Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/BFqb7npLGHOlCDDgeo_Q540Rf4g.roa
File: BFqb7npLGHOlCDDgeo_Q540Rf4g.roa (raw, json)
Hash identifier: cVR3qt5QMQmnrbnC75Da/akiwN1ijsHi2wNlUZoa+Is=
Subject key identifier: 04:5A:9B:EE:7A:4B:18:73:A5:08:30:E0:7A:8F:D0:E7:8D:11:7F:88
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067EE38B7956C98BB41E7C5E4615E3B
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/BFqb7npLGHOlCDDgeo_Q540Rf4g.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203899
IP address blocks: 2a12:3fc2:e400::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ee:38:b7:95:6c:98:bb:41:e7:c5:e4:61:5e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=045a9bee7a4b1873a50830e07a8fd0e78d117f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:0a:78:54:29:e6:81:e0:3f:4b:e4:8f:fa:e6:
94:ac:7f:c1:90:bc:02:e6:fb:15:21:7f:ae:f1:d0:
8d:73:46:f7:37:b1:07:66:f7:10:a3:6b:5b:5a:85:
ac:40:43:90:0d:6a:70:af:c2:d6:77:03:3a:c3:75:
7e:fd:1c:8d:f1:c4:08:09:68:c6:e9:01:a0:f2:1e:
84:dd:75:0c:84:36:5b:2b:b1:f9:cf:be:48:a9:88:
81:49:1f:71:0a:31:9d:31:3e:ef:ec:5b:1f:7b:ed:
42:92:3f:02:24:e7:f4:cd:bc:35:4c:be:92:a8:54:
5e:50:ed:4e:7b:7a:11:4b:ec:c3:7c:fa:b9:39:f3:
79:45:33:9c:ba:54:d9:a6:c3:d7:32:90:ec:cd:79:
38:14:d0:1c:21:61:0f:f4:76:35:95:30:e1:de:f8:
f4:6c:1f:95:31:1f:a7:f0:09:35:ea:9c:1d:51:31:
2c:8a:1f:93:14:e8:30:7b:0a:5d:d9:58:a9:8c:f4:
75:e3:0e:85:9a:f2:bc:6c:93:88:1b:9d:02:2f:3a:
fa:0b:71:6e:6f:6e:37:de:0c:c4:1b:0f:99:8c:49:
00:ea:29:17:bf:07:ed:ff:3a:1b:81:38:f5:a4:f7:
c7:0d:f1:db:0d:c7:5f:90:8d:3b:5e:1d:cf:3b:9c:
cc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5A:9B:EE:7A:4B:18:73:A5:08:30:E0:7A:8F:D0:E7:8D:11:7F:88
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/BFqb7npLGHOlCDDgeo_Q540Rf4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:e400::/40
Signature Algorithm: sha256WithRSAEncryption
3f:a5:9b:fb:64:af:e4:b7:0d:2d:31:17:57:99:1f:77:1f:11:
e7:50:89:3a:78:11:b6:e0:fd:f6:fa:93:f2:fc:7c:5a:b0:2d:
0b:99:89:01:f1:4f:60:79:98:b1:8d:31:87:9c:7b:76:fb:18:
f1:b1:ab:2a:16:ef:60:1b:32:bd:09:49:75:a3:6a:a8:c6:e2:
44:14:fb:48:c8:c4:72:09:0f:e2:96:a2:fc:73:94:af:f3:a4:
54:62:a4:01:29:28:5b:4e:ad:b7:3c:b7:2d:d6:45:c1:20:ba:
29:7d:bb:f8:8e:ae:18:0c:bf:ad:a5:b5:98:0c:93:41:b4:40:
0e:95:a7:80:42:ea:b1:20:6b:c8:ff:4e:39:40:bb:c8:fd:c9:
68:04:21:85:06:09:da:7b:5a:b5:19:b8:4b:77:cb:b9:60:08:
54:51:83:64:09:a4:ef:3c:7b:be:1f:bc:f2:b7:53:e8:e8:24:
c9:bb:f7:43:52:92:6a:5f:9a:c8:ca:b6:b3:e3:46:50:8f:b8:
bb:cc:8f:b5:0c:fa:ea:1c:d5:5d:5e:1f:a8:54:02:04:c0:9d:
72:6b:d4:6d:e2:8d:ef:46:68:2a:60:f0:6e:99:cc:8f:9c:2c:
a4:41:bd:33:81:ab:06:d1:af:43:37:22:a7:0b:a4:a1:71:c1:
be:46:48:c7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQgZ+44t5VsmLtB58XkYV47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVhOWJlZTdhNGIxODczYTUwODMwZTA3YThmZDBlNzhkMTE3Zjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Qp4VCnmgeA/S+SP+uaUrH/BkLwC
5vsVIX+u8dCNc0b3N7EHZvcQo2tbWoWsQEOQDWpwr8LWdwM6w3V+/RyN8cQICWjG
6QGg8h6E3XUMhDZbK7H5z75IqYiBSR9xCjGdMT7v7Fsfe+1Ckj8CJOf0zbw1TL6S
qFReUO1Oe3oRS+zDfPq5OfN5RTOculTZpsPXMpDszXk4FNAcIWEP9HY1lTDh3vj0
bB+VMR+n8Ak16pwdUTEsih+TFOgwewpd2VipjPR14w6FmvK8bJOIG50CLzr6C3Fu
b2433gzEGw+ZjEkA6ikXvwft/zobgTj1pPfHDfHbDcdfkI07Xh3PO5zMQwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFARam+56SxhzpQgw4HqP0OeNEX+IMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvQkZxYjducExHSE9sQ0REZ2VvX1E1NDBSZjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhI/wuQw
DQYJKoZIhvcNAQELBQADggEBAD+lm/tkr+S3DS0xF1eZH3cfEedQiTp4Ebbg/fb6
k/L8fFqwLQuZiQHxT2B5mLGNMYece3b7GPGxqyoW72AbMr0JSXWjaqjG4kQU+0jI
xHIJD+KWovxzlK/zpFRipAEpKFtOrbc8ty3WRcEguil9u/iOrhgMv62ltZgMk0G0
QA6Vp4BC6rEga8j/TjlAu8j9yWgEIYUGCdp7WrUZuEt3y7lgCFRRg2QJpO88e74f
vPK3U+joJMm790NSkmpfmsjKtrPjRlCPuLvMj7UM+uoc1V1eH6hUAgTAnXJr1G3i
je9GaCpg8G6ZzI+cLKRBvTOBqwbRr0M3IqcLpKFxwb5GSMc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:12 2025 by rpki-client