Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/Biv2qTrQNJJYQlmIhX2GXCsPh8k.roa
File: Biv2qTrQNJJYQlmIhX2GXCsPh8k.roa (raw, json)
Hash identifier: qgzc+HC1Pbq5Sym5wnfMxLGpd7cCm/TouNcPCVsFEcM=
Subject key identifier: 06:2B:F6:A9:3A:D0:34:92:58:42:59:88:85:7D:86:5C:2B:0F:87:C9
Certificate issuer: /CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431
Certificate serial: 019425FDDF43419814D58812ACABBBA2730D
Authority key identifier: 1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/Biv2qTrQNJJYQlmIhX2GXCsPh8k.roa
Signing time: Thu 02 Jan 2025 07:49:42 +0000
ROA not before: Thu 02 Jan 2025 07:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212351
IP address blocks: 2001:678:eb0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:df:43:41:98:14:d5:88:12:ac:ab:bb:a2:73:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c69c76338afc9085b8fbd669b8b74bd7a92d431
Validity
Not Before: Jan 2 07:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=062bf6a93ad0349258425988857d865c2b0f87c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8a:00:b7:d6:be:c7:3d:86:a6:6f:70:7d:32:
20:e7:eb:27:a1:35:a5:d2:fa:d4:f5:83:8c:54:36:
51:c1:76:ee:0c:5d:d9:c3:d0:ed:4c:ed:b4:2a:3b:
c5:b0:16:39:02:61:8d:2c:58:96:c2:f4:d2:92:4a:
f7:ea:5d:b1:bf:37:4c:ef:bc:9b:2c:29:03:c8:61:
6e:f7:49:a0:5c:65:f1:2c:1a:65:a6:b4:9c:19:8a:
ce:5b:48:bc:0c:ff:07:6d:d2:7b:f0:73:5c:a6:5f:
9c:cf:2b:9e:48:9e:a7:df:fa:df:6e:c9:51:29:b9:
70:e1:43:0f:e6:79:cf:36:b3:93:ee:a0:9c:21:b1:
77:4c:00:c6:51:b4:e9:1e:df:f8:3e:d0:c0:02:b0:
78:6e:a4:cb:71:06:17:00:da:df:94:34:80:01:a8:
31:1b:d4:e0:43:e5:b5:e5:86:32:95:d1:d5:31:70:
65:14:24:90:b5:8f:2a:ae:df:5a:66:63:e8:88:f2:
0a:24:a5:16:c3:19:a8:6b:c4:da:48:8a:dd:67:28:
59:57:1c:fe:ca:99:6c:73:17:5b:f2:94:8c:8c:d1:
16:0c:ec:f6:00:c9:08:dc:2e:b8:05:77:95:8a:c2:
df:5a:f8:55:b7:85:5a:79:4a:f5:7f:0e:4d:63:f6:
89:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2B:F6:A9:3A:D0:34:92:58:42:59:88:85:7D:86:5C:2B:0F:87:C9
X509v3 Authority Key Identifier:
keyid:1C:69:C7:63:38:AF:C9:08:5B:8F:BD:66:9B:8B:74:BD:7A:92:D4:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HGnHYzivyQhbj71mm4t0vXqS1DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/Biv2qTrQNJJYQlmIhX2GXCsPh8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/a2088b-a126-4ba6-871c-5759b427f4d1/1/HGnHYzivyQhbj71mm4t0vXqS1DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:eb0::/48
Signature Algorithm: sha256WithRSAEncryption
