Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/BhR4gh6niMuAg5TJ32ur0BjKaqs.roa
File: BhR4gh6niMuAg5TJ32ur0BjKaqs.roa (raw, json)
Hash identifier: Zv2rwkQ5zJHX1INCUgBx9oQ77dKwpoY1KIJrtlNZemo=
Subject key identifier: 06:14:78:82:1E:A7:88:CB:80:83:94:C9:DF:6B:AB:D0:18:CA:6A:AB
Certificate issuer: /CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Certificate serial: 019427B683DB61C28915D9F8289F16A4A947
Authority key identifier: 30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/BhR4gh6niMuAg5TJ32ur0BjKaqs.roa
Signing time: Thu 02 Jan 2025 15:51:00 +0000
ROA not before: Thu 02 Jan 2025 15:51:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 2a13:141:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:83:db:61:c2:89:15:d9:f8:28:9f:16:a4:a9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Validity
Not Before: Jan 2 15:51:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=061478821ea788cb808394c9df6babd018ca6aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:48:d9:0d:0f:9a:89:ad:80:64:fd:2b:31:
7c:2a:09:f1:44:89:ca:54:69:c4:b7:b5:ec:a5:e2:
0a:99:cd:8c:06:83:ed:08:31:ae:da:b8:97:ca:ec:
61:6e:dc:3b:28:aa:b6:eb:06:d5:7e:0e:f4:84:12:
51:05:08:ee:b0:f1:2d:a5:33:2e:d2:bd:f3:41:4f:
57:ab:30:97:d6:a4:da:d9:1e:1a:ae:56:ae:79:ce:
3d:42:e9:75:76:1d:48:ec:73:c0:50:2b:d1:29:ab:
12:ca:49:49:a2:76:f5:55:d2:26:f1:a3:6f:78:9b:
b0:28:d3:cd:7f:14:4f:c9:8a:20:c5:3f:7f:33:f6:
38:a0:d1:99:15:30:41:b5:0b:5b:5f:ae:96:bf:5d:
41:2e:e9:c3:b3:7f:55:cf:18:3c:d5:c7:ac:11:7d:
2c:b3:0a:62:14:12:c1:0d:20:2e:36:06:0b:25:79:
93:fc:11:fb:8f:8e:a2:09:a7:b1:15:0f:67:85:96:
b6:77:8e:66:30:71:f7:e6:8c:72:05:76:59:72:55:
ff:5a:1b:9c:65:2b:85:17:a2:67:d6:12:44:2c:e3:
45:e9:a5:0c:e9:90:63:a4:89:bf:c3:d4:fb:d5:15:
42:71:48:05:7f:0b:14:aa:59:7b:8c:ab:d7:28:81:
5b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:14:78:82:1E:A7:88:CB:80:83:94:C9:DF:6B:AB:D0:18:CA:6A:AB
X509v3 Authority Key Identifier:
keyid:30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/BhR4gh6niMuAg5TJ32ur0BjKaqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:141:2::/48
Signature Algorithm: sha256WithRSAEncryption
48:2b:cc:f5:73:ce:87:70:28:44:5e:64:1c:13:bf:28:9e:69:
11:70:fd:eb:d3:08:c7:ec:8b:a7:4f:a4:64:df:72:97:2e:4b:
ec:e0:be:1d:ac:9f:7d:07:f5:aa:ef:62:c9:2a:db:f2:b3:97:
5b:fc:3d:83:ee:6d:61:c3:ac:46:7c:6d:2b:21:17:18:69:15:
b2:5d:2e:b7:82:e7:70:4d:d5:5d:86:a6:9d:ee:84:29:b9:db:
a7:15:6d:b8:56:3e:e7:c9:45:bd:e6:98:11:00:bf:3a:da:1d:
6e:9d:33:0a:4c:d4:c1:4b:61:3c:3e:2e:5e:76:32:da:92:aa:
8f:e2:e7:a0:74:9b:f8:5a:3b:4d:b9:a5:9c:a0:55:4e:3e:9d:
a0:2f:8e:48:41:32:7c:8f:e9:13:b7:31:db:73:43:00:83:c6:
8b:9e:14:e2:d9:45:c1:f0:33:9e:ae:27:73:f5:79:26:1f:2c:
ef:96:2f:f3:e0:94:25:36:de:83:b8:e8:a4:5b:89:eb:03:ca:
2e:6d:4d:f1:09:32:cb:01:44:04:af:80:5c:d5:8b:ab:09:32:
fe:91:21:df:2f:c6:ea:1c:18:e5:1a:3c:3d:31:8b:57:de:5a:
91:98:3e:27:90:0c:5b:ba:b7:5f:a4:da:45:27:f9:58:fd:80:
37:87:12:fd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQntoPbYcKJFdn4KJ8WpKlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDU4ZTQwYzZkOTFmMzcyOWU1N2UzMzQ0ZDMwOGI1OTky
ZmU0NmUwHhcNMjUwMTAyMTU1MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE0Nzg4MjFlYTc4OGNiODA4Mzk0YzlkZjZiYWJkMDE4Y2E2YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliVI2Q0PmomtgGT9KzF8KgnxRInK
VGnEt7XspeIKmc2MBoPtCDGu2riXyuxhbtw7KKq26wbVfg70hBJRBQjusPEtpTMu
0r3zQU9XqzCX1qTa2R4arlauec49Qul1dh1I7HPAUCvRKasSyklJonb1VdIm8aNv
eJuwKNPNfxRPyYogxT9/M/Y4oNGZFTBBtQtbX66Wv11BLunDs39Vzxg81cesEX0s
swpiFBLBDSAuNgYLJXmT/BH7j46iCaexFQ9nhZa2d45mMHH35oxyBXZZclX/Whuc
ZSuFF6Jn1hJELONF6aUM6ZBjpIm/w9T71RVCcUgFfwsUqll7jKvXKIFbCQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAYUeIIep4jLgIOUyd9rq9AYymqrMB8GA1UdIwQY
MBaAFDDVjkDG2R83KeV+M0TTCLWZL+RuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEt
ZjgyYjcwZDhhMGE3LzEvQmhSNGdoNm5pTXVBZzVUSjMydXIwQmpLYXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEtZjgyYjcwZDhhMGE3
LzEvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhMBQQAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBIK8z1c86HcChEXmQcE78onmkRcP3r0wjH7Iun
T6Rk33KXLkvs4L4drJ99B/Wq72LJKtvys5db/D2D7m1hw6xGfG0rIRcYaRWyXS63
gudwTdVdhqad7oQpudunFW24Vj7nyUW95pgRAL862h1unTMKTNTBS2E8Pi5edjLa
kqqP4uegdJv4WjtNuaWcoFVOPp2gL45IQTJ8j+kTtzHbc0MAg8aLnhTi2UXB8DOe
ridz9XkmHyzvli/z4JQlNt6DuOikW4nrA8oubU3xCTLLAUQEr4Bc1YurCTL+kSHf
L8bqHBjlGjw9MYtX3lqRmD4nkAxburdfpNpFJ/lY/YA3hxL9
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:33 2025 by rpki-client