Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/bNQc_44Mbwtrr6Zxf_zCCp1qEQk.roa
File: bNQc_44Mbwtrr6Zxf_zCCp1qEQk.roa (raw, json)
Hash identifier: 9huHVbH93m+NDkp/54gsMgwqvtun5B8knRG5ALMC/zo=
Subject key identifier: 6C:D4:1C:FF:8E:0C:6F:0B:6B:AF:A6:71:7F:FC:C2:0A:9D:6A:11:09
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747DF00418703F3F8B33F2C53B7D857
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/bNQc_44Mbwtrr6Zxf_zCCp1qEQk.roa
Signing time: Thu 02 Jan 2025 13:50:08 +0000
ROA not before: Thu 02 Jan 2025 13:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205749
IP address blocks: 2a0b:b86:fe00::/40 maxlen: 48
2a0f:8ac1:a0a::/48 maxlen: 48
2a0f:8ac1:574b::/48 maxlen: 48
2a0f:8ac1:d452::/48 maxlen: 48
2a0f:8ac1:d9a3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:df:00:41:87:03:f3:f8:b3:3f:2c:53:b7:d8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cd41cff8e0c6f0b6bafa6717ffcc20a9d6a1109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f7:46:39:08:53:9c:0d:fc:a4:f2:ff:8f:73:
4c:ae:6b:55:d4:07:f6:4b:bd:91:f1:44:8a:df:bf:
bd:60:a7:e9:62:4a:19:d3:97:ad:7c:24:2b:6b:ec:
ac:9d:ca:67:2b:85:d4:67:62:3e:63:ca:cf:aa:d6:
51:e8:cd:97:d5:65:27:5c:b0:b8:56:21:19:71:27:
62:86:f6:38:9c:64:a7:df:e5:bf:cd:02:1b:95:d3:
a9:69:8a:77:54:61:ea:64:db:4d:2b:44:4c:a4:03:
2f:54:6b:87:8e:d7:df:9d:8e:00:45:7c:e4:31:1e:
fa:44:d9:15:27:a1:4b:ed:8e:93:df:5f:21:df:f1:
e0:c3:3b:21:0f:68:34:4a:6a:e8:d4:06:b0:19:78:
4c:fd:ef:50:53:3b:5c:2a:0d:c0:59:84:df:79:d5:
ba:c0:6e:6d:34:3e:7e:75:20:bd:ba:20:91:eb:c3:
d3:c8:ad:7a:a0:40:01:53:0b:c6:ee:cc:7d:9d:0f:
35:60:77:6e:75:4d:f1:c4:0d:77:78:3e:2f:5d:cb:
85:55:ff:73:6e:00:63:c1:0e:e8:c5:0f:d6:04:31:
a1:dc:2b:16:f9:90:a5:79:bc:1d:d5:15:b8:dd:97:
f7:5b:2a:30:f0:bc:0d:90:81:6b:84:8b:7c:56:b2:
a9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D4:1C:FF:8E:0C:6F:0B:6B:AF:A6:71:7F:FC:C2:0A:9D:6A:11:09
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/bNQc_44Mbwtrr6Zxf_zCCp1qEQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b86:fe00::/40
2a0f:8ac1:a0a::/48
2a0f:8ac1:574b::/48
2a0f:8ac1:d452::/48
2a0f:8ac1:d9a3::/48
Signature Algorithm: sha256WithRSAEncryption
45:20:5a:bb:3c:90:5f:15:5d:10:67:2e:71:1a:76:4d:1f:43:
17:12:55:19:ef:db:fb:75:0d:96:5a:02:71:f5:95:9f:ef:24:
78:84:2f:d7:11:bf:29:df:78:97:ee:fd:71:e0:af:45:1f:0b:
3a:25:8d:92:0a:5f:1e:2c:c6:e5:a8:67:8c:b3:f5:85:5e:ae:
ba:cf:98:96:ce:3e:a1:f0:a3:45:38:39:db:7c:0a:b0:91:9a:
0f:de:71:19:58:bf:5f:62:bc:14:6a:5b:9e:bf:93:37:86:24:
0c:ad:cf:f9:f0:0a:fe:2b:d5:44:d5:b5:05:64:a0:58:b4:ef:
53:27:8a:68:fd:96:34:6b:e1:64:d9:ea:af:82:70:ee:70:14:
9e:aa:f3:05:30:e3:88:a8:cd:83:28:e3:d5:25:dd:3f:e5:2d:
04:6b:cd:19:82:7c:21:35:aa:51:68:e8:5d:ab:5c:22:a0:3c:
d5:57:15:df:26:03:7c:52:eb:27:72:d2:0b:14:7a:4b:70:78:
c6:30:d8:36:1a:af:63:39:b6:9e:56:6c:93:20:b1:27:56:d9:
49:d7:e0:28:f0:a2:cd:36:16:37:38:0c:41:c9:75:fe:97:bf:
29:6e:3d:75:3c:23:26:42:d1:eb:f4:03:f6:1c:e1:75:48:34:
1f:f1:96:b7
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQnR98AQYcD8/izPyxTt9hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q0MWNmZjhlMGM2ZjBiNmJhZmE2NzE3ZmZjYzIwYTlkNmExMTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfdGOQhTnA38pPL/j3NMrmtV1Af2
S72R8USK37+9YKfpYkoZ05etfCQra+ysncpnK4XUZ2I+Y8rPqtZR6M2X1WUnXLC4
ViEZcSdihvY4nGSn3+W/zQIbldOpaYp3VGHqZNtNK0RMpAMvVGuHjtffnY4ARXzk
MR76RNkVJ6FL7Y6T318h3/HgwzshD2g0Smro1AawGXhM/e9QUztcKg3AWYTfedW6
wG5tND5+dSC9uiCR68PTyK16oEABUwvG7sx9nQ81YHdudU3xxA13eD4vXcuFVf9z
bgBjwQ7oxQ/WBDGh3CsW+ZClebwd1RW43Zf3Wyow8LwNkIFrhIt8VrKpeQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGzUHP+ODG8La6+mcX/8wgqdahEJMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvYk5RY180NE1id3RycjZaeGZfekNDcDFxRVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwYAKgsLhv4D
BwAqD4rBCgoDBwAqD4rBV0sDBwAqD4rB1FIDBwAqD4rB2aMwDQYJKoZIhvcNAQEL
BQADggEBAEUgWrs8kF8VXRBnLnEadk0fQxcSVRnv2/t1DZZaAnH1lZ/vJHiEL9cR
vynfeJfu/XHgr0UfCzoljZIKXx4sxuWoZ4yz9YVerrrPmJbOPqHwo0U4Odt8CrCR
mg/ecRlYv19ivBRqW56/kzeGJAytz/nwCv4r1UTVtQVkoFi071Mnimj9ljRr4WTZ
6q+CcO5wFJ6q8wUw44iozYMo49Ul3T/lLQRrzRmCfCE1qlFo6F2rXCKgPNVXFd8m
A3xS6ydy0gsUektweMYw2DYar2M5tp5WbJMgsSdW2UnX4Cjwos02Fjc4DEHJdf6X
vyluPXU8IyZC0ev0A/Yc4XVINB/xlrc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:02:27 2025 by rpki-client