Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/bH5bF_8mxPt1PuFzjL55ZoPT9u4.roa
File: bH5bF_8mxPt1PuFzjL55ZoPT9u4.roa (raw, json)
Hash identifier: 61i/OUkjcDYfRXVmFio9adx3zcL9HFjQz1PgrGFxL9g=
Subject key identifier: 6C:7E:5B:17:FF:26:C4:FB:75:3E:E1:73:8C:BE:79:66:83:D3:F6:EE
Certificate issuer: /CN=76670236cd0e038684a33194bde7d4b95adc66f7
Certificate serial: 019425220B7A26DA5CE2B2E692CC7A978C7D
Authority key identifier: 76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/bH5bF_8mxPt1PuFzjL55ZoPT9u4.roa
Signing time: Thu 02 Jan 2025 03:49:35 +0000
ROA not before: Thu 02 Jan 2025 03:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214958
IP address blocks: 2a05:541:1a1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0b:7a:26:da:5c:e2:b2:e6:92:cc:7a:97:8c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76670236cd0e038684a33194bde7d4b95adc66f7
Validity
Not Before: Jan 2 03:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c7e5b17ff26c4fb753ee1738cbe796683d3f6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:b7:22:14:3a:8d:e7:59:ec:01:8d:4d:aa:
6d:9f:a2:29:fe:26:8f:7a:fa:d7:3b:c4:d2:25:7b:
c0:74:e7:c2:3a:33:9e:75:b6:ef:6b:57:c8:77:87:
7e:35:7b:80:b5:82:e4:46:7e:64:2b:c5:59:18:5f:
84:72:4c:e8:40:bb:03:af:d3:04:97:ba:52:db:1a:
25:1a:d7:d2:f7:87:d9:d9:9f:08:7a:b7:91:20:02:
f6:f3:4f:ed:57:a9:3c:4a:56:93:d9:42:f5:8f:41:
32:b6:28:4c:c8:8c:44:36:a3:3f:82:3a:24:b2:58:
78:33:e4:6a:b4:3f:a0:a6:fd:bd:89:7e:92:f5:a2:
b0:86:da:18:01:37:20:99:db:c9:62:f4:8c:fb:bd:
51:fd:c8:d6:4e:ec:3b:1b:54:61:b9:82:96:47:31:
0e:a3:08:bf:e1:59:12:81:6e:ea:3d:f6:38:2f:6c:
46:23:94:5e:09:e6:40:94:d0:6e:e7:0a:7a:f4:3b:
7a:3f:51:9e:0a:c7:0e:fa:eb:28:71:0c:84:d7:2c:
ce:42:d5:7b:b6:b2:8c:55:c1:1f:30:c2:78:e1:b8:
d4:4b:1c:4c:d6:4e:ac:3f:0e:aa:65:0c:1f:b0:77:
c8:79:74:01:64:5c:d3:74:4d:93:59:a8:98:e5:8d:
39:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7E:5B:17:FF:26:C4:FB:75:3E:E1:73:8C:BE:79:66:83:D3:F6:EE
X509v3 Authority Key Identifier:
keyid:76:67:02:36:CD:0E:03:86:84:A3:31:94:BD:E7:D4:B9:5A:DC:66:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dmcCNs0OA4aEozGUvefUuVrcZvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/bH5bF_8mxPt1PuFzjL55ZoPT9u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/1809da-1c6f-44db-aa28-ba4fc234683e/1/dmcCNs0OA4aEozGUvefUuVrcZvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:541:1a1::/48
