Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/bTRllN3rhV7rnjQJp0rvDHo40Gs.roa
File: bTRllN3rhV7rnjQJp0rvDHo40Gs.roa (raw, json)
Hash identifier: Bx0kFO6OMs0rFfJ2IZkuiIUT2mg/0ptdVSDBzsrl1H8=
Subject key identifier: 6D:34:65:94:DD:EB:85:5E:EB:9E:34:09:A7:4A:EF:0C:7A:38:D0:6B
Certificate issuer: /CN=d36be6f075400d305a16dde690e25cbd94645cbe
Certificate serial: 01941F8CA1DA2B868341769CA769D37C0345
Authority key identifier: D3:6B:E6:F0:75:40:0D:30:5A:16:DD:E6:90:E2:5C:BD:94:64:5C:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02vm8HVADTBaFt3mkOJcvZRkXL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/bTRllN3rhV7rnjQJp0rvDHo40Gs.roa
Signing time: Wed 01 Jan 2025 01:48:17 +0000
ROA not before: Wed 01 Jan 2025 01:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213330
IP address blocks: 2001:678:d20::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:a1:da:2b:86:83:41:76:9c:a7:69:d3:7c:03:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d36be6f075400d305a16dde690e25cbd94645cbe
Validity
Not Before: Jan 1 01:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d346594ddeb855eeb9e3409a74aef0c7a38d06b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:18:51:7f:90:a7:44:ee:f4:f7:da:8f:d2:07:
6d:6f:55:c8:2a:37:ed:9e:11:e2:5f:b3:a7:5b:e5:
3a:c4:86:b8:ab:e5:d9:e8:22:85:cf:6c:f0:35:9d:
2d:ff:4e:af:20:fe:c6:2c:c9:b2:5d:3a:a2:41:18:
37:02:50:c2:a3:68:79:44:3d:d6:f2:f6:57:a9:f4:
09:7a:95:02:52:72:0c:de:99:5a:97:7c:2f:3f:cb:
d9:8c:aa:f2:bd:45:3c:c1:10:49:fc:83:f7:93:a9:
a7:85:c1:fd:26:e7:ba:6f:dc:19:95:35:ed:60:03:
09:ca:76:ff:8b:4a:ef:cc:a5:c3:98:c8:4e:6c:f4:
93:71:d9:43:39:33:90:6f:c8:6f:9b:5c:8e:28:c9:
20:e2:32:c2:a8:6a:5a:57:19:fc:c1:42:21:7d:72:
b2:01:65:d9:c0:f8:1c:8a:5c:fd:cd:e0:18:0f:74:
ee:eb:59:7a:24:af:71:93:91:44:b1:13:e8:28:b0:
04:a2:44:6b:de:a4:a1:a3:ba:c0:7b:2d:b2:4c:d6:
0a:81:9e:4d:13:33:ec:ca:fd:e3:f3:12:5b:18:af:
9f:42:bd:16:66:b3:b0:49:fd:71:24:96:18:90:c9:
0d:b1:61:fc:4f:ea:08:93:b1:cf:c8:26:23:55:d9:
67:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:34:65:94:DD:EB:85:5E:EB:9E:34:09:A7:4A:EF:0C:7A:38:D0:6B
X509v3 Authority Key Identifier:
keyid:D3:6B:E6:F0:75:40:0D:30:5A:16:DD:E6:90:E2:5C:BD:94:64:5C:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02vm8HVADTBaFt3mkOJcvZRkXL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/bTRllN3rhV7rnjQJp0rvDHo40Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0fde38-e9b9-4b69-b414-30c1c5a080d9/1/02vm8HVADTBaFt3mkOJcvZRkXL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:d20::/48
