Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/BN10iJQINkqqQbCXE2ZsJo5PDg0.roa
File: BN10iJQINkqqQbCXE2ZsJo5PDg0.roa (raw, json)
Hash identifier: dLiu8pKhhmUdKMIv3bdjJ619GvxkAvZ9+W0bGvQ4ymQ=
Subject key identifier: 04:DD:74:88:94:08:36:4A:AA:41:B0:97:13:66:6C:26:8E:4F:0E:0D
Certificate issuer: /CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c
Certificate serial: 01941F8C8E2A4C219DF09616B4F7B997023B
Authority key identifier: D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/BN10iJQINkqqQbCXE2ZsJo5PDg0.roa
Signing time: Wed 01 Jan 2025 01:48:12 +0000
ROA not before: Wed 01 Jan 2025 01:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208614
IP address blocks: 2001:678:aa0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8e:2a:4c:21:9d:f0:96:16:b4:f7:b9:97:02:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d68971ea1d22b5ecda1a9759f05c26c8c56a468c
Validity
Not Before: Jan 1 01:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04dd74889408364aaa41b09713666c268e4f0e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:08:64:5e:04:e6:c2:30:77:37:6f:71:8c:56:
c6:8d:4f:c4:fb:0b:10:cc:af:48:e7:39:f4:46:9b:
37:a7:8f:07:b4:42:e8:1d:43:00:4d:c7:f2:10:dc:
98:55:8e:bb:90:81:4a:fd:01:ce:13:a8:3a:c1:ca:
c6:8f:50:e1:19:ef:c9:e6:19:95:c4:e0:ad:e1:94:
fc:49:22:a4:8c:8e:ff:ca:e8:8b:07:30:3e:d5:77:
95:72:72:04:df:b1:f7:fa:6b:87:16:66:04:96:0d:
d3:4c:dc:df:81:8b:44:1e:e7:1e:a1:cf:fa:b0:dc:
2a:dc:77:95:d9:ff:75:6b:e0:45:73:75:67:8a:e8:
b5:49:07:71:a2:75:de:7e:29:bf:c6:34:9c:f1:33:
a7:7e:c2:fe:a6:59:a8:f8:f8:e6:e8:0b:6c:72:43:
82:3e:da:82:1f:c2:45:43:8e:fd:54:fa:f7:eb:23:
fa:06:fc:7e:de:cc:eb:67:1a:d3:bb:45:9b:cb:31:
b1:65:02:80:bc:d6:96:f8:6f:da:d1:6c:7f:d8:5e:
5b:70:29:a7:4b:f4:5a:c2:26:11:3c:8d:41:2c:f7:
d9:37:ba:3c:8e:c6:57:94:bb:2b:0b:53:ff:c0:e6:
eb:d8:5f:c1:92:36:14:24:44:5a:a8:13:6c:f8:02:
19:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DD:74:88:94:08:36:4A:AA:41:B0:97:13:66:6C:26:8E:4F:0E:0D
X509v3 Authority Key Identifier:
keyid:D6:89:71:EA:1D:22:B5:EC:DA:1A:97:59:F0:5C:26:C8:C5:6A:46:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1olx6h0itezaGpdZ8FwmyMVqRow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/BN10iJQINkqqQbCXE2ZsJo5PDg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/42c355-585a-48bb-9e4a-a47540fed4b9/1/1olx6h0itezaGpdZ8FwmyMVqRow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:aa0::/48
Signature Algorithm: sha256WithRSAEncryption
