Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/BxkjBgOs_QqvDUtNW3Nc8-ksoTE.roa
File: BxkjBgOs_QqvDUtNW3Nc8-ksoTE.roa (raw, json)
Hash identifier: gDXKOs9fy4ooZU3eYpgDqzeg+3EL2y32/MGTZG96giQ=
Subject key identifier: 07:19:23:06:03:AC:FD:0A:AF:0D:4B:4D:5B:73:5C:F3:E9:2C:A1:31
Certificate issuer: /CN=54914541fd1b95e7c0afc875fbef78794f55386b
Certificate serial: 01830E53CB81485C7A3411A67F211A5E5C8E
Authority key identifier: 54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/BxkjBgOs_QqvDUtNW3Nc8-ksoTE.roa
Signing time: Mon 05 Sep 2022 15:45:16 +0000
ROA not before: Mon 05 Sep 2022 15:45:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202988
IP address blocks: 2a06:a005:1b70::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0e:53:cb:81:48:5c:7a:34:11:a6:7f:21:1a:5e:5c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54914541fd1b95e7c0afc875fbef78794f55386b
Validity
Not Before: Sep 5 15:45:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0719230603acfd0aaf0d4b4d5b735cf3e92ca131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3e:3c:0c:2e:a8:bd:22:a0:d2:06:69:f0:95:
62:07:03:22:4b:9c:5e:35:e9:48:2c:4f:f7:9a:39:
10:57:13:8e:f7:c6:fb:fc:af:03:4f:d7:01:ca:6b:
8b:e2:46:4f:1d:8d:58:58:16:b6:93:44:13:bc:86:
6a:26:09:a6:35:5b:77:56:1c:b4:56:31:87:8c:ec:
da:a1:d2:10:2a:8f:d0:39:bb:5e:63:43:bc:4a:03:
43:c9:1a:6f:a8:6f:b2:61:79:a5:bb:ee:ba:52:e3:
08:52:76:39:96:fd:20:2f:5d:82:69:d2:47:29:56:
99:66:fc:b3:f3:f0:e6:81:63:88:20:2d:b9:3b:93:
c8:61:fb:8c:24:55:55:76:aa:30:04:68:d1:5d:d9:
78:d3:04:4f:9b:bf:01:48:ac:a8:d6:fb:a8:10:b8:
20:5a:85:44:70:a1:38:da:94:1f:d9:40:d5:1d:d6:
b3:ae:86:06:67:e0:e3:f8:90:df:82:ef:ea:34:0b:
09:fa:cd:3a:6b:74:e3:aa:b5:c7:1b:53:74:56:8f:
53:ef:dd:c9:e6:1f:e2:20:51:45:97:7b:39:21:b0:
95:f9:fc:d3:23:db:87:a9:71:c2:98:58:75:52:0f:
a0:7c:1a:4a:a4:2d:3d:63:57:47:1c:ed:5d:b4:72:
3c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:19:23:06:03:AC:FD:0A:AF:0D:4B:4D:5B:73:5C:F3:E9:2C:A1:31
X509v3 Authority Key Identifier:
keyid:54:91:45:41:FD:1B:95:E7:C0:AF:C8:75:FB:EF:78:79:4F:55:38:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VJFFQf0blefAr8h1--94eU9VOGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/BxkjBgOs_QqvDUtNW3Nc8-ksoTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/464631-ca8e-4c6a-b091-d9f6d9642537/1/VJFFQf0blefAr8h1--94eU9VOGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1b70::/44
