Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/bDkAt0CCYnB2xqRfpALpEK1gmgo.roa
File: bDkAt0CCYnB2xqRfpALpEK1gmgo.roa (raw, json)
Hash identifier: HzyjrIASJdGjjHtk6b54LHkaX+3Gt8eRcO+z/aYxOaU=
Subject key identifier: 6C:39:00:B7:40:82:62:70:76:C6:A4:5F:A4:02:E9:10:AD:60:9A:0A
Certificate issuer: /CN=05a3b616407b97e26116334877c6aa928aaaeeb2
Certificate serial: 019424B3D2A12B00C3DAEBC0F9005C5385F2
Authority key identifier: 05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/bDkAt0CCYnB2xqRfpALpEK1gmgo.roa
Signing time: Thu 02 Jan 2025 01:49:12 +0000
ROA not before: Thu 02 Jan 2025 01:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198024
IP address blocks: 161.41.0.0/17 maxlen: 17
161.41.128.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:d2:a1:2b:00:c3:da:eb:c0:f9:00:5c:53:85:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05a3b616407b97e26116334877c6aa928aaaeeb2
Validity
Not Before: Jan 2 01:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c3900b74082627076c6a45fa402e910ad609a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4b:f9:c1:0a:6f:dc:51:98:b0:60:7b:90:64:
dd:6b:c5:04:ca:a4:10:bf:dc:99:02:5d:7b:0b:39:
df:72:05:6e:c2:a2:b7:be:13:56:05:6a:49:7e:77:
c4:6e:a6:ba:ba:d0:81:75:c9:5d:a1:0f:97:1f:82:
d7:a2:11:f2:6d:37:ba:fc:6f:43:78:6e:2d:ff:92:
80:0f:2b:7f:56:21:54:03:8f:05:bf:04:77:6c:3f:
de:26:21:a9:bd:f4:24:b4:30:71:9f:95:87:ba:83:
21:17:2a:94:40:0c:de:b7:27:14:92:9b:e0:cc:f7:
cf:17:ed:e1:b4:f2:2a:d3:86:af:14:ea:64:09:f9:
a1:32:3c:30:94:51:ee:f3:84:01:12:b6:cc:ef:4d:
cf:8c:ab:fd:eb:55:02:8d:87:a8:05:4c:05:b7:c1:
4f:76:9f:50:5f:a2:18:51:34:10:32:1b:45:69:9a:
68:b3:58:b4:e0:b2:c5:2b:60:f7:1e:2d:03:08:5a:
13:89:55:38:b8:28:11:18:31:fe:2b:39:74:55:55:
16:fa:c4:ae:e8:c4:d1:5d:fc:e2:9b:d0:ae:29:5e:
a0:fc:99:89:0d:cb:16:81:e0:74:5e:60:34:18:06:
05:2e:9c:dc:e2:c8:90:82:82:91:33:ed:63:d2:ef:
a5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:39:00:B7:40:82:62:70:76:C6:A4:5F:A4:02:E9:10:AD:60:9A:0A
X509v3 Authority Key Identifier:
keyid:05:A3:B6:16:40:7B:97:E2:61:16:33:48:77:C6:AA:92:8A:AA:EE:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaO2FkB7l-JhFjNId8aqkoqq7rI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/bDkAt0CCYnB2xqRfpALpEK1gmgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/641f45-b933-4019-aa7a-ad513574a404/1/BaO2FkB7l-JhFjNId8aqkoqq7rI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.41.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:bf:43:8a:1a:4a:0e:f8:3f:0d:c3:19:ef:ef:b4:4d:09:02:
