Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BBqi_z8OP_63q_BvaQKxHPC2pHE.roa
File: BBqi_z8OP_63q_BvaQKxHPC2pHE.roa (raw, json)
Hash identifier: L1oE2iwRtVNb4ndz1g4qOYRtABTcvZYtKiSkrgdVcj8=
Subject key identifier: 04:1A:A2:FF:3F:0E:3F:FE:B7:AB:F0:6F:69:02:B1:1C:F0:B6:A4:71
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191FF716C9C6053D2A3DB5207A4C84A146B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BBqi_z8OP_63q_BvaQKxHPC2pHE.roa
Signing time: Tue 17 Sep 2024 10:05:09 +0000
ROA not before: Tue 17 Sep 2024 10:05:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:191:ff70:927f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:71:6c:9c:60:53:d2:a3:db:52:07:a4:c8:4a:14:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 17 10:05:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=041aa2ff3f0e3ffeb7abf06f6902b11cf0b6a471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d0:8b:34:02:bf:62:c8:09:44:4e:c4:38:fd:
ce:bc:95:c9:87:34:05:3a:ea:cc:9a:0f:8f:3b:03:
d2:78:1b:d5:0e:fd:ce:b1:6b:52:ac:61:f9:91:39:
97:53:5a:35:62:83:fb:51:54:84:71:cd:cf:ba:bc:
ff:ec:54:5e:a6:79:2c:7f:9a:45:49:fa:d8:10:2e:
61:de:13:91:13:22:0d:c2:8e:c7:68:eb:5e:4f:84:
f3:fd:79:c9:f5:ce:1d:2f:a7:4a:c8:6c:c1:5d:e8:
98:56:37:2f:58:b0:eb:7b:ec:3a:ec:9f:78:c8:ea:
0c:1a:e0:c0:ea:29:9e:8d:62:52:b3:4f:aa:fb:22:
1b:f1:ac:71:a9:bf:5e:1a:aa:c9:c4:5e:0d:90:62:
21:62:1b:42:c3:33:82:25:99:60:dd:1f:1a:e0:93:
a7:70:06:88:f0:d9:f6:ef:b2:8c:19:27:d4:bb:28:
44:10:9a:b3:0f:b5:95:39:a7:c2:cb:7c:7f:55:29:
87:68:37:43:f3:15:a5:67:6f:50:4b:89:5e:ba:4e:
a5:f1:07:85:17:af:f0:52:a8:4a:8a:62:af:1d:7d:
c7:cb:3c:23:63:85:ec:3c:0d:bc:a9:f9:59:a3:df:
ae:b7:d3:d0:58:34:92:73:da:7c:28:25:40:b7:a8:
d1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1A:A2:FF:3F:0E:3F:FE:B7:AB:F0:6F:69:02:B1:1C:F0:B6:A4:71
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BBqi_z8OP_63q_BvaQKxHPC2pHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:191:ff70:927f/128
Signature Algorithm: sha256WithRSAEncryption
66:f8:c0:cb:f6:d4:f8:3f:4c:ff:14:e0:02:08:52:58:5f:a1:
89:b3:c4:0a:62:92:40:1a:22:e3:39:93:de:76:9e:ef:90:bc:
ee:c7:29:55:e0:9c:4c:ad:f2:91:94:81:1a:91:76:e2:e2:25:
57:ed:16:1c:05:5b:d0:5a:1f:a5:8f:43:55:98:4f:39:ca:73:
35:77:77:0c:4a:dc:7f:d7:1a:31:b2:c9:69:a9:dc:c0:84:2e:
61:ce:fc:0e:4f:a2:e3:77:c8:bc:2a:0f:e1:2a:cc:e1:be:51:
2f:92:83:8f:b7:bd:4a:cf:85:5c:2c:67:bf:7b:48:d9:a9:8b:
3f:68:ac:4b:39:21:f8:5d:2b:d7:22:ef:87:3c:c3:0b:6e:41:
8a:ff:3a:68:14:d3:eb:81:9c:5c:30:33:71:eb:5f:a3:e9:e8:
76:f9:2f:3a:1b:7c:ed:ec:bb:08:12:1b:c9:c7:54:f1:0d:e6:
19:5e:de:3f:d6:3b:bb:af:d3:d4:b2:48:eb:a4:13:b8:e6:49:
48:4e:2d:1a:ed:36:1e:59:d9:76:65:3c:d8:d1:ff:5b:cb:85:
a0:14:af:3e:32:23:29:6a:e8:02:f9:7e:67:bd:32:82:22:d3:
6f:69:0a:aa:13:8f:c8:7f:ea:74:0a:19:05:8c:5a:4e:cc:92:
79:89:de:33
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZH/cWycYFPSo9tSB6TIShRrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTE3MTAwNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDFhYTJmZjNmMGUzZmZlYjdhYmYwNmY2OTAyYjExY2YwYjZhNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtCLNAK/YsgJRE7EOP3OvJXJhzQF
OurMmg+POwPSeBvVDv3OsWtSrGH5kTmXU1o1YoP7UVSEcc3Purz/7FRepnksf5pF
SfrYEC5h3hOREyINwo7HaOteT4Tz/XnJ9c4dL6dKyGzBXeiYVjcvWLDre+w67J94
yOoMGuDA6imejWJSs0+q+yIb8axxqb9eGqrJxF4NkGIhYhtCwzOCJZlg3R8a4JOn
cAaI8Nn277KMGSfUuyhEEJqzD7WVOafCy3x/VSmHaDdD8xWlZ29QS4leuk6l8QeF
F6/wUqhKimKvHX3HyzwjY4XsPA28qflZo9+ut9PQWDSSc9p8KCVAt6jRwQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAQaov8/Dj/+t6vwb2kCsRzwtqRxMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQkJxaV96OE9QXzYzcV9CdmFRS3hIUEMycEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGR/3CSfzANBgkqhkiG9w0BAQsFAAOCAQEAZvjAy/bU+D9M/xTgAghSWF+h
ibPECmKSQBoi4zmT3nae75C87scpVeCcTK3ykZSBGpF24uIlV+0WHAVb0FofpY9D
VZhPOcpzNXd3DErcf9caMbLJaancwIQuYc78Dk+i43fIvCoP4SrM4b5RL5KDj7e9
Ss+FXCxnv3tI2amLP2isSzkh+F0r1yLvhzzDC25Biv86aBTT64GcXDAzcetfo+no
dvkvOht87ey7CBIbycdU8Q3mGV7eP9Y7u6/T1LJI66QTuOZJSE4tGu02HlnZdmU8
2NH/W8uFoBSvPjIjKWroAvl+Z70ygiLTb2kKqhOPyH/qdAoZBYxaTsySeYneMw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:05:55 2025 by rpki-client