Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/bz3fbBHm2ElR6vxL1-cqQoSLlk8.roa
File: bz3fbBHm2ElR6vxL1-cqQoSLlk8.roa (raw, json)
Hash identifier: iWv2k5/cNl7lJrUkdCeVYiFcY+HPf8sJg4JbV1Gwcrc=
Subject key identifier: 6F:3D:DF:6C:11:E6:D8:49:51:EA:FC:4B:D7:E7:2A:42:84:8B:96:4F
Certificate issuer: /CN=68efcca8498f5d26c120af34d846c0281ff629af
Certificate serial: 019596D051E6D770BC73F934369FF79E4E03
Authority key identifier: 68:EF:CC:A8:49:8F:5D:26:C1:20:AF:34:D8:46:C0:28:1F:F6:29:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/bz3fbBHm2ElR6vxL1-cqQoSLlk8.roa
Signing time: Fri 14 Mar 2025 22:39:49 +0000
ROA not before: Fri 14 Mar 2025 22:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30931
IP address blocks: 2001:67c:1b24::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:96:d0:51:e6:d7:70:bc:73:f9:34:36:9f:f7:9e:4e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68efcca8498f5d26c120af34d846c0281ff629af
Validity
Not Before: Mar 14 22:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f3ddf6c11e6d84951eafc4bd7e72a42848b964f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9d:a4:a4:e7:7f:12:56:55:14:aa:1f:f1:eb:
13:40:90:6d:f7:e5:eb:82:ba:6d:84:3c:ed:54:c2:
da:6a:d8:82:d3:92:22:bf:5e:10:08:93:df:4d:33:
81:92:0b:56:f7:49:f9:66:7d:15:fd:12:04:e0:11:
b3:10:28:4e:c9:9c:a7:68:cb:bd:58:e8:85:7b:6b:
58:23:1b:1c:11:6f:3d:34:79:bd:2a:98:9b:3d:9d:
71:82:4c:f4:a3:fa:82:b6:5e:5c:ef:46:26:04:82:
b5:70:eb:e7:95:6b:91:a3:d2:dd:7c:17:9e:ba:cc:
20:7f:71:58:2a:f5:b2:cc:c8:dc:58:14:f6:3c:a2:
92:98:60:64:af:8b:d8:94:8b:97:90:54:9d:53:bd:
6f:c0:0b:52:19:23:6e:0a:2a:14:b7:6e:9d:af:89:
30:4b:23:15:b8:46:b3:63:2c:93:8c:cf:2f:36:43:
12:07:df:7d:66:4e:fb:34:71:fb:97:a7:26:78:de:
3c:c8:49:ec:e2:59:cc:92:d2:dc:df:ea:b4:26:15:
c5:ef:1b:3b:b6:e6:ee:e0:1b:af:81:bf:18:fd:63:
98:08:86:98:28:b8:2c:60:20:4f:f6:24:ca:19:26:
d9:d0:a0:85:25:87:ff:79:73:91:fe:5d:a5:9f:7b:
35:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3D:DF:6C:11:E6:D8:49:51:EA:FC:4B:D7:E7:2A:42:84:8B:96:4F
X509v3 Authority Key Identifier:
keyid:68:EF:CC:A8:49:8F:5D:26:C1:20:AF:34:D8:46:C0:28:1F:F6:29:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aO_MqEmPXSbBIK802EbAKB_2Ka8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/bz3fbBHm2ElR6vxL1-cqQoSLlk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/397b5c-8fc8-4b56-b603-358145d9a81d/1/aO_MqEmPXSbBIK802EbAKB_2Ka8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1b24::/48
