Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/BKpPZ6YhMA786wWelQvZ2FdIeg0.roa
File: BKpPZ6YhMA786wWelQvZ2FdIeg0.roa (raw, json)
Hash identifier: CY94cVx1ALq/cp1lEiwu3JzO7Vk53LXHozpiwU2ifHA=
Subject key identifier: 04:AA:4F:67:A6:21:30:0E:FC:EB:05:9E:95:0B:D9:D8:57:48:7A:0D
Certificate issuer: /CN=234b54b119a7b3eff153085b7315507cd8513a0f
Certificate serial: 0194266BDEA7D6F39C45736FCEE0F8033C2A
Authority key identifier: 23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/BKpPZ6YhMA786wWelQvZ2FdIeg0.roa
Signing time: Thu 02 Jan 2025 09:49:51 +0000
ROA not before: Thu 02 Jan 2025 09:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214561
IP address blocks: 2a04:5b81:21b0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:de:a7:d6:f3:9c:45:73:6f:ce:e0:f8:03:3c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234b54b119a7b3eff153085b7315507cd8513a0f
Validity
Not Before: Jan 2 09:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04aa4f67a621300efceb059e950bd9d857487a0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cd:f4:ca:43:bb:1a:d6:ed:2d:b4:c8:44:ed:
d5:95:b7:24:28:f2:d3:97:51:3b:3c:b7:25:a2:35:
0b:35:e5:5c:00:38:35:c2:7b:55:a3:ec:11:a0:a4:
81:00:f7:d8:ca:70:7e:66:53:a7:d1:a3:70:ff:8b:
34:51:6d:7f:b0:be:95:aa:27:3b:d5:46:0e:2b:15:
68:8e:93:e5:5a:22:a3:f5:3f:8e:be:02:d2:de:5c:
c9:e3:46:1f:ff:f6:b4:2a:87:94:8b:c8:c3:83:cc:
c4:6e:5b:86:a4:33:0e:a4:da:f5:91:4b:b0:94:7d:
66:f2:ac:42:b5:9f:9f:8c:d6:56:26:d5:98:65:10:
c0:6b:f6:65:67:ca:62:c9:8a:5a:e5:39:5b:47:ce:
96:f9:46:e7:e3:5d:32:56:02:c5:10:a5:8b:56:4e:
c1:4f:2b:01:02:5a:d5:5e:7e:94:63:8f:9c:40:cc:
7d:ac:83:00:bb:24:6d:40:dc:8d:89:4e:77:85:0b:
3c:de:25:0d:44:5e:da:28:d3:7a:a1:fe:7b:ba:f5:
c6:5f:90:a2:37:dc:14:f0:86:33:23:97:12:34:96:
09:ef:92:9a:5d:ea:f6:ff:20:07:05:21:f8:55:6f:
a1:01:e6:dc:49:00:63:40:72:83:54:64:52:ed:2a:
89:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:AA:4F:67:A6:21:30:0E:FC:EB:05:9E:95:0B:D9:D8:57:48:7A:0D
X509v3 Authority Key Identifier:
keyid:23:4B:54:B1:19:A7:B3:EF:F1:53:08:5B:73:15:50:7C:D8:51:3A:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0tUsRmns-_xUwhbcxVQfNhROg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/BKpPZ6YhMA786wWelQvZ2FdIeg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bc7078-1ee4-42f1-bc34-1d21d1bce3fe/1/I0tUsRmns-_xUwhbcxVQfNhROg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5b81:21b0::/44
