Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/bg698aAW9S0Emk8K5iqL8K0DBGM.roa
File: bg698aAW9S0Emk8K5iqL8K0DBGM.roa (raw, json)
Hash identifier: 6Oo3GKeeknwzo+GIta2Bl8GiqDpvQBsmfU5x34Je02o=
Subject key identifier: 6E:0E:BD:F1:A0:16:F5:2D:04:9A:4F:0A:E6:2A:8B:F0:AD:03:04:63
Certificate issuer: /CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Certificate serial: 0186BCC87AF1566D45CEAD9CCDDC6CE7358F
Authority key identifier: 5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/bg698aAW9S0Emk8K5iqL8K0DBGM.roa
Signing time: Tue 07 Mar 2023 15:55:00 +0000
ROA not before: Tue 07 Mar 2023 15:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60802
IP address blocks: 2001:67c:bcc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:c8:7a:f1:56:6d:45:ce:ad:9c:cd:dc:6c:e7:35:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0fd90d987297cb5dd4e07be840d280d1e2cc4a
Validity
Not Before: Mar 7 15:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e0ebdf1a016f52d049a4f0ae62a8bf0ad030463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6f:5f:a2:22:bf:b0:81:25:23:30:3b:26:c0:
c1:67:7c:07:ad:52:e9:e2:22:63:7d:fa:5b:55:de:
cc:0d:3d:dd:b2:72:71:01:7e:26:f1:73:ab:7f:f0:
78:06:54:50:10:ef:85:38:85:f1:cb:14:b2:de:45:
98:21:57:6d:4c:fc:5b:ea:c5:3c:b3:29:81:87:ba:
53:06:e4:99:f5:dc:cf:4c:3c:9a:9f:2c:b5:74:d4:
5d:0f:95:e6:65:82:c5:47:dd:be:0e:d3:bc:cd:08:
7e:04:48:62:4d:6a:b8:fc:95:f3:a7:9b:02:a4:47:
14:33:b7:f9:63:3a:5a:db:cc:6b:0b:8b:0d:ad:49:
f4:56:91:61:2a:29:c7:97:ea:44:2d:4c:c3:ff:1a:
8b:cb:f2:93:8f:4c:84:98:cd:84:2d:1e:92:9e:88:
22:20:dc:67:51:eb:08:34:1a:59:8b:bb:72:a4:89:
6b:5a:1f:d4:7f:01:ab:42:6a:a2:4e:b3:88:70:b3:
71:d5:9b:35:3f:ba:60:84:57:69:f0:49:9a:42:2e:
d8:4e:b6:82:22:6c:18:9c:ee:0a:91:68:f5:b9:45:
38:93:b7:83:9d:3e:e9:ca:fb:f2:cb:08:a5:86:e7:
7c:79:e6:5d:a0:67:f4:03:c9:dd:e6:a2:99:03:ce:
26:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:0E:BD:F1:A0:16:F5:2D:04:9A:4F:0A:E6:2A:8B:F0:AD:03:04:63
X509v3 Authority Key Identifier:
keyid:5F:0F:D9:0D:98:72:97:CB:5D:D4:E0:7B:E8:40:D2:80:D1:E2:CC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xw_ZDZhyl8td1OB76EDSgNHizEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/bg698aAW9S0Emk8K5iqL8K0DBGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f66ca9-3bdc-4294-ad62-7bcefa9f59e8/1/Xw_ZDZhyl8td1OB76EDSgNHizEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:bcc::/48