Signature Algorithm: sha256WithRSAEncryption
0c:d0:f3:81:b9:d8:49:b8:1a:20:75:63:5e:8e:35:58:fa:21:
fd:a5:b0:91:e3:f0:e8:4f:4d:09:99:1c:bf:63:65:d1:e1:e4:
49:26:f4:13:bf:e9:5e:79:66:71:1d:11:c0:ec:55:43:f3:08:
45:81:08:69:c1:89:2b:ae:05:33:a8:b7:b2:47:2a:b2:e5:76:
57:6d:22:ef:1b:d4:cc:f3:33:d8:b8:42:dc:f4:8d:87:29:7a:
b3:cc:41:96:4d:73:92:74:f4:3f:9f:29:55:a0:cb:84:c6:3c:
d6:24:38:57:e2:5b:c2:af:41:58:0e:32:75:fa:ef:02:54:28:
76:af:99:9d:d1:be:4c:cd:45:83:33:55:59:c2:7e:52:7e:8a:
3c:b2:fd:98:cd:1e:72:95:63:36:3a:dd:ae:7b:82:cb:a3:3f:
38:15:c6:6a:d1:01:28:6e:80:bb:33:87:f5:5a:60:3d:4b:df:
f5:28:7e:61:2b:86:d3:89:72:ca:4b:83:b3:3d:3b:69:cf:38:
55:5c:0d:d3:98:5d:f7:4c:96:ca:90:e0:0d:c1:b0:d9:69:b5:
fe:d0:bf:ee:9b:d4:a5:34:17:46:b9:b8:3e:7e:95:5b:b1:c0:
5b:67:de:e2:c4:00:17:8a:b3:fb:5d:d0:ba:7f:4a:88:21:4c:
26:0d:07:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjKHaK4aDQXacp2nTfANFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNmJlNmYwNzU0MDBkMzA1YTE2ZGRlNjkwZTI1Y2JkOTQ2
NDVjYmUwHhcNMjUwMTAxMDE0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDM0NjU5NGRkZWI4NTVlZWI5ZTM0MDlhNzRhZWYwYzdhMzhkMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxhRf5CnRO7099qP0gdtb1XIKjft
nhHiX7OnW+U6xIa4q+XZ6CKFz2zwNZ0t/06vIP7GLMmyXTqiQRg3AlDCo2h5RD3W
8vZXqfQJepUCUnIM3plal3wvP8vZjKryvUU8wRBJ/IP3k6mnhcH9Jue6b9wZlTXt
YAMJynb/i0rvzKXDmMhObPSTcdlDOTOQb8hvm1yOKMkg4jLCqGpaVxn8wUIhfXKy
AWXZwPgcilz9zeAYD3Tu61l6JK9xk5FEsRPoKLAEokRr3qSho7rAey2yTNYKgZ5N
EzPsyv3j8xJbGK+fQr0WZrOwSf1xJJYYkMkNsWH8T+oIk7HPyCYjVdlnOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG00ZZTd64Ve6540CadK7wx6ONBrMB8GA1UdIwQY
MBaAFNNr5vB1QA0wWhbd5pDiXL2UZFy+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJ2bThIVkFEVEJhRnQzbWtPSmN2WlJrWEw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wZmRlMzgtZTliOS00YjY5LWI0MTQt
MzBjMWM1YTA4MGQ5LzEvYlRSbGxOM3JoVjdybmpRSnAwcnZESG80MEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wZmRlMzgtZTliOS00YjY5LWI0MTQtMzBjMWM1YTA4MGQ5
LzEvMDJ2bThIVkFEVEJhRnQzbWtPSmN2WlJrWEw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA0g
MA0GCSqGSIb3DQEBCwUAA4IBAQAM0POBudhJuBogdWNejjVY+iH9pbCR4/DoT00J
mRy/Y2XR4eRJJvQTv+leeWZxHRHA7FVD8whFgQhpwYkrrgUzqLeyRyqy5XZXbSLv
G9TM8zPYuELc9I2HKXqzzEGWTXOSdPQ/nylVoMuExjzWJDhX4lvCr0FYDjJ1+u8C
VCh2r5md0b5MzUWDM1VZwn5Sfoo8sv2YzR5ylWM2Ot2ue4LLoz84FcZq0QEoboC7
M4f1WmA9S9/1KH5hK4bTiXLKS4OzPTtpzzhVXA3TmF33TJbKkOANwbDZabX+0L/u
m9SlNBdGubg+fpVbscBbZ97ixAAXirP7XdC6f0qIIUwmDQfA
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:23 2025 by rpki-client