Signature Algorithm: sha256WithRSAEncryption
26:d7:aa:fb:53:af:4d:5b:7b:db:71:6e:1c:54:a5:dc:3f:ee:
1c:9b:3c:66:81:d6:c7:b7:23:d5:32:9b:83:02:7a:ad:f7:58:
3f:e2:1b:d1:9d:7b:c5:c0:8e:a5:45:5c:c9:fb:48:bf:7d:78:
77:e8:a4:97:ce:fc:3e:64:a0:f6:0a:c2:e4:65:d9:dd:18:fd:
78:cd:8e:3d:1f:61:aa:03:cd:c2:d5:30:4a:3f:46:d8:0d:7b:
ff:63:0a:5c:39:63:06:0f:ac:de:a7:19:ee:40:8a:2d:9d:b1:
e2:ca:2f:21:63:36:ab:c0:f1:42:07:ca:d7:0a:2a:f9:00:1f:
4a:5e:b0:62:99:2d:69:87:26:90:ed:86:75:7c:0e:50:05:a3:
c3:99:96:4a:d6:25:9a:1d:f2:d7:69:6e:1e:e7:13:92:51:95:
de:20:81:06:ad:20:81:1f:bd:1b:6e:c6:4f:1c:b4:78:42:5b:
bb:d4:2a:40:ee:1d:cc:7c:ab:88:8e:d7:4f:0d:91:78:01:65:
0a:f3:be:fa:54:13:3e:50:ca:e0:0f:82:cc:08:56:08:f5:4f:
17:0b:b6:c7:be:50:d0:2e:9b:d9:7c:11:41:5b:02:61:53:b6:
9d:8b:fc:38:5c:32:76:87:32:eb:32:e8:dc:c1:6f:0b:96:4c:
13:bb:96:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZWW0FHm13C8c/k0Np/3nk4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZWZjY2E4NDk4ZjVkMjZjMTIwYWYzNGQ4NDZjMDI4MWZm
NjI5YWYwHhcNMjUwMzE0MjIzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNkZGY2YzExZTZkODQ5NTFlYWZjNGJkN2U3MmE0Mjg0OGI5NjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ2kpOd/ElZVFKof8esTQJBt9+Xr
grpthDztVMLaatiC05Iiv14QCJPfTTOBkgtW90n5Zn0V/RIE4BGzEChOyZynaMu9
WOiFe2tYIxscEW89NHm9KpibPZ1xgkz0o/qCtl5c70YmBIK1cOvnlWuRo9LdfBee
uswgf3FYKvWyzMjcWBT2PKKSmGBkr4vYlIuXkFSdU71vwAtSGSNuCioUt26dr4kw
SyMVuEazYyyTjM8vNkMSB999Zk77NHH7l6cmeN48yEns4lnMktLc3+q0JhXF7xs7
tubu4Buvgb8Y/WOYCIaYKLgsYCBP9iTKGSbZ0KCFJYf/eXOR/l2ln3s19QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG8932wR5thJUer8S9fnKkKEi5ZPMB8GA1UdIwQY
MBaAFGjvzKhJj10mwSCvNNhGwCgf9imvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zOTdiNWMtOGZjOC00YjU2LWI2MDMt
MzU4MTQ1ZDlhODFkLzEvYnozZmJCSG0yRWxSNnZ4TDEtY3FRb1NMbGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zOTdiNWMtOGZjOC00YjU2LWI2MDMtMzU4MTQ1ZDlhODFk
LzEvYU9fTXFFbVBYU2JCSUs4MDJFYkFLQl8yS2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBsk
MA0GCSqGSIb3DQEBCwUAA4IBAQAm16r7U69NW3vbcW4cVKXcP+4cmzxmgdbHtyPV
MpuDAnqt91g/4hvRnXvFwI6lRVzJ+0i/fXh36KSXzvw+ZKD2CsLkZdndGP14zY49
H2GqA83C1TBKP0bYDXv/YwpcOWMGD6zepxnuQIotnbHiyi8hYzarwPFCB8rXCir5
AB9KXrBimS1phyaQ7YZ1fA5QBaPDmZZK1iWaHfLXaW4e5xOSUZXeIIEGrSCBH70b
bsZPHLR4Qlu71CpA7h3MfKuIjtdPDZF4AWUK8776VBM+UMrgD4LMCFYI9U8XC7bH
vlDQLpvZfBFBWwJhU7adi/w4XDJ2hzLrMujcwW8LlkwTu5bB
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:26:42 2025 by rpki-client