Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/v85w_enN4l0qjnAVgVoctSzv6IY.roa
File: v85w_enN4l0qjnAVgVoctSzv6IY.roa (raw, json)
Hash identifier: /HrJJK++RxU1Nv8Sto/0IOgMTSVvaiFyjWKXtAwNono=
Subject key identifier: BF:CE:70:FD:E9:CD:E2:5D:2A:8E:70:15:81:5A:1C:B5:2C:EF:E8:86
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747E90A7828F7A3E116647786ADC169
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/v85w_enN4l0qjnAVgVoctSzv6IY.roa
Signing time: Thu 02 Jan 2025 13:50:11 +0000
ROA not before: Thu 02 Jan 2025 13:50:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210902
IP address blocks: 2a0b:b87:ff10::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e9:0a:78:28:f7:a3:e1:16:64:77:86:ad:c1:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfce70fde9cde25d2a8e7015815a1cb52cefe886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8d:e2:b7:70:09:e3:4a:d3:1a:a6:c0:2e:3f:
3c:19:8c:bb:2d:09:56:9f:e8:42:0d:e5:e0:de:b7:
6c:8c:d9:d8:8a:3e:f6:57:ab:b1:c6:8a:be:66:68:
84:5a:dc:ec:fe:28:f6:36:cc:d2:b4:41:fa:e8:72:
9b:28:f4:09:08:ba:06:e0:16:c1:26:a6:51:3b:88:
f6:51:9b:c5:76:f6:d6:eb:24:5a:f6:cd:9b:2d:26:
8f:0c:5a:bf:91:d0:91:bc:20:d8:fe:07:cd:21:b5:
71:fd:c8:ad:5f:40:39:7e:14:a4:3a:24:1b:52:8e:
d2:6b:bb:8e:8f:4b:a4:79:98:a6:75:21:8e:aa:81:
0c:e6:7b:a5:a6:01:16:1e:1d:e3:27:4f:85:c4:83:
f2:75:16:bc:45:a7:ae:1a:3c:5a:15:48:79:67:15:
d7:d2:1b:f8:a9:cd:e3:37:ed:06:cc:e0:07:6c:17:
c3:1e:05:9b:b6:ac:90:6d:de:e2:3c:21:51:7a:04:
e7:fb:f2:00:eb:13:b1:02:4f:90:95:11:bd:44:cc:
68:52:fd:ee:6e:6f:35:3d:c1:c7:c4:bf:9e:c4:e9:
9e:5f:1c:40:56:08:f6:bd:3b:ce:fe:a6:b5:6a:33:
38:39:df:7a:7a:b3:d4:cd:6b:e8:90:04:41:23:6a:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:CE:70:FD:E9:CD:E2:5D:2A:8E:70:15:81:5A:1C:B5:2C:EF:E8:86
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/v85w_enN4l0qjnAVgVoctSzv6IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ff10::/48
Signature Algorithm: sha256WithRSAEncryption
dd:40:36:2c:51:69:6a:75:2d:6f:df:4a:fa:f1:19:21:75:00:
fb:83:13:a0:db:b0:87:12:b0:6b:22:e7:ea:c3:34:7d:9c:48:
a7:cb:c4:c6:6e:68:9f:63:12:2d:20:7b:76:e8:1c:7e:16:88:
23:a4:8e:cf:1f:48:6d:51:a6:ea:e3:bc:a4:06:f6:4e:a4:4c:
66:68:d4:cb:d7:3c:25:2f:17:7f:05:f5:71:3f:72:44:38:b1:
e3:15:66:d6:fa:1f:18:10:c8:a8:8c:ef:f9:39:cf:1f:25:bb:
cb:24:fb:0f:6e:d9:4e:7c:6e:1d:43:d5:5c:bc:48:60:c8:2b:
7a:04:2b:8b:55:ed:7a:6d:0f:3c:06:8b:8c:80:7c:f8:bb:2b:
df:51:30:3f:13:31:b7:8d:8e:21:16:b2:d8:0c:07:84:98:3a:
e6:b2:2a:a0:10:e6:c0:c1:df:95:de:72:93:0b:b7:47:e4:ae:
88:64:96:77:19:92:7d:28:66:31:2f:b1:ee:13:61:36:75:84:
1f:b5:b8:c3:d7:8b:3e:42:38:06:de:98:24:78:f2:92:bb:d7:
35:c8:66:ee:e1:8d:51:3b:67:a5:6d:4a:f7:d6:2d:d6:9e:03:
87:2b:18:fe:10:9b:1f:ab:c0:f6:bc:43:0a:cf:2f:74:08:73:
61:02:ce:7b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQnR+kKeCj3o+EWZHeGrcFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmNlNzBmZGU5Y2RlMjVkMmE4ZTcwMTU4MTVhMWNiNTJjZWZlODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI3it3AJ40rTGqbALj88GYy7LQlW
n+hCDeXg3rdsjNnYij72V6uxxoq+ZmiEWtzs/ij2NszStEH66HKbKPQJCLoG4BbB
JqZRO4j2UZvFdvbW6yRa9s2bLSaPDFq/kdCRvCDY/gfNIbVx/citX0A5fhSkOiQb
Uo7Sa7uOj0ukeZimdSGOqoEM5nulpgEWHh3jJ0+FxIPydRa8RaeuGjxaFUh5ZxXX
0hv4qc3jN+0GzOAHbBfDHgWbtqyQbd7iPCFRegTn+/IA6xOxAk+QlRG9RMxoUv3u
bm81PcHHxL+exOmeXxxAVgj2vTvO/qa1ajM4Od96erPUzWvokARBI2qmRwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFL/OcP3pzeJdKo5wFYFaHLUs7+iGMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdjg1d19lbk40bDBxam5BVmdWb2N0U3p2NklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/8Q
MA0GCSqGSIb3DQEBCwUAA4IBAQDdQDYsUWlqdS1v30r68RkhdQD7gxOg27CHErBr
IufqwzR9nEiny8TGbmifYxItIHt26Bx+FogjpI7PH0htUabq47ykBvZOpExmaNTL
1zwlLxd/BfVxP3JEOLHjFWbW+h8YEMiojO/5Oc8fJbvLJPsPbtlOfG4dQ9VcvEhg
yCt6BCuLVe16bQ88BouMgHz4uyvfUTA/EzG3jY4hFrLYDAeEmDrmsiqgEObAwd+V
3nKTC7dH5K6IZJZ3GZJ9KGYxL7HuE2E2dYQftbjD14s+QjgG3pgkePKSu9c1yGbu
4Y1RO2elbUr31i3WngOHKxj+EJsfq8D2vEMKzy90CHNhAs57
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:54:02 2025 by rpki-client