Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vEYxUBf3cwJLQPfZEo4kGNPD8eE.roa
File: vEYxUBf3cwJLQPfZEo4kGNPD8eE.roa (raw, json)
Hash identifier: ddEiKX8BidFcr2951gKirTjMuSutD6f94/pynZIKWoU=
Subject key identifier: BC:46:31:50:17:F7:73:02:4B:40:F7:D9:12:8E:24:18:D3:C3:F1:E1
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019422FC0DBE3B1460C29BEA63D967B5B393
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vEYxUBf3cwJLQPfZEo4kGNPD8eE.roa
Signing time: Wed 01 Jan 2025 17:48:51 +0000
ROA not before: Wed 01 Jan 2025 17:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44853
IP address blocks: 2a0b:fdc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:0d:be:3b:14:60:c2:9b:ea:63:d9:67:b5:b3:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 17:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc46315017f773024b40f7d9128e2418d3c3f1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f5:27:4a:98:29:ba:60:69:f7:45:41:1a:d2:
87:91:a0:de:fa:aa:52:97:d5:4c:44:b4:9c:d3:d3:
94:be:4b:6e:a7:0e:56:c6:25:cb:d0:98:b0:52:c9:
ae:39:80:24:2e:ba:d8:de:56:63:ca:f6:9d:a9:55:
af:7f:9a:f7:70:80:81:cd:3c:5b:86:7c:02:c6:2f:
e2:30:d1:5b:74:b7:05:83:73:8c:7c:e8:3f:f8:90:
6d:c8:14:c1:e7:be:91:90:5a:de:0d:f4:02:a5:00:
47:7f:a7:10:4b:78:dc:7a:67:22:18:c9:14:d4:0e:
14:27:6a:68:aa:b6:3a:86:bb:e7:7d:a3:77:2e:2e:
7a:9a:91:68:df:b6:d0:d1:a0:ca:93:27:7b:5b:9f:
b0:e6:80:cb:5e:7e:19:0e:e8:83:0d:50:80:83:c5:
af:76:1d:91:eb:2d:70:df:c3:aa:14:7b:ee:de:3c:
07:8f:b5:15:c0:76:c8:24:f5:07:08:5d:3b:04:31:
16:51:92:ab:05:67:65:66:f6:25:05:56:e0:c4:27:
82:7b:7e:52:bf:d1:95:13:9e:96:d0:69:b6:ce:40:
21:33:cd:cd:0e:dd:8f:07:c9:9d:1b:1e:e8:5f:33:
0c:df:12:12:30:f5:29:78:61:01:12:65:62:8d:5e:
fe:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:46:31:50:17:F7:73:02:4B:40:F7:D9:12:8E:24:18:D3:C3:F1:E1
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/vEYxUBf3cwJLQPfZEo4kGNPD8eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:9e:5b:a9:db:60:31:e1:e6:b5:ec:47:93:f5:03:d7:29:5b:
98:f3:01:2f:24:b5:50:6a:ac:c6:f1:1f:86:5a:26:08:12:44:
16:77:b7:dc:07:c9:d9:b5:64:25:9c:60:17:79:4e:13:ff:13:
1f:c6:22:5f:58:37:d6:c8:37:fe:32:b1:c6:f7:be:dd:c5:1f:
3d:98:62:e1:00:84:b7:f4:d9:8e:31:1e:dc:df:17:c7:a7:a9:
40:79:e6:bc:35:69:96:96:c1:0e:e7:ee:55:c9:a8:0e:6a:7b:
d6:aa:d9:b4:30:22:c3:fc:0d:ed:1d:85:73:d7:13:b7:ad:ab:
c0:97:6c:e1:95:8d:2a:55:71:a0:67:98:fc:62:6c:cb:0c:fc:
b4:dc:5b:68:77:53:99:db:a9:76:24:af:81:11:02:9c:fd:a1:
31:6a:3e:dd:46:42:91:bd:d3:d8:5d:2c:57:8a:79:e8:f9:74:
8b:47:1d:df:07:88:4c:d9:73:34:78:95:4f:01:95:bf:c8:eb:
42:cf:d1:3c:2a:75:e5:35:a3:51:06:2f:f3:a4:c4:95:43:2a:
d2:39:0d:c6:ca:66:f9:e7:1e:5f:82:da:93:4f:b3:60:bd:1a:
1d:be:47:19:7a:45:7b:67:30:c4:e8:95:73:ed:31:65:45:80:
03:47:c8:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQi/A2+OxRgwpvqY9lntbOTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwMTAxMTc0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQ2MzE1MDE3Zjc3MzAyNGI0MGY3ZDkxMjhlMjQxOGQzYzNmMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfUnSpgpumBp90VBGtKHkaDe+qpS
l9VMRLSc09OUvktupw5WxiXL0JiwUsmuOYAkLrrY3lZjyvadqVWvf5r3cICBzTxb
hnwCxi/iMNFbdLcFg3OMfOg/+JBtyBTB576RkFreDfQCpQBHf6cQS3jcemciGMkU
1A4UJ2poqrY6hrvnfaN3Li56mpFo37bQ0aDKkyd7W5+w5oDLXn4ZDuiDDVCAg8Wv
dh2R6y1w38OqFHvu3jwHj7UVwHbIJPUHCF07BDEWUZKrBWdlZvYlBVbgxCeCe35S
v9GVE56W0Gm2zkAhM83NDt2PB8mdGx7oXzMM3xISMPUpeGEBEmVijV7+/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLxGMVAX93MCS0D32RKOJBjTw/HhMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdkVZeFVCZjNjd0pMUVBmWkVvNGtHTlBEOGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgv9wDAN
BgkqhkiG9w0BAQsFAAOCAQEAC55bqdtgMeHmtexHk/UD1ylbmPMBLyS1UGqsxvEf
hlomCBJEFne33AfJ2bVkJZxgF3lOE/8TH8YiX1g31sg3/jKxxve+3cUfPZhi4QCE
t/TZjjEe3N8Xx6epQHnmvDVplpbBDufuVcmoDmp71qrZtDAiw/wN7R2Fc9cTt62r
wJds4ZWNKlVxoGeY/GJsywz8tNxbaHdTmdupdiSvgRECnP2hMWo+3UZCkb3T2F0s
V4p56Pl0i0cd3weITNlzNHiVTwGVv8jrQs/RPCp15TWjUQYv86TElUMq0jkNxspm
+eceX4Lak0+zYL0aHb5HGXpFe2cwxOiVc+0xZUWAA0fIkg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 12:34:32 2025 by rpki-client