Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lMtHtlEf6jeaP0PIIqALg_zvdQ8.roa
File: lMtHtlEf6jeaP0PIIqALg_zvdQ8.roa (raw, json)
Hash identifier: U9KabZVotBtRVcgQqmiRi8+7cAJlCfoiYSFQ4+A0qG4=
Subject key identifier: 94:CB:47:B6:51:1F:EA:37:9A:3F:43:C8:22:A0:0B:83:FC:EF:75:0F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747DA437175863BA1631ACC6BCF56B6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lMtHtlEf6jeaP0PIIqALg_zvdQ8.roa
Signing time: Thu 02 Jan 2025 13:50:07 +0000
ROA not before: Thu 02 Jan 2025 13:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202307
IP address blocks: 2a0b:b87:ffe9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:da:43:71:75:86:3b:a1:63:1a:cc:6b:cf:56:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94cb47b6511fea379a3f43c822a00b83fcef750f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:16:cd:23:5b:fb:5f:17:1a:9a:ff:49:a8:5e:
fa:67:a3:fa:41:74:09:ff:06:5f:08:84:44:5f:1a:
5f:e1:48:92:54:d8:ff:ee:09:f2:48:9f:92:59:9b:
04:a6:bb:af:c9:0f:7c:78:b1:f2:b4:16:e3:e4:55:
34:7a:b3:43:0c:db:41:c8:2d:26:4e:c0:14:4e:82:
e6:2c:9a:65:7d:6c:de:aa:c1:03:9e:a8:b8:6b:00:
07:bc:de:7e:58:b6:ef:62:3f:33:a9:c2:e3:2c:b3:
a8:36:56:aa:6d:ac:90:0d:07:a4:85:7f:e7:3a:65:
cf:6b:79:38:d3:fa:38:3a:db:49:d4:40:45:d7:e2:
52:6f:be:7d:ab:a0:2c:34:92:8a:be:16:ae:b4:00:
94:f3:c3:82:64:e5:5d:f2:df:71:d6:37:9a:75:1e:
d9:54:d7:3d:a3:2b:44:0c:6a:b8:e8:95:d6:16:0a:
bd:13:b8:c9:64:be:8c:79:61:db:c8:e7:e6:d0:11:
63:d9:e5:3e:c8:9e:29:a4:d8:1a:c6:17:a8:8d:d0:
08:cb:63:67:6c:49:6b:4f:e5:72:a9:f8:39:61:2d:
f6:ca:02:91:92:d5:a1:4d:a8:f2:2f:f8:ce:cc:59:
b7:53:ea:cc:cb:a7:18:d4:50:cc:d2:ca:54:00:6c:
4c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:CB:47:B6:51:1F:EA:37:9A:3F:43:C8:22:A0:0B:83:FC:EF:75:0F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/lMtHtlEf6jeaP0PIIqALg_zvdQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffe9::/48
Signature Algorithm: sha256WithRSAEncryption
bf:03:e8:99:b8:84:a0:67:dc:c6:22:b4:b9:a4:36:47:02:c0:
6c:a6:9e:54:8e:6d:c4:4a:15:55:26:9f:20:61:0c:9f:b8:c0:
6d:9c:bd:41:47:dc:bc:4a:42:d6:fe:c9:4e:5c:38:a1:3d:fc:
a4:17:7d:4c:ea:af:3b:d0:45:0d:77:90:f5:68:b3:6d:c0:ea:
c2:7a:4a:bf:cd:97:b5:be:42:b1:fc:a7:bf:7c:f6:78:8f:e1:
49:17:51:6f:c2:90:58:61:3f:18:b8:ab:eb:f9:d7:3e:7b:51:
c9:27:a2:7a:d3:ba:23:75:43:4e:cd:b0:1f:eb:7a:bb:1c:36:
31:de:9c:26:ba:e1:99:db:90:12:16:d1:eb:25:14:b7:e8:c0:
2e:c9:14:ea:8f:84:89:fd:5b:8e:c0:b4:04:6d:13:14:f5:e8:
ad:00:27:e1:e5:3f:a5:bb:9c:c2:7e:44:22:8f:61:55:4f:f0:
65:9a:78:91:23:fc:04:3b:f4:e9:24:d4:5b:ad:e7:62:04:b1:
fb:b1:fa:e2:13:18:cc:88:b8:6c:c7:ce:db:7e:fc:a5:a8:5d:
ec:7e:80:e0:ce:ac:43:fb:c8:ff:9f:31:91:b9:33:97:7c:6c:
d2:99:32:96:2a:02:b2:9a:d7:38:b2:18:74:0a:05:3b:3f:40:
ee:e9:0b:e8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR9pDcXWGO6FjGsxrz1a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGNiNDdiNjUxMWZlYTM3OWEzZjQzYzgyMmEwMGI4M2ZjZWY3NTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBbNI1v7Xxcamv9JqF76Z6P6QXQJ
/wZfCIREXxpf4UiSVNj/7gnySJ+SWZsEpruvyQ98eLHytBbj5FU0erNDDNtByC0m
TsAUToLmLJplfWzeqsEDnqi4awAHvN5+WLbvYj8zqcLjLLOoNlaqbayQDQekhX/n
OmXPa3k40/o4OttJ1EBF1+JSb759q6AsNJKKvhautACU88OCZOVd8t9x1jeadR7Z
VNc9oytEDGq46JXWFgq9E7jJZL6MeWHbyOfm0BFj2eU+yJ4ppNgaxheojdAIy2Nn
bElrT+Vyqfg5YS32ygKRktWhTajyL/jOzFm3U+rMy6cY1FDM0spUAGxMLwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJTLR7ZRH+o3mj9DyCKgC4P873UPMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbE10SHRsRWY2amVhUDBQSUlxQUxnX3p2ZFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh//p
MA0GCSqGSIb3DQEBCwUAA4IBAQC/A+iZuISgZ9zGIrS5pDZHAsBspp5Ujm3EShVV
Jp8gYQyfuMBtnL1BR9y8SkLW/slOXDihPfykF31M6q870EUNd5D1aLNtwOrCekq/
zZe1vkKx/Ke/fPZ4j+FJF1FvwpBYYT8YuKvr+dc+e1HJJ6J607ojdUNOzbAf63q7
HDYx3pwmuuGZ25ASFtHrJRS36MAuyRTqj4SJ/VuOwLQEbRMU9eitACfh5T+lu5zC
fkQij2FVT/BlmniRI/wEO/TpJNRbrediBLH7sfriExjMiLhsx87bfvylqF3sfoDg
zqxD+8j/nzGRuTOXfGzSmTKWKgKymtc4shh0CgU7P0Du6Qvo
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:24:19 2025 by rpki-client