Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/Bwwlf3NOQArV0A5NrUdq8crzx00.roa
File: Bwwlf3NOQArV0A5NrUdq8crzx00.roa (raw, json)
Hash identifier: sqHrzc+kmPD/DjzRgU/PBN+h/Z99KuDoH6L2LiKj4bQ=
Subject key identifier: 07:0C:25:7F:73:4E:40:0A:D5:D0:0E:4D:AD:47:6A:F1:CA:F3:C7:4D
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018CC64B5D5F87E18F652A5975CB3E1AD257
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/Bwwlf3NOQArV0A5NrUdq8crzx00.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205227
IP address blocks: 2a10:3980::/29 maxlen: 29
2a03:b2c0::/29 maxlen: 29
2a0d:df40::/29 maxlen: 29
2a0e:be00::/29 maxlen: 29
2a09:7240::/29 maxlen: 29
2a09:9c0::/29 maxlen: 29
2a09:a780::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5d:5f:87:e1:8f:65:2a:59:75:cb:3e:1a:d2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=070c257f734e400ad5d00e4dad476af1caf3c74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c4:b2:3a:75:25:61:89:3a:77:1b:7a:39:27:
81:09:40:90:2a:a8:0c:68:bb:e0:1e:2f:8f:b6:1d:
33:f4:b7:4f:ac:78:e7:ce:1b:9c:6d:1b:4f:db:4d:
f7:10:3a:e9:cb:35:e5:8f:12:d9:4c:33:4f:c2:6a:
7b:49:60:94:07:3f:e4:0e:9a:e0:b7:bf:e0:00:14:
09:ff:52:f4:e9:a1:56:67:2b:28:ce:cd:6b:6e:7b:
13:31:56:76:be:a1:00:b6:f2:fb:ac:fc:3b:a2:54:
f1:de:52:aa:3f:55:2a:c0:c7:d2:2d:aa:16:09:95:
83:48:46:bf:d6:3d:9e:32:25:4b:2b:28:24:25:a5:
7e:48:b7:e6:4b:04:db:62:81:fa:49:7a:8f:1b:e8:
96:50:04:61:b3:3b:1d:b4:cf:7e:32:3d:6b:5b:60:
dd:37:e9:c7:10:96:53:0e:c9:51:59:4f:55:91:d6:
03:33:a0:9a:f4:15:52:3e:44:c9:ae:41:4a:00:c7:
b2:4b:7c:a8:4c:06:d7:19:a3:53:d0:74:e4:1d:d0:
0d:92:88:13:dc:05:d4:f9:bc:0f:28:06:df:67:b4:
b0:af:44:41:74:b5:7c:27:ee:7c:44:e0:fb:50:8d:
23:5a:94:32:93:aa:f0:a0:9f:ed:62:35:2d:72:09:
76:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0C:25:7F:73:4E:40:0A:D5:D0:0E:4D:AD:47:6A:F1:CA:F3:C7:4D
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/Bwwlf3NOQArV0A5NrUdq8crzx00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b2c0::/29
2a09:9c0::/29
2a09:7240::/29
2a09:a780::/29
2a0d:df40::/29
2a0e:be00::/29
2a10:3980::/29
Signature Algorithm: sha256WithRSAEncryption
75:5d:ed:72:13:af:76:c4:54:22:5a:20:57:cd:b8:03:1a:9d:
50:57:a7:b4:c8:1d:0a:fa:38:e6:ac:1d:3c:0a:e2:66:c7:c0:
07:72:93:d9:5a:ff:68:82:b3:2e:40:32:e7:8d:e3:cd:9b:53:
da:8d:c5:c0:bf:4d:36:9f:d1:50:44:b8:14:01:39:2e:8e:f5:
31:12:e4:9d:63:3c:14:2f:56:49:24:d2:64:e5:6f:83:7a:7d:
b5:2b:0a:9b:09:21:8d:dd:9f:8d:45:c6:bb:0a:22:b2:ac:f2:
69:09:4f:8e:3f:11:55:a3:f1:10:0f:e2:d6:ad:46:7d:5c:12:
6b:65:55:fd:82:03:7d:fd:5d:a1:3e:53:a8:0a:15:f3:fd:f7:
79:72:15:3f:c9:5f:b6:bd:ac:a1:34:46:80:08:9f:5a:db:41:
1a:e0:db:6e:b0:01:29:69:26:24:d3:c9:3d:79:68:d8:18:27:
cc:18:46:ab:62:28:68:08:4b:8b:79:19:d6:41:41:e0:20:0e:
cc:fd:d1:b0:55:4b:ce:03:39:6e:41:16:a4:d2:f5:42:f7:7e:
29:1f:c8:2a:2e:fd:3a:2b:81:bc:f3:19:65:07:91:79:62:ad:
8f:5e:c3:2e:d8:bd:e1:6c:50:45:d3:b7:ae:5d:e0:29:59:d8:
7e:bd:53:78
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzGS11fh+GPZSpZdcs+GtJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBjMjU3ZjczNGU0MDBhZDVkMDBlNGRhZDQ3NmFmMWNhZjNjNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsSyOnUlYYk6dxt6OSeBCUCQKqgM
aLvgHi+Pth0z9LdPrHjnzhucbRtP2033EDrpyzXljxLZTDNPwmp7SWCUBz/kDprg
t7/gABQJ/1L06aFWZysozs1rbnsTMVZ2vqEAtvL7rPw7olTx3lKqP1UqwMfSLaoW
CZWDSEa/1j2eMiVLKygkJaV+SLfmSwTbYoH6SXqPG+iWUARhszsdtM9+Mj1rW2Dd
N+nHEJZTDslRWU9VkdYDM6Ca9BVSPkTJrkFKAMeyS3yoTAbXGaNT0HTkHdANkogT
3AXU+bwPKAbfZ7Swr0RBdLV8J+58ROD7UI0jWpQyk6rwoJ/tYjUtcgl2cwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAcMJX9zTkAK1dAOTa1HavHK88dNMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvQnd3bGYzTk9RQXJWMEE1TnJVZHE4Y3J6eDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKgOywAMF
AyoJCcADBQMqCXJAAwUDKgmngAMFAyoN30ADBQMqDr4AAwUDKhA5gDANBgkqhkiG
9w0BAQsFAAOCAQEAdV3tchOvdsRUIlogV824AxqdUFentMgdCvo45qwdPAriZsfA
B3KT2Vr/aIKzLkAy543jzZtT2o3FwL9NNp/RUES4FAE5Lo71MRLknWM8FC9WSSTS
ZOVvg3p9tSsKmwkhjd2fjUXGuwoisqzyaQlPjj8RVaPxEA/i1q1GfVwSa2VV/YID
ff1doT5TqAoV8/33eXIVP8lftr2soTRGgAifWttBGuDbbrABKWkmJNPJPXlo2Bgn
zBhGq2IoaAhLi3kZ1kFB4CAOzP3RsFVLzgM5bkEWpNL1Qvd+KR/IKi79OiuBvPMZ
ZQeReWKtj17DLti94WxQRdO3rl3gKVnYfr1TeA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:32 2025 by rpki-client