50:65:99:9e:cb:84:7f:ab:73:b4:67:77:8d:1b:20:a7:49:e5:
bb:e9:d5:e4:ad:11:d9:d8:aa:bc:f3:ce:25:82:c5:de:59:56:
b4:c8:88:ff:d1:66:2e:eb:5a:5e:95:21:97:b9:54:d2:82:c5:
3f:fa:2e:db:fd:55:da:90:5c:61:97:78:fb:15:8b:52:ba:08:
9b:58:aa:b5:86:90:59:19:6c:7a:ee:a0:75:e7:08:c7:b0:89:
d0:1b:8f:1b:79:ac:07:26:c3:eb:f1:86:d7:9c:95:8d:e9:0c:
8c:f8:8e:b0:81:f9:79:24:3c:c7:ef:0c:3d:89:66:46:c8:2f:
2c:0e:ee:c8:aa:93:96:0c:a6:a7:96:7d:ec:78:73:f0:72:8f:
aa:c5:50:a8:ac:0b:21:34:92:7b:0b:ac:fd:c1:e9:f8:6c:f1:
d4:93:74:5e:de:81:9c:06:d0:6b:36:a6:d6:c8:b4:cc:34:64:
0e:b3:14:8a:75:74:29:55:9b:26:37:c5:89:10:32:b3:5e:ff:
09:a1:ab:72:95:84:7f:59:9d:b5:76:d2:2c:5b:42:d2:55:b4:
21:42:ea:98:3c:af:f4:aa:03:d6:b5:61:19:5f:1a:bc:8b:48:
32:19:f6:97:a3:3e:d3:b4:aa:35:eb:85:fb:68:44:1a:f2:b3:
e3:17:2e:86
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQl/d9DQZgU1YgSrKu7onMNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNjljNzYzMzhhZmM5MDg1YjhmYmQ2NjliOGI3NGJkN2E5
MmQ0MzEwHhcNMjUwMTAyMDc0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJiZjZhOTNhZDAzNDkyNTg0MjU5ODg4NTdkODY1YzJiMGY4N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYoAt9a+xz2Gpm9wfTIg5+snoTWl
0vrU9YOMVDZRwXbuDF3Zw9DtTO20KjvFsBY5AmGNLFiWwvTSkkr36l2xvzdM77yb
LCkDyGFu90mgXGXxLBplprScGYrOW0i8DP8HbdJ78HNcpl+czyueSJ6n3/rfbslR
Kblw4UMP5nnPNrOT7qCcIbF3TADGUbTpHt/4PtDAArB4bqTLcQYXANrflDSAAagx
G9TgQ+W15YYyldHVMXBlFCSQtY8qrt9aZmPoiPIKJKUWwxmoa8TaSIrdZyhZVxz+
yplscxdb8pSMjNEWDOz2AMkI3C64BXeVisLfWvhVt4VaeUr1fw5NY/aJDwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAYr9qk60DSSWEJZiIV9hlwrD4fJMB8GA1UdIwQY
MBaAFBxpx2M4r8kIW4+9ZpuLdL16ktQxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9hMjA4OGItYTEyNi00YmE2LTg3MWMt
NTc1OWI0MjdmNGQxLzEvQml2MnFUclFOSkpZUWxtSWhYMkdYQ3NQaDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9hMjA4OGItYTEyNi00YmE2LTg3MWMtNTc1OWI0MjdmNGQx
LzEvSEduSFl6aXZ5UWhiajcxbW00dDB2WHFTMURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA6w
MA0GCSqGSIb3DQEBCwUAA4IBAQBQZZmey4R/q3O0Z3eNGyCnSeW76dXkrRHZ2Kq8
884lgsXeWVa0yIj/0WYu61pelSGXuVTSgsU/+i7b/VXakFxhl3j7FYtSugibWKq1
hpBZGWx67qB15wjHsInQG48beawHJsPr8YbXnJWN6QyM+I6wgfl5JDzH7ww9iWZG
yC8sDu7IqpOWDKanln3seHPwco+qxVCorAshNJJ7C6z9wen4bPHUk3Re3oGcBtBr
NqbWyLTMNGQOsxSKdXQpVZsmN8WJEDKzXv8JoatylYR/WZ21dtIsW0LSVbQhQuqY
PK/0qgPWtWEZXxq8i0gyGfaXoz7TtKo164X7aEQa8rPjFy6G
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:24:23 2025 by rpki-client