Signature Algorithm: sha256WithRSAEncryption
1a:b3:cb:13:e7:19:b2:7d:bb:a1:24:e1:67:bc:19:5a:a4:ca:
f3:0e:06:56:e9:ed:78:64:09:0c:2f:6c:58:fb:7c:6f:f7:5d:
62:97:d6:f8:fb:52:63:75:6b:46:c3:c6:d6:35:dd:5e:73:c6:
00:8b:51:1f:a7:e6:29:f6:fe:6e:0b:62:7a:03:8d:28:93:06:
be:f3:6e:bd:3a:35:64:f8:0a:ed:47:1e:64:ce:cd:aa:36:59:
04:6b:85:ae:ff:f6:7f:0d:ad:19:15:5d:c5:4d:da:c9:83:b0:
e2:5c:dc:cb:56:83:bf:51:26:43:12:a7:6b:91:cd:f1:b9:ca:
b6:63:d0:01:ec:1d:48:45:29:e4:86:6f:c9:c6:61:6c:b4:29:
5e:e9:60:cf:e6:53:e9:60:7c:6c:16:e0:d6:ef:8e:38:7d:d8:
5c:bb:73:b2:80:39:7b:1d:46:73:33:d1:dc:df:e1:20:75:8a:
11:19:ce:44:42:8c:c2:6e:7c:53:a5:7c:72:c3:f1:ac:ca:4c:
06:c3:20:81:22:de:e5:8d:dc:45:a0:31:fe:ea:cc:7a:da:43:
80:db:a4:0a:e7:d5:d5:a3:bd:4b:81:c9:f5:05:25:b4:de:1a:
44:91:f9:52:de:66:c9:e2:ce:97:ff:ba:b3:86:01:74:2e:dd:
ca:25:8f:bf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYa8yHrxVm1Fzq2czdxs5zWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMGZkOTBkOTg3Mjk3Y2I1ZGQ0ZTA3YmU4NDBkMjgwZDFl
MmNjNGEwHhcNMjMwMzA3MTU1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTBlYmRmMWEwMTZmNTJkMDQ5YTRmMGFlNjJhOGJmMGFkMDMwNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG9foiK/sIElIzA7JsDBZ3wHrVLp
4iJjffpbVd7MDT3dsnJxAX4m8XOrf/B4BlRQEO+FOIXxyxSy3kWYIVdtTPxb6sU8
symBh7pTBuSZ9dzPTDyanyy1dNRdD5XmZYLFR92+DtO8zQh+BEhiTWq4/JXzp5sC
pEcUM7f5Yzpa28xrC4sNrUn0VpFhKinHl+pELUzD/xqLy/KTj0yEmM2ELR6Snogi
INxnUesINBpZi7typIlrWh/UfwGrQmqiTrOIcLNx1Zs1P7pghFdp8EmaQi7YTraC
ImwYnO4KkWj1uUU4k7eDnT7pyvvyywilhud8eeZdoGf0A8nd5qKZA84m9QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFG4OvfGgFvUtBJpPCuYqi/CtAwRjMB8GA1UdIwQY
MBaAFF8P2Q2YcpfLXdTge+hA0oDR4sxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjIt
N2JjZWZhOWY1OWU4LzEvYmc2OThhQVc5UzBFbWs4SzVpcUw4SzBEQkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mNjZjYTktM2JkYy00Mjk0LWFkNjItN2JjZWZhOWY1OWU4
LzEvWHdfWkRaaHlsOHRkMU9CNzZFRFNnTkhpekVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAvM
MA0GCSqGSIb3DQEBCwUAA4IBAQAas8sT5xmyfbuhJOFnvBlapMrzDgZW6e14ZAkM
L2xY+3xv911il9b4+1JjdWtGw8bWNd1ec8YAi1Efp+Yp9v5uC2J6A40okwa+8269
OjVk+ArtRx5kzs2qNlkEa4Wu//Z/Da0ZFV3FTdrJg7DiXNzLVoO/USZDEqdrkc3x
ucq2Y9AB7B1IRSnkhm/JxmFstCle6WDP5lPpYHxsFuDW7444fdhcu3OygDl7HUZz
M9Hc3+EgdYoRGc5EQozCbnxTpXxyw/GsykwGwyCBIt7ljdxFoDH+6sx62kOA26QK
59XVo71Lgcn1BSW03hpEkflS3mbJ4s6X/7qzhgF0Lt3KJY+/
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:14:13 2025 by rpki-client