Signature Algorithm: sha256WithRSAEncryption
8a:a7:eb:42:a0:b2:af:3d:e9:96:dd:77:3b:7b:5a:1b:37:79:
95:2f:a6:1c:5c:66:c3:54:96:aa:16:89:30:12:19:bc:43:6a:
8d:5d:28:e1:2b:88:a7:f4:98:7e:81:3a:29:9b:c7:3b:9a:5f:
91:9c:b9:a9:48:0e:ef:83:6e:97:34:cb:f6:89:94:c4:5f:18:
71:fa:e0:a0:a2:14:38:2f:28:c7:29:95:75:14:eb:1a:b9:df:
3d:ef:a4:23:02:63:20:0c:82:91:8e:d8:40:e5:cb:47:37:42:
a3:d9:96:60:e0:f4:cf:6e:50:ee:64:f6:ff:13:25:ce:78:9b:
2a:1b:d6:17:3b:22:43:86:37:af:26:b6:59:09:35:c0:5b:62:
fa:4b:0f:c8:f9:f9:2b:04:67:b8:7e:f0:40:fa:1b:79:d4:ec:
47:12:4d:10:58:50:13:23:42:10:bf:b4:71:33:c1:77:67:2b:
3a:60:82:c8:4d:72:5e:84:df:47:91:b7:30:f4:9a:74:bf:7d:
77:fe:e4:92:3f:0b:01:14:6d:42:95:f3:f6:6f:11:a3:19:1d:
0d:64:73:5c:37:4e:49:c8:ed:3e:9b:6a:1c:0f:a9:a9:cc:3c:
8f:b2:94:dd:dd:a4:76:fb:86:df:e8:bf:d5:74:f7:70:1a:a5:
57:ae:8a:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQlIgt6Jtpc4rLmksx6l4x9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NjcwMjM2Y2QwZTAzODY4NGEzMzE5NGJkZTdkNGI5NWFk
YzY2ZjcwHhcNMjUwMTAyMDM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdlNWIxN2ZmMjZjNGZiNzUzZWUxNzM4Y2JlNzk2NjgzZDNmNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfO3IhQ6jedZ7AGNTaptn6Ip/iaP
evrXO8TSJXvAdOfCOjOedbbva1fId4d+NXuAtYLkRn5kK8VZGF+EckzoQLsDr9ME
l7pS2xolGtfS94fZ2Z8IereRIAL280/tV6k8SlaT2UL1j0EytihMyIxENqM/gjok
slh4M+RqtD+gpv29iX6S9aKwhtoYATcgmdvJYvSM+71R/cjWTuw7G1RhuYKWRzEO
owi/4VkSgW7qPfY4L2xGI5ReCeZAlNBu5wp69Dt6P1GeCscO+usocQyE1yzOQtV7
trKMVcEfMMJ44bjUSxxM1k6sPw6qZQwfsHfIeXQBZFzTdE2TWaiY5Y05uQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGx+Wxf/JsT7dT7hc4y+eWaD0/buMB8GA1UdIwQY
MBaAFHZnAjbNDgOGhKMxlL3n1Lla3Gb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgt
YmE0ZmMyMzQ2ODNlLzEvYkg1YkZfOG14UHQxUHVGempMNTVab1BUOXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8xODA5ZGEtMWM2Zi00NGRiLWFhMjgtYmE0ZmMyMzQ2ODNl
LzEvZG1jQ05zME9BNGFFb3pHVXZlZlV1VnJjWnZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgUFQQGh
MA0GCSqGSIb3DQEBCwUAA4IBAQCKp+tCoLKvPemW3Xc7e1obN3mVL6YcXGbDVJaq
FokwEhm8Q2qNXSjhK4in9Jh+gTopm8c7ml+RnLmpSA7vg26XNMv2iZTEXxhx+uCg
ohQ4LyjHKZV1FOsaud8976QjAmMgDIKRjthA5ctHN0Kj2ZZg4PTPblDuZPb/EyXO
eJsqG9YXOyJDhjevJrZZCTXAW2L6Sw/I+fkrBGe4fvBA+ht51OxHEk0QWFATI0IQ
v7RxM8F3Zys6YILITXJehN9Hkbcw9Jp0v313/uSSPwsBFG1ClfP2bxGjGR0NZHNc
N05JyO0+m2ocD6mpzDyPspTd3aR2+4bf6L/VdPdwGqVXroqm
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:44:11 2025 by rpki-client