Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/bEsR_bsR3ikUUcshXZNcBKr0I08.roa
File: bEsR_bsR3ikUUcshXZNcBKr0I08.roa (raw, json)
Hash identifier: l9dBPGG+y8zO+InKdH53jqGyx/nEGyuK6fNVvZsOFl0=
Subject key identifier: 6C:4B:11:FD:BB:11:DE:29:14:51:CB:21:5D:93:5C:04:AA:F4:23:4F
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 0194266C19D6CADDDD8C85FF2B508B15B1B9
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/bEsR_bsR3ikUUcshXZNcBKr0I08.roa
Signing time: Thu 02 Jan 2025 09:50:06 +0000
ROA not before: Thu 02 Jan 2025 09:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34224
IP address blocks: 2a01:3e0:2004::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:19:d6:ca:dd:dd:8c:85:ff:2b:50:8b:15:b1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 09:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c4b11fdbb11de291451cb215d935c04aaf4234f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d5:7a:9b:b7:26:91:ef:9b:fb:64:36:f7:1b:
21:d2:14:0d:96:98:35:9c:ea:e4:33:11:42:01:c2:
fd:dc:02:eb:47:2f:85:7c:46:7b:73:d0:22:02:f8:
c7:25:ed:f0:ad:83:fc:8e:40:ba:53:18:5e:f4:e9:
70:2b:56:03:dc:0f:e3:ae:bc:bb:9a:d2:9d:d5:79:
2d:0b:fe:ae:ec:21:9d:7d:26:7a:95:26:cc:54:bc:
bc:25:8b:5b:a5:c0:88:64:8d:76:53:72:5c:eb:6c:
60:5e:2a:e0:26:78:38:aa:10:a6:cd:09:31:e5:3b:
b9:36:ae:a6:2f:11:cd:fb:24:d1:da:f0:78:8a:7f:
18:c6:97:ad:ca:5e:0e:37:63:94:61:26:f2:57:a3:
36:ec:c1:8c:4e:d3:b5:e3:e8:06:bc:4c:06:94:f4:
5e:a4:f6:f6:43:bc:43:3b:f4:dc:b3:fc:28:9c:aa:
e9:8b:d3:ec:eb:2c:0b:2e:dc:6f:46:e2:75:01:f5:
d2:0d:9d:7b:bf:08:ea:bf:31:a2:48:9b:ac:47:8e:
5c:b0:6a:01:bb:e3:c1:6c:fe:9c:24:e3:53:73:e7:
5b:43:b5:80:6b:bf:b1:65:8f:c2:c0:a5:d6:5b:ea:
5b:1c:86:ab:10:f0:67:26:08:82:4d:86:e9:b7:c9:
db:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4B:11:FD:BB:11:DE:29:14:51:CB:21:5D:93:5C:04:AA:F4:23:4F
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/bEsR_bsR3ikUUcshXZNcBKr0I08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:3e0:2004::/48
Signature Algorithm: sha256WithRSAEncryption
9e:c5:ce:f4:55:c4:c9:fe:3f:a1:43:af:f9:1b:18:31:33:ad:
33:bf:a0:f2:56:94:b4:44:97:55:6b:50:c5:4f:eb:da:8a:a5:
09:ce:cd:72:4d:f9:84:6a:6b:ca:7b:42:2c:4c:3a:fa:51:f2:
08:0c:b5:3b:6d:2a:23:f5:78:93:40:87:4a:55:13:56:e3:3f:
75:ab:d4:dc:a4:89:45:e4:3c:2c:eb:e6:6a:80:84:63:82:db:
f7:f1:dd:4e:09:aa:c4:ad:76:12:9e:f9:c6:b1:20:c2:8e:ab:
14:d3:de:52:55:19:56:68:ed:da:e5:64:f1:b5:37:0e:43:bf:
61:fb:64:4e:55:d5:4f:02:c7:d6:b6:6d:77:46:8c:f5:4c:ba:
91:16:16:6f:a4:c5:5a:f8:a8:a2:05:ef:2c:b3:84:2e:50:83:
cf:a2:d3:39:b8:3b:d5:48:3f:be:ae:f0:e3:b9:6b:c7:65:eb:
01:fc:87:41:d2:c8:92:83:71:ab:6f:8e:d5:36:bb:a9:6d:02:
16:4e:44:76:ae:75:c0:fb:be:2c:ea:74:dd:a7:e8:f4:a7:15:
af:54:0e:bc:48:da:3f:a4:2d:fa:66:cc:9c:2d:f6:91:f4:cb:
8a:3d:57:38:da:0f:3b:eb:19:08:e6:75:00:f2:ce:e3:2e:e8:
f9:2c:bd:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQmbBnWyt3djIX/K1CLFbG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjUwMTAyMDk1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzRiMTFmZGJiMTFkZTI5MTQ1MWNiMjE1ZDkzNWMwNGFhZjQyMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dV6m7cmke+b+2Q29xsh0hQNlpg1
nOrkMxFCAcL93ALrRy+FfEZ7c9AiAvjHJe3wrYP8jkC6Uxhe9OlwK1YD3A/jrry7
mtKd1XktC/6u7CGdfSZ6lSbMVLy8JYtbpcCIZI12U3Jc62xgXirgJng4qhCmzQkx
5Tu5Nq6mLxHN+yTR2vB4in8Yxpetyl4ON2OUYSbyV6M27MGMTtO14+gGvEwGlPRe
pPb2Q7xDO/Tcs/wonKrpi9Ps6ywLLtxvRuJ1AfXSDZ17vwjqvzGiSJusR45csGoB
u+PBbP6cJONTc+dbQ7WAa7+xZY/CwKXWW+pbHIarEPBnJgiCTYbpt8nbCQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGxLEf27Ed4pFFHLIV2TXASq9CNPMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvYkVzUl9ic1IzaWtVVWNzaFhaTmNCS3IwSTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgED4CAE
MA0GCSqGSIb3DQEBCwUAA4IBAQCexc70VcTJ/j+hQ6/5GxgxM60zv6DyVpS0RJdV
a1DFT+vaiqUJzs1yTfmEamvKe0IsTDr6UfIIDLU7bSoj9XiTQIdKVRNW4z91q9Tc
pIlF5Dws6+ZqgIRjgtv38d1OCarErXYSnvnGsSDCjqsU095SVRlWaO3a5WTxtTcO
Q79h+2ROVdVPAsfWtm13Roz1TLqRFhZvpMVa+KiiBe8ss4QuUIPPotM5uDvVSD++
rvDjuWvHZesB/IdB0siSg3Grb47VNrupbQIWTkR2rnXA+74s6nTdp+j0pxWvVA68
SNo/pC36ZsycLfaR9MuKPVc42g876xkI5nUA8s7jLuj5LL3T
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:11 2025 by rpki-client