Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/BwhHBq8_nG_K7m_W3G4RHhTida0.roa
File: BwhHBq8_nG_K7m_W3G4RHhTida0.roa (raw, json)
Hash identifier: NMnRXfbQ1lBRTE5ileh9Mp+IR5izyXDHjaaBnvkh6pY=
Subject key identifier: 07:08:47:06:AF:3F:9C:6F:CA:EE:6F:D6:DC:6E:11:1E:14:E2:75:AD
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 0194221FDF42B2FA108CD5FE640400AA5332
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/BwhHBq8_nG_K7m_W3G4RHhTida0.roa
Signing time: Wed 01 Jan 2025 13:48:21 +0000
ROA not before: Wed 01 Jan 2025 13:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30788
IP address blocks: 2a09:8b80::/29 maxlen: 29
2a0a:bbc0::/29 maxlen: 29
2a0d:f640::/29 maxlen: 29
2a0e:6740::/29 maxlen: 29
2a0e:9180::/29 maxlen: 29
2a0e:c440::/29 maxlen: 29
2a12:1a40::/29 maxlen: 29
2a12:2e40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:df:42:b2:fa:10:8c:d5:fe:64:04:00:aa:53:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Jan 1 13:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07084706af3f9c6fcaee6fd6dc6e111e14e275ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:43:36:43:ea:2e:f5:af:0e:35:be:4c:72:6f:
dc:82:e8:91:8f:d5:a2:3f:2a:1d:4f:43:e8:1f:e6:
b5:e8:96:73:41:90:af:48:0f:46:6e:0d:c2:ac:d6:
00:24:c5:55:8c:72:7c:5c:69:45:29:83:07:77:ad:
d0:05:8a:1e:12:4d:62:60:3d:32:46:25:ec:0f:33:
c0:53:db:46:c6:47:c1:3f:eb:00:99:60:3f:fe:90:
df:be:4c:61:b8:e6:25:26:39:71:e7:0d:c7:0e:43:
f3:a6:18:a6:6a:da:4f:79:1e:43:ba:54:b8:db:68:
79:09:a9:fe:8e:06:56:96:24:58:f4:62:73:f8:fb:
79:ca:fe:8b:3b:48:c8:cd:de:54:00:14:4b:81:b9:
a7:2b:42:61:64:d0:03:22:26:1b:88:16:d8:30:83:
44:10:63:2e:3d:a1:95:2c:d3:b4:c9:b3:1a:e1:28:
10:c4:d3:cc:dd:69:4a:5d:19:04:91:7e:a2:9c:97:
d6:a1:a4:7f:8f:c4:cf:63:33:89:23:a1:2b:cc:eb:
7e:97:aa:25:ed:34:bd:1c:d0:27:e5:4d:bc:ab:45:
67:82:8f:ac:93:57:d2:38:38:b4:4a:95:a6:0d:da:
4e:d6:bc:42:a0:1b:0c:11:33:e7:00:24:62:fb:a0:
95:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:08:47:06:AF:3F:9C:6F:CA:EE:6F:D6:DC:6E:11:1E:14:E2:75:AD
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/BwhHBq8_nG_K7m_W3G4RHhTida0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b80::/29
2a0a:bbc0::/29
2a0d:f640::/29
2a0e:6740::/29
2a0e:9180::/29
2a0e:c440::/29
2a12:1a40::/29
2a12:2e40::/29
Signature Algorithm: sha256WithRSAEncryption
94:3b:d2:16:fe:16:2f:36:28:e8:95:fc:81:10:9d:86:22:f7:
35:49:e3:03:53:61:e5:4e:ac:1c:2c:65:c8:cd:98:fe:47:da:
02:f9:b7:86:37:ac:db:43:69:e0:96:19:ab:e5:8e:c5:0c:fa:
dd:98:3d:80:cd:ba:1b:31:16:eb:96:6d:8a:b0:d5:c2:3a:8f:
7b:8d:fa:9e:95:29:5a:84:94:58:30:90:96:bf:67:ab:90:5a:
a6:aa:34:b8:f5:42:61:00:71:67:1a:85:fc:74:ba:fc:20:72:
7d:43:94:c7:79:41:2b:ed:70:70:f6:63:96:5f:dd:73:fb:2e:
d7:40:35:e5:de:27:dd:2f:96:ab:42:a4:db:b4:71:be:6b:6f:
04:d3:34:fa:f5:8e:83:b7:e9:3b:d4:a0:83:c0:f3:b4:db:c0:
b4:ae:67:76:95:d2:00:63:a5:0a:ed:15:aa:c2:98:ad:a0:1a:
e9:a7:0c:47:82:27:1b:cf:b3:e3:00:e0:66:3a:45:70:43:97:
c6:3b:1c:10:8c:4c:3f:96:4b:c6:17:ec:16:44:2e:a9:10:13:
d8:94:2f:82:a0:ac:eb:58:09:00:11:6f:a0:66:7f:98:0d:5b:
23:38:69:e4:76:20:f5:c4:e3:63:f7:7d:20:d1:d7:0b:0e:88:
b1:91:56:d4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQiH99CsvoQjNX+ZAQAqlMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjUwMTAxMTM0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzA4NDcwNmFmM2Y5YzZmY2FlZTZmZDZkYzZlMTExZTE0ZTI3NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkM2Q+ou9a8ONb5Mcm/cguiRj9Wi
PyodT0PoH+a16JZzQZCvSA9Gbg3CrNYAJMVVjHJ8XGlFKYMHd63QBYoeEk1iYD0y
RiXsDzPAU9tGxkfBP+sAmWA//pDfvkxhuOYlJjlx5w3HDkPzphimatpPeR5DulS4
22h5Can+jgZWliRY9GJz+Pt5yv6LO0jIzd5UABRLgbmnK0JhZNADIiYbiBbYMINE
EGMuPaGVLNO0ybMa4SgQxNPM3WlKXRkEkX6inJfWoaR/j8TPYzOJI6ErzOt+l6ol
7TS9HNAn5U28q0Vngo+sk1fSODi0SpWmDdpO1rxCoBsMETPnACRi+6CVfwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAcIRwavP5xvyu5v1txuER4U4nWtMB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvQndoSEJxOF9uR19LN21fVzNHNFJIaFRpZGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKgmLgAMF
AyoKu8ADBQMqDfZAAwUDKg5nQAMFAyoOkYADBQMqDsRAAwUDKhIaQAMFAyoSLkAw
DQYJKoZIhvcNAQELBQADggEBAJQ70hb+Fi82KOiV/IEQnYYi9zVJ4wNTYeVOrBws
ZcjNmP5H2gL5t4Y3rNtDaeCWGavljsUM+t2YPYDNuhsxFuuWbYqw1cI6j3uN+p6V
KVqElFgwkJa/Z6uQWqaqNLj1QmEAcWcahfx0uvwgcn1DlMd5QSvtcHD2Y5Zf3XP7
LtdANeXeJ90vlqtCpNu0cb5rbwTTNPr1joO36TvUoIPA87TbwLSuZ3aV0gBjpQrt
FarCmK2gGumnDEeCJxvPs+MA4GY6RXBDl8Y7HBCMTD+WS8YX7BZELqkQE9iUL4Kg
rOtYCQARb6Bmf5gNWyM4aeR2IPXE42P3fSDR1wsOiLGRVtQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:53:34 2025 by rpki-client