Signature Algorithm: sha256WithRSAEncryption
b0:2b:58:c1:52:cb:09:5f:ae:a6:cc:51:36:00:34:3a:19:be:
48:4e:08:b0:99:9c:c6:dd:05:d5:f6:f3:24:8f:e9:cf:a9:99:
fc:44:ff:b8:8d:4f:3c:39:c8:fc:d9:5f:bb:6c:9f:4b:1b:ef:
de:f3:04:00:9d:cb:d7:97:26:aa:a6:4d:c8:a8:64:2a:42:26:
78:e9:9e:ce:b4:7c:6d:9a:43:a5:a6:af:ce:78:8f:18:85:fd:
9c:de:aa:1a:bb:ae:8b:42:e8:8e:fd:18:94:c9:b5:57:de:74:
d4:ac:b3:2c:8a:81:90:ac:d0:6e:7a:f4:f0:bd:04:e0:ed:3d:
73:4b:8a:f0:49:21:fe:78:69:22:ee:1b:7d:7c:bb:f2:dd:8b:
40:1c:b5:98:ee:38:3e:98:5b:05:fe:01:5a:e8:e9:a5:90:30:
15:6e:7e:90:29:77:82:07:b0:76:d4:4f:63:54:33:de:1e:9d:
91:88:83:c8:a0:a4:81:05:3f:7f:ee:6f:d0:01:8a:f6:9c:c8:
ec:fe:5e:ad:f7:1b:f1:79:ba:e0:8c:dd:d2:7e:8e:dc:fa:88:
25:4c:7c:9d:cb:a3:9f:fa:9b:c1:74:ed:75:68:25:72:ee:2c:
47:4d:44:0c:f9:c1:c3:b6:f6:eb:19:82:33:28:7b:38:5d:dc:
89:b5:80:70
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQma96n1vOcRXNvzuD4AzwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNGI1NGIxMTlhN2IzZWZmMTUzMDg1YjczMTU1MDdjZDg1
MTNhMGYwHhcNMjUwMTAyMDk0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFhNGY2N2E2MjEzMDBlZmNlYjA1OWU5NTBiZDlkODU3NDg3YTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3M30ykO7GtbtLbTIRO3VlbckKPLT
l1E7PLclojULNeVcADg1wntVo+wRoKSBAPfYynB+ZlOn0aNw/4s0UW1/sL6Vqic7
1UYOKxVojpPlWiKj9T+OvgLS3lzJ40Yf//a0KoeUi8jDg8zEbluGpDMOpNr1kUuw
lH1m8qxCtZ+fjNZWJtWYZRDAa/ZlZ8piyYpa5TlbR86W+Ubn410yVgLFEKWLVk7B
TysBAlrVXn6UY4+cQMx9rIMAuyRtQNyNiU53hQs83iUNRF7aKNN6of57uvXGX5Ci
N9wU8IYzI5cSNJYJ75KaXer2/yAHBSH4VW+hAebcSQBjQHKDVGRS7SqJBQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFASqT2emITAO/OsFnpUL2dhXSHoNMB8GA1UdIwQY
MBaAFCNLVLEZp7Pv8VMIW3MVUHzYUToPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQt
MWQyMWQxYmNlM2ZlLzEvQktwUFo2WWhNQTc4NndXZWxRdloyRmRJZWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iYzcwNzgtMWVlNC00MmYxLWJjMzQtMWQyMWQxYmNlM2Zl
LzEvSTB0VXNSbW5zLV94VXdoYmN4VlFmTmhST2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgRbgSGw
MA0GCSqGSIb3DQEBCwUAA4IBAQCwK1jBUssJX66mzFE2ADQ6Gb5ITgiwmZzG3QXV
9vMkj+nPqZn8RP+4jU88Ocj82V+7bJ9LG+/e8wQAncvXlyaqpk3IqGQqQiZ46Z7O
tHxtmkOlpq/OeI8Yhf2c3qoau66LQuiO/RiUybVX3nTUrLMsioGQrNBuevTwvQTg
7T1zS4rwSSH+eGki7ht9fLvy3YtAHLWY7jg+mFsF/gFa6OmlkDAVbn6QKXeCB7B2
1E9jVDPeHp2RiIPIoKSBBT9/7m/QAYr2nMjs/l6t9xvxebrgjN3Sfo7c+oglTHyd
y6Of+pvBdO11aCVy7ixHTUQM+cHDtvbrGYIzKHs4XdyJtYBw
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:15 2025 by rpki-client