Signature Algorithm: sha256WithRSAEncryption
29:d8:0b:10:02:3b:40:b8:5c:31:15:83:26:93:10:cd:de:a5:
4b:19:8e:e2:39:13:04:ba:1a:7a:19:94:95:ed:5c:1e:1c:e3:
88:2b:2f:6a:db:b9:4f:62:fa:6a:cb:72:4b:80:ca:2b:be:6a:
36:29:8f:be:96:e3:8c:d9:41:0c:76:45:5b:0a:1a:45:ef:05:
6f:27:be:ea:cb:f1:59:cd:99:49:bf:74:40:5e:79:f4:59:c8:
3e:70:e3:bb:50:3e:25:71:4a:45:70:83:f8:b0:6c:4c:91:a3:
91:af:84:81:5c:40:43:59:ca:e5:70:1a:ef:9b:de:71:9a:3e:
14:74:f8:ad:5d:ca:77:ad:17:5d:c7:3d:37:e2:f2:7f:8e:7e:
ad:01:3a:f5:6f:d4:8c:57:0e:17:1f:01:2b:fc:d9:2f:52:c1:
42:b4:ec:2e:43:d5:e8:d4:c8:70:d1:23:10:1a:da:fe:b0:3b:
29:09:7c:57:b5:5d:be:ad:14:8a:11:e9:52:da:ed:97:f3:eb:
3c:d8:a0:03:bf:29:50:3c:b1:91:a8:c8:e7:90:48:59:44:83:
d7:54:dc:5e:38:78:1e:2d:0d:04:5b:1d:b0:5d:e3:ab:ff:3f:
ee:5a:6d:10:94:77:8d:f8:e8:90:37:a8:50:ce:8d:b8:33:d6:
95:b5:d3:17
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYMOU8uBSFx6NBGmfyEaXlyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0OTE0NTQxZmQxYjk1ZTdjMGFmYzg3NWZiZWY3ODc5NGY1
NTM4NmIwHhcNMjIwOTA1MTU0NTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE5MjMwNjAzYWNmZDBhYWYwZDRiNGQ1YjczNWNmM2U5MmNhMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj48DC6ovSKg0gZp8JViBwMiS5xe
NelILE/3mjkQVxOO98b7/K8DT9cBymuL4kZPHY1YWBa2k0QTvIZqJgmmNVt3Vhy0
VjGHjOzaodIQKo/QObteY0O8SgNDyRpvqG+yYXmlu+66UuMIUnY5lv0gL12CadJH
KVaZZvyz8/DmgWOIIC25O5PIYfuMJFVVdqowBGjRXdl40wRPm78BSKyo1vuoELgg
WoVEcKE42pQf2UDVHdazroYGZ+Dj+JDfgu/qNAsJ+s06a3TjqrXHG1N0Vo9T793J
5h/iIFFFl3s5IbCV+fzTI9uHqXHCmFh1Ug+gfBpKpC09Y1dHHO1dtHI8/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAcZIwYDrP0Krw1LTVtzXPPpLKExMB8GA1UdIwQY
MBaAFFSRRUH9G5XnwK/IdfvveHlPVThrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEt
ZDlmNmQ5NjQyNTM3LzEvQnhrakJnT3NfUXF2RFV0TlczTmM4LWtzb1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80NjQ2MzEtY2E4ZS00YzZhLWIwOTEtZDlmNmQ5NjQyNTM3
LzEvVkpGRlFmMGJsZWZBcjhoMS0tOTRlVTlWT0dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgagBRtw
MA0GCSqGSIb3DQEBCwUAA4IBAQAp2AsQAjtAuFwxFYMmkxDN3qVLGY7iORMEuhp6
GZSV7VweHOOIKy9q27lPYvpqy3JLgMorvmo2KY++luOM2UEMdkVbChpF7wVvJ77q
y/FZzZlJv3RAXnn0Wcg+cOO7UD4lcUpFcIP4sGxMkaORr4SBXEBDWcrlcBrvm95x
mj4UdPitXcp3rRddxz034vJ/jn6tATr1b9SMVw4XHwEr/NkvUsFCtOwuQ9Xo1Mhw
0SMQGtr+sDspCXxXtV2+rRSKEelS2u2X8+s82KADvylQPLGRqMjnkEhZRIPXVNxe
OHgeLQ0EWx2wXeOr/z/uWm0QlHeN+OiQN6hQzo24M9aVtdMX
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:21:04 2025 by rpki-client