:4a:cd:2a:
3d:c8:40:ea:84:b3:9d:a2:12:ac:38:bc:94:1e:d0:
ac:17:d9:e6:eb:f9:c7:dc:fe:2c:32:58:f9:cb:ea:
ee:78:f4:85:0c:8e:1a:91:9f:aa:b9:fd:fb:cb:a0:
55:08:43:95:07:c5:10:99:da:62:b2:26:cd:cd:0c:
61:1a:10:52:30:64:b4:af:de:40:c9:4e:23:24:7d:
ea:48:90:3b:fa:5e:ac:b1:de:a6:a3:1a:a4:ea:b4:
76:12:d8:7d:7d:dd:6a:d9:2f:16:97:fd:b4:76:35:
88:6f:2e:38:aa:ad:ac:f5:fa:af:c6:0d:a2:0d:96:
77:ad:5f:2d:de:e9:16:4c:9d:f9:4d:8d:9f:04:a4:
02:85:59:99:48:99:2d:35:12:1f:74:7a:97:2f:c9:
8b:a5:4e:c6:90:83:ac:e2:7b:b9:f7:08:6a:7e:30:
cf:90:e5:9c:7c:d2:9d:33:c1:12:b3:e2:4b:6d:55:
af:3c:9d:ac:02:7c:d6:4f:34:65:e8:20:f4:c0:80:
48:de:74:44:cf:81:6c:54:a2:8c:70:11:21:3e:a4:
30:72:0b:19:d8:de:57:36:63:ba:22:d0:58:0e:b0:
3b:6b:b0:ce:5b:f3:2a:fb:f5:6c:3f:45:e1:3d:9a:
22:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:26:81:4B:86:90:1E:3B:9A:6B:FB:53:54:C4:D1:5E:AF:0E:47:F5
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/bCaBS4aQHjuaa_tTVMTRXq8OR_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:30::/44
2a0d:d940:9000::/48
Signature Algorithm: sha256WithRSAEncryption
40:0e:43:46:ed:ae:32:89:7b:a7:ef:2c:db:3f:42:e2:0a:92:
86:b9:04:54:41:e4:b9:c6:51:95:fe:b2:20:d9:8b:63:73:3b:
0e:a0:7d:a6:ee:8a:03:87:2a:ec:cb:59:3e:1f:51:9b:c8:fb:
70:cb:5f:18:16:7e:35:a5:71:91:d7:86:3d:ee:5e:ac:34:2a:
a4:2e:fb:b2:82:86:08:f4:80:32:be:03:19:7c:0e:7d:a4:c0:
b7:9a:7a:02:1a:84:f0:ba:84:70:3f:54:e4:4c:9f:6e:31:3c:
1e:fa:53:41:25:82:bd:1b:bc:80:da:05:6c:f3:e4:35:56:78:
10:62:93:d7:e9:86:96:35:c4:57:f6:fa:b5:32:2f:d8:2f:24:
2b:1b:f2:d1:bb:bc:09:09:0e:ff:e7:72:4f:01:24:29:da:d6:
25:02:e0:75:f0:15:3d:30:44:e3:41:82:3b:a3:e4:c7:00:72:
2b:5e:a5:8d:be:2a:11:8c:21:dc:55:1a:d0:92:f1:59:9b:40:
18:4f:25:63:90:36:a0:c7:2a:52:f7:18:b0:9c:c4:f9:2a:50:
2b:3d:ce:7e:22:2e:dc:d8:09:d6:e3:f5:7c:93:c5:61:c9:62:
ad:2e:51:a3:9c:ca:5a:3f:fb:cf:bc:09:ce:c1:f2:62:4b:8a:
da:be:33:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZR0TKC1ivz3QYxQSb6ATN32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwMTE3MTI0NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzI2ODE0Yjg2OTAxZTNiOWE2YmZiNTM1NGM0ZDE1ZWFmMGU0N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9CIeC6LTWYAa8yxKzSo9yEDqhLOd
ohKsOLyUHtCsF9nm6/nH3P4sMlj5y+ruePSFDI4akZ+quf37y6BVCEOVB8UQmdpi
sibNzQxhGhBSMGS0r95AyU4jJH3qSJA7+l6ssd6moxqk6rR2Eth9fd1q2S8Wl/20
djWIby44qq2s9fqvxg2iDZZ3rV8t3ukWTJ35TY2fBKQChVmZSJktNRIfdHqXL8mL
pU7GkIOs4nu59whqfjDPkOWcfNKdM8ESs+JLbVWvPJ2sAnzWTzRl6CD0wIBI3nRE
z4FsVKKMcBEhPqQwcgsZ2N5XNmO6ItBYDrA7a7DOW/Mq+/VsP0XhPZoiywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGwmgUuGkB47mmv7U1TE0V6vDkf1MB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvYkNhQlM0YVFIanVhYV90VFZNVFJYcThPUl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg3ZQAAw
AwcAKg3ZQJAAMA0GCSqGSIb3DQEBCwUAA4IBAQBADkNG7a4yiXun7yzbP0LiCpKG
uQRUQeS5xlGV/rIg2YtjczsOoH2m7ooDhyrsy1k+H1GbyPtwy18YFn41pXGR14Y9
7l6sNCqkLvuygoYI9IAyvgMZfA59pMC3mnoCGoTwuoRwP1TkTJ9uMTwe+lNBJYK9
G7yA2gVs8+Q1VngQYpPX6YaWNcRX9vq1Mi/YLyQrG/LRu7wJCQ7/53JPASQp2tYl
AuB18BU9METjQYI7o+THAHIrXqWNvioRjCHcVRrQkvFZm0AYTyVjkDagxypS9xiw
nMT5KlArPc5+Ii7c2AnW4/V8k8VhyWKtLlGjnMpaP/vPvAnOwfJiS4ravjNs
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:36:24 2025 by rpki-client