Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/bdcxqv2fHVLYnp5Bka7GBXQLvOE.roa
File: bdcxqv2fHVLYnp5Bka7GBXQLvOE.roa (raw, json)
Hash identifier: d61CPX3+EuUtfH8nKnbiiLLh7Qq9ZtJo9uLm+9OcME4=
Subject key identifier: 6D:D7:31:AA:FD:9F:1D:52:D8:9E:9E:41:91:AE:C6:05:74:0B:BC:E1
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067E689600741626B612F197349B6C9
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/bdcxqv2fHVLYnp5Bka7GBXQLvOE.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138211
IP address blocks: 2a12:3fc2:8000::/36 maxlen: 48
2a12:3fc2:e600::/40 maxlen: 48
2a12:3fc2:e800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e6:89:60:07:41:62:6b:61:2f:19:73:49:b6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dd731aafd9f1d52d89e9e4191aec605740bbce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:7e:e6:93:4b:63:aa:04:2e:ca:25:fb:a4:0e:
a2:24:e8:bd:60:49:f0:2c:cb:29:9f:a4:95:ec:16:
cb:f5:0d:ff:a3:7e:53:d0:d9:b0:8f:89:db:97:6c:
21:90:a5:07:42:32:52:8c:a0:24:cf:a6:f7:3f:f0:
aa:75:91:b6:9d:79:a0:52:be:9d:2a:43:d9:5a:37:
bd:8b:8c:ff:75:46:4d:43:8f:45:02:b3:19:65:aa:
fa:f8:fb:12:93:6d:dd:bb:b6:84:26:b6:6d:2d:96:
2c:ea:ef:30:9e:b5:94:9d:f9:54:39:42:7e:e9:28:
45:85:a0:b8:7d:f1:6d:36:b2:e0:7d:4f:11:e1:a9:
11:85:a0:8b:1f:ba:ef:44:75:b3:76:f2:c7:5d:c7:
c8:42:37:67:aa:c8:b3:a5:5a:f0:3b:37:27:a1:05:
e7:ff:f3:00:0b:97:c5:31:44:f6:e2:51:f8:fe:b8:
22:3a:29:b4:68:bc:e7:cd:eb:69:8b:e6:eb:3f:5f:
64:f3:51:b2:36:20:5f:5a:70:62:00:59:d9:df:74:
e0:fe:e5:d0:8e:79:1a:44:90:55:ff:62:8f:2f:68:
50:e9:75:e0:48:c0:c0:97:8e:9c:04:dc:65:f7:01:
51:0d:14:7b:ed:de:5c:13:cd:c9:bf:74:5a:dd:49:
ef:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D7:31:AA:FD:9F:1D:52:D8:9E:9E:41:91:AE:C6:05:74:0B:BC:E1
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/bdcxqv2fHVLYnp5Bka7GBXQLvOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:8000::/36
2a12:3fc2:e600::/40
2a12:3fc2:e800::/40
Signature Algorithm: sha256WithRSAEncryption
33:10:4e:59:45:52:f6:b6:45:fb:ec:61:83:0d:9a:5b:d9:23:
ac:31:32:7b:c1:32:00:54:5b:af:de:18:44:88:42:b3:d5:86:
f2:af:1f:8c:b9:b4:57:30:64:f3:26:22:95:37:48:40:14:bf:
91:c2:28:9e:99:41:75:19:32:31:05:4a:c5:02:76:ad:db:d8:
a1:e5:0f:87:ad:13:da:c8:c0:f5:6d:3e:b5:2a:34:38:5b:14:
5c:0d:46:be:72:e9:0c:58:2b:81:08:ff:0a:dd:da:d8:ab:17:
26:3a:59:76:ae:9a:f0:33:b8:2e:39:04:4f:64:c8:d2:59:b6:
ef:05:b0:06:2f:a3:a4:d8:26:53:d2:c3:ad:f7:aa:fc:49:9c:
68:97:57:11:52:0a:ac:25:8b:62:72:ce:73:30:5a:9e:df:0c:
ae:60:c2:c2:6c:e5:d5:2a:34:b3:8c:f7:92:f6:c5:0d:8e:d0:
d0:92:a5:99:bf:7c:ad:ba:ff:8d:e1:c6:42:f5:98:fb:98:87:
ed:27:d4:41:c8:c6:be:de:e2:02:95:42:c9:c9:94:6d:f5:96:
e4:2e:c7:8a:b9:50:f7:99:49:5f:e2:be:0b:b4:06:dc:97:01:
98:b2:52:81:78:ca:1c:d0:1b:3c:5e:f4:84:e0:b9:7f:2b:05:
b1:b4:a1:47
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgZ+aJYAdBYmthLxlzSbbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ3MzFhYWZkOWYxZDUyZDg5ZTllNDE5MWFlYzYwNTc0MGJiY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4X7mk0tjqgQuyiX7pA6iJOi9YEnw
LMspn6SV7BbL9Q3/o35T0Nmwj4nbl2whkKUHQjJSjKAkz6b3P/CqdZG2nXmgUr6d
KkPZWje9i4z/dUZNQ49FArMZZar6+PsSk23du7aEJrZtLZYs6u8wnrWUnflUOUJ+
6ShFhaC4ffFtNrLgfU8R4akRhaCLH7rvRHWzdvLHXcfIQjdnqsizpVrwOzcnoQXn
//MAC5fFMUT24lH4/rgiOim0aLznzetpi+brP19k81GyNiBfWnBiAFnZ33Tg/uXQ
jnkaRJBV/2KPL2hQ6XXgSMDAl46cBNxl9wFRDRR77d5cE83Jv3Ra3Unv0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG3XMar9nx1S2J6eQZGuxgV0C7zhMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvYmRjeHF2MmZIVkxZbnA1QmthN0dCWFFMdk9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYEKhI/woAD
BgAqEj/C5gMGACoSP8LoMA0GCSqGSIb3DQEBCwUAA4IBAQAzEE5ZRVL2tkX77GGD
DZpb2SOsMTJ7wTIAVFuv3hhEiEKz1Ybyrx+MubRXMGTzJiKVN0hAFL+RwiiemUF1
GTIxBUrFAnat29ih5Q+HrRPayMD1bT61KjQ4WxRcDUa+cukMWCuBCP8K3drYqxcm
Oll2rprwM7guOQRPZMjSWbbvBbAGL6Ok2CZT0sOt96r8SZxol1cRUgqsJYtics5z
MFqe3wyuYMLCbOXVKjSzjPeS9sUNjtDQkqWZv3ytuv+N4cZC9Zj7mIftJ9RByMa+
3uIClULJyZRt9ZbkLseKuVD3mUlf4r4LtAbclwGYslKBeMoc0Bs8XvSE4Ll/KwWx
tKFH
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:55 2025 by rpki-client