74:a8:e9:7e:1a:cd:68:1c:2a:65:26:f2:08:96:52:f5:b0:a1:
05:f6:03:12:3c:da:28:01:c5:19:86:b2:ba:59:e6:2b:de:1b:
14:d3:9b:fa:61:fe:03:eb:58:b7:5b:d2:66:ed:b8:c2:30:17:
6a:55:fa:06:e4:e9:13:e5:50:65:17:98:4e:2b:93:89:d9:e7:
c4:ac:83:ff:0d:7a:75:bb:18:23:1a:e4:ec:f8:c6:a3:da:41:
d1:cc:e0:c3:90:df:51:c1:00:cf:98:16:a3:9b:b3:e2:b4:06:
50:05:ca:ce:93:0a:5c:76:26:bd:f1:d4:5b:ba:1e:1a:a6:e2:
ff:16:a0:0a:8c:48:d4:2d:6c:01:d0:91:b0:42:00:9c:36:7f:
72:1e:a8:97:a0:9a:5c:6c:8d:42:ba:76:ff:47:37:dc:7e:07:
79:7d:81:19:c7:33:e1:ec:31:a3:6b:ab:ba:ad:ef:4a:47:54:
30:1c:14:c7:18:b1:1f:90:1b:fc:6b:f6:03:62:1b:ef:ad:07:
9c:53:77:c6:cd:52:6f:34:ff:a2:24:69:29:38:4f:67:25:e1:
1f:e0:d8:bb:98:25:04:a5:cf:e6:ba:10:e3:47:cb:1d:ef:14:
e4:b3:dd:7e:e2:67:ce:b1:a9:66:47:c1:70:f7:f2:c7:f5:4d:
13:25:de:21
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjI4qTCGd8JYWtPe5lwI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ODk3MWVhMWQyMmI1ZWNkYTFhOTc1OWYwNWMyNmM4YzU2
YTQ2OGMwHhcNMjUwMTAxMDE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGRkNzQ4ODk0MDgzNjRhYWE0MWIwOTcxMzY2NmMyNjhlNGYwZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnghkXgTmwjB3N29xjFbGjU/E+wsQ
zK9I5zn0Rps3p48HtELoHUMATcfyENyYVY67kIFK/QHOE6g6wcrGj1DhGe/J5hmV
xOCt4ZT8SSKkjI7/yuiLBzA+1XeVcnIE37H3+muHFmYElg3TTNzfgYtEHuceoc/6
sNwq3HeV2f91a+BFc3Vniui1SQdxonXefim/xjSc8TOnfsL+plmo+Pjm6AtsckOC
PtqCH8JFQ479VPr36yP6Bvx+3szrZxrTu0WbyzGxZQKAvNaW+G/a0Wx/2F5bcCmn
S/RawiYRPI1BLPfZN7o8jsZXlLsrC1P/wObr2F/BkjYUJERaqBNs+AIZiwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFATddIiUCDZKqkGwlxNmbCaOTw4NMB8GA1UdIwQY
MBaAFNaJceodIrXs2hqXWfBcJsjFakaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW9seDZoMGl0ZXphR3BkWjhGd215TVZxUm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80MmMzNTUtNTg1YS00OGJiLTllNGEt
YTQ3NTQwZmVkNGI5LzEvQk4xMGlKUUlOa3FxUWJDWEUyWnNKbzVQRGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80MmMzNTUtNTg1YS00OGJiLTllNGEtYTQ3NTQwZmVkNGI5
LzEvMW9seDZoMGl0ZXphR3BkWjhGd215TVZxUm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAqg
MA0GCSqGSIb3DQEBCwUAA4IBAQB0qOl+Gs1oHCplJvIIllL1sKEF9gMSPNooAcUZ
hrK6WeYr3hsU05v6Yf4D61i3W9Jm7bjCMBdqVfoG5OkT5VBlF5hOK5OJ2efErIP/
DXp1uxgjGuTs+Maj2kHRzODDkN9RwQDPmBajm7PitAZQBcrOkwpcdia98dRbuh4a
puL/FqAKjEjULWwB0JGwQgCcNn9yHqiXoJpcbI1Cunb/Rzfcfgd5fYEZxzPh7DGj
a6u6re9KR1QwHBTHGLEfkBv8a/YDYhvvrQecU3fGzVJvNP+iJGkpOE9nJeEf4Ni7
mCUEpc/muhDjR8sd7xTks91+4mfOsalmR8Fw9/LH9U0TJd4h
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:11 2025 by rpki-client