Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/bL6MKH62F5NiojNDkRLOm7t1V50.roa
File: bL6MKH62F5NiojNDkRLOm7t1V50.roa (raw, json)
Hash identifier: VYSTyygBbvuJ4ferc/WHT6RrnYr38adoWbgUflVODE4=
Subject key identifier: 6C:BE:8C:28:7E:B6:17:93:62:A2:33:43:91:12:CE:9B:BB:75:57:9D
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 0194244546DA21054E6BC3EF5591EACC40E5
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/bL6MKH62F5NiojNDkRLOm7t1V50.roa
Signing time: Wed 01 Jan 2025 23:48:27 +0000
ROA not before: Wed 01 Jan 2025 23:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212232
IP address blocks: 2a0b:6b86:d00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:46:da:21:05:4e:6b:c3:ef:55:91:ea:cc:40:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 23:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cbe8c287eb6179362a233439112ce9bbb75579d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7e:7b:03:87:77:8f:9a:82:07:f2:48:c0:e8:
27:0b:8d:47:e1:31:46:10:0b:58:44:47:cb:43:aa:
e1:77:99:c4:9a:92:ea:68:ed:22:93:c1:ff:49:c6:
f0:5e:8c:e9:e3:69:da:6a:d2:fc:09:1a:b2:2d:5f:
58:17:b2:c9:f0:1f:5a:64:e2:2d:c3:3d:d0:d5:ac:
2c:44:6a:57:b5:9f:c5:6b:d0:7a:69:6b:49:76:e9:
90:16:4a:eb:05:a0:a1:7d:97:7d:f7:04:a7:f3:9b:
2a:45:6b:3b:96:ea:34:e4:f6:9a:fc:36:7f:2b:4a:
fa:99:f3:14:d0:b2:86:29:fa:13:b8:ee:05:82:f0:
8d:fb:3f:43:cf:36:64:18:10:1f:26:42:04:4b:7d:
1b:80:c9:19:e0:8d:0c:cb:15:9d:c0:12:a4:34:a1:
ee:48:94:8a:86:34:10:2b:e0:7c:5a:b1:ab:f7:b3:
32:66:5f:64:a5:c1:f9:2c:0f:8c:98:fa:aa:c0:ec:
43:0c:37:8b:ff:60:c7:ca:d2:8b:18:a1:bd:05:fa:
6b:c3:1e:ab:15:8e:fa:e1:5c:74:b0:46:d0:39:d3:
72:f6:85:3d:47:76:27:c6:fc:6a:70:d1:05:95:d4:
41:d7:a0:b5:15:b3:6c:ce:93:4e:8d:4d:3c:50:7f:
3a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BE:8C:28:7E:B6:17:93:62:A2:33:43:91:12:CE:9B:BB:75:57:9D
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/bL6MKH62F5NiojNDkRLOm7t1V50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6b86:d00::/40
Signature Algorithm: sha256WithRSAEncryption
12:34:d5:16:65:93:3c:46:f1:89:c6:ce:59:16:7b:72:9a:f0:
86:d2:05:38:38:ce:65:e9:7e:e6:37:84:6c:99:7e:1e:6c:3f:
62:4d:b8:3f:54:69:6d:62:52:0c:e8:bf:a9:24:ce:61:9c:a7:
a5:ad:9d:04:f4:4b:a5:bd:ed:4f:b1:31:e1:5e:23:a7:3a:64:
19:e4:47:a3:c5:cd:34:52:16:65:82:8f:cc:b8:eb:76:5a:31:
81:f5:ff:ec:88:e4:91:9e:06:2d:8d:b4:c7:ec:44:9f:e6:a3:
32:06:db:7c:2f:28:46:11:d9:d5:04:aa:25:32:54:6b:3e:6b:
81:01:7c:70:16:a8:fc:74:17:98:3a:33:21:41:2e:2e:74:bb:
6b:85:bb:f6:5e:9f:9a:ee:13:80:ed:03:03:3b:bb:8e:65:88:
54:9d:ad:fa:42:50:9b:1c:60:fd:e5:24:00:f0:58:79:1e:fc:
f2:ce:4a:6c:22:05:c4:c9:0e:88:bf:b1:cf:02:98:37:aa:08:
b3:57:be:83:64:db:79:3f:00:ef:ae:7e:2e:f4:36:0a:6f:d9:
bd:ce:49:f1:4e:ef:9a:3d:2c:e4:86:a7:ac:70:44:82:a9:31:
dd:48:dd:6e:c6:7c:4f:5f:c9:12:27:42:cc:1a:17:3a:d9:5b:
74:bb:ba:45
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQkRUbaIQVOa8PvVZHqzEDlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwMTAxMjM0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JlOGMyODdlYjYxNzkzNjJhMjMzNDM5MTEyY2U5YmJiNzU1NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1n57A4d3j5qCB/JIwOgnC41H4TFG
EAtYREfLQ6rhd5nEmpLqaO0ik8H/ScbwXozp42naatL8CRqyLV9YF7LJ8B9aZOIt
wz3Q1awsRGpXtZ/Fa9B6aWtJdumQFkrrBaChfZd99wSn85sqRWs7luo05Paa/DZ/
K0r6mfMU0LKGKfoTuO4FgvCN+z9DzzZkGBAfJkIES30bgMkZ4I0MyxWdwBKkNKHu
SJSKhjQQK+B8WrGr97MyZl9kpcH5LA+MmPqqwOxDDDeL/2DHytKLGKG9Bfprwx6r
FY764Vx0sEbQOdNy9oU9R3YnxvxqcNEFldRB16C1FbNszpNOjU08UH86oQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGy+jCh+theTYqIzQ5ESzpu7dVedMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvYkw2TUtINjJGNU5pb2pORGtSTE9tN3QxVjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtrhg0w
DQYJKoZIhvcNAQELBQADggEBABI01RZlkzxG8YnGzlkWe3Ka8IbSBTg4zmXpfuY3
hGyZfh5sP2JNuD9UaW1iUgzov6kkzmGcp6WtnQT0S6W97U+xMeFeI6c6ZBnkR6PF
zTRSFmWCj8y463ZaMYH1/+yI5JGeBi2NtMfsRJ/mozIG23wvKEYR2dUEqiUyVGs+
a4EBfHAWqPx0F5g6MyFBLi50u2uFu/Zen5ruE4DtAwM7u45liFSdrfpCUJscYP3l
JADwWHke/PLOSmwiBcTJDoi/sc8CmDeqCLNXvoNk23k/AO+ufi70Ngpv2b3OSfFO
75o9LOSGp6xwRIKpMd1I3W7GfE9fyRInQswaFzrZW3S7ukU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:56:17 2025 by rpki-client