73:57:55:e2:16:a5:7b:cb:e5:83:df:0b:17:dd:e7:a2:93:0c:
85:36:01:6b:3d:58:0b:8d:2e:29:2e:dd:00:ff:7e:3f:66:4e:
b5:5e:a5:b4:6b:69:89:66:b3:0a:94:2e:2f:98:25:a5:82:4f:
21:a9:dd:be:cd:ce:d9:80:39:3f:66:ba:42:5a:ad:82:97:5c:
26:45:e6:2e:f0:32:88:5b:ea:e6:d3:a8:7e:59:e5:d9:a0:21:
c9:ed:e5:56:9b:5a:53:d1:a6:14:86:45:85:35:0f:fd:72:54:
4e:bf:71:f5:5e:59:46:f6:1c:57:04:ea:07:3f:ac:cc:7f:e4:
ec:6f:e1:26:d9:9d:dd:12:9c:19:ad:b6:5f:63:58:ee:ad:70:
fe:3f:a5:47:35:5d:eb:70:77:fc:d6:fc:d6:6d:be:32:a2:40:
15:f5:10:ce:b2:9b:ad:bc:86:c4:d3:cd:e3:5c:78:e9:76:6b:
26:dd:4e:e1:58:09:01:38:f3:4e:72:42:39:4e:8e:7a:61:dc:
79:07:36:4b:b3:cf:0f:02:dd:1f:56:24:3e:b3:5a:f3:75:4a:
1e:6f:04:5a:53:ce:18:27:5a:c2:79:bf:6f:f0:e6:73:2b:70:
93:63:8c:fc
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQks9KhKwDD2uvA+QBcU4XyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YTNiNjE2NDA3Yjk3ZTI2MTE2MzM0ODc3YzZhYTkyOGFh
YWVlYjIwHhcNMjUwMTAyMDE0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM5MDBiNzQwODI2MjcwNzZjNmE0NWZhNDAyZTkxMGFkNjA5YTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEv5wQpv3FGYsGB7kGTda8UEyqQQ
v9yZAl17CznfcgVuwqK3vhNWBWpJfnfEbqa6utCBdcldoQ+XH4LXohHybTe6/G9D
eG4t/5KADyt/ViFUA48FvwR3bD/eJiGpvfQktDBxn5WHuoMhFyqUQAzetycUkpvg
zPfPF+3htPIq04avFOpkCfmhMjwwlFHu84QBErbM703PjKv961UCjYeoBUwFt8FP
dp9QX6IYUTQQMhtFaZpos1i04LLFK2D3Hi0DCFoTiVU4uCgRGDH+Kzl0VVUW+sSu
6MTRXfzim9CuKV6g/JmJDcsWgeB0XmA0GAYFLpzc4siQgoKRM+1j0u+l/wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGw5ALdAgmJwdsakX6QC6RCtYJoKMB8GA1UdIwQY
MBaAFAWjthZAe5fiYRYzSHfGqpKKqu6yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2Et
YWQ1MTM1NzRhNDA0LzEvYkRrQXQwQ0NZbkIyeHFSZnBBTHBFSzFnbWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NDFmNDUtYjkzMy00MDE5LWFhN2EtYWQ1MTM1NzRhNDA0
LzEvQmFPMkZrQjdsLUpoRmpOSWQ4YXFrb3FxN3JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoSkwDQYJ
KoZIhvcNAQELBQADggEBAJu/Q4oaSg74Pw3DGe/vtE0JAnNXVeIWpXvL5YPfCxfd
56KTDIU2AWs9WAuNLiku3QD/fj9mTrVepbRraYlmswqULi+YJaWCTyGp3b7NztmA
OT9mukJarYKXXCZF5i7wMohb6ubTqH5Z5dmgIcnt5VabWlPRphSGRYU1D/1yVE6/
cfVeWUb2HFcE6gc/rMx/5Oxv4SbZnd0SnBmttl9jWO6tcP4/pUc1Xetwd/zW/NZt
vjKiQBX1EM6ym628hsTTzeNceOl2aybdTuFYCQE4805yQjlOjnph3HkHNkuzzw8C
3R9WJD6zWvN1Sh5vBFpTzhgnWsJ5v2/w5nMrcJNjjPw=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:12 2025 by rpki-client