Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/BI1_IYMcz04ApdAcr2QAYo1Gijc.roa
File: BI1_IYMcz04ApdAcr2QAYo1Gijc.roa (raw, json)
Hash identifier: L+zD+W35uF9Uwlx9BIqDCzEBqTULiJDb8lRlDdA0EUg=
Subject key identifier: 04:8D:7F:21:83:1C:CF:4E:00:A5:D0:1C:AF:64:00:62:8D:46:8A:37
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F8292A565AAE691F177E19E4D342E
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/BI1_IYMcz04ApdAcr2QAYo1Gijc.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216249
IP address blocks: 2a01:e901::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:82:92:a5:65:aa:e6:91:f1:77:e1:9e:4d:34:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=048d7f21831ccf4e00a5d01caf6400628d468a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0a:b8:8d:f6:fb:fe:98:7c:50:1a:90:8b:3c:
24:4e:5c:29:70:75:95:fb:2d:b2:09:49:7a:eb:48:
bc:29:93:cc:65:6c:59:17:8d:89:ff:c2:7e:49:e2:
3e:be:92:61:b8:91:6f:af:5c:e7:a9:c3:e6:4e:38:
79:cf:a2:6c:10:cf:8c:2d:7e:ea:d8:2c:7c:75:92:
79:72:a4:c4:cd:c9:66:23:b3:3c:c0:4d:23:79:f8:
21:8f:92:1d:dc:a7:cc:3f:d5:48:97:42:57:74:a5:
39:2a:74:af:ac:7e:ee:df:91:eb:64:9e:e7:27:53:
84:66:80:95:63:97:e9:c3:81:d3:c5:4f:f3:f1:1d:
56:98:ae:75:6f:7a:c0:cb:99:2d:20:4b:71:c7:6c:
68:1b:60:e0:01:b9:c5:20:38:bd:6f:6c:a0:02:20:
51:ed:70:ec:ff:93:50:95:01:b9:69:11:a7:e8:84:
1b:c9:3b:c0:4e:b5:bd:86:a0:da:24:80:2d:d8:1b:
4e:04:18:ac:ce:4b:16:74:b6:0d:26:89:26:f5:c8:
be:b7:a4:2b:e7:36:5a:92:09:43:3d:af:f1:a0:2f:
c8:8c:31:c9:94:70:c4:30:e9:77:2f:43:0d:a5:b1:
06:ac:b1:3b:0a:d0:d7:20:e4:37:86:03:55:78:29:
b5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8D:7F:21:83:1C:CF:4E:00:A5:D0:1C:AF:64:00:62:8D:46:8A:37
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/BI1_IYMcz04ApdAcr2QAYo1Gijc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901::/44
Signature Algorithm: sha256WithRSAEncryption
87:68:7f:05:c0:8e:dd:43:88:12:d8:2e:61:21:a7:a9:1a:84:
58:85:e1:86:74:82:52:62:8d:42:ae:5a:67:6e:d2:29:0b:0c:
1c:65:ec:f5:31:9a:b5:cb:88:c6:a1:b8:f1:47:14:aa:89:20:
e7:b7:da:d0:7e:ef:0a:45:46:01:00:71:10:61:da:09:ec:1c:
eb:a8:d9:26:01:79:62:8f:5f:5b:1b:ca:a0:4b:c0:fe:15:28:
de:97:04:49:c9:e1:a4:15:f2:20:15:43:22:b0:ed:f7:43:91:
9c:e3:b0:7e:42:33:ed:6b:fd:af:d5:2f:85:19:17:fc:a6:8b:
e2:a7:87:5c:49:8f:01:48:b9:27:23:ab:d3:40:5e:5f:aa:74:
8c:ec:31:5c:ec:80:42:e7:8d:fd:4c:3e:8b:32:37:39:96:73:
48:5e:11:8c:6e:9a:e8:2c:3d:c1:95:55:d4:1c:86:4f:b8:02:
9b:ef:dd:c3:7e:5e:f5:51:24:d1:cc:b8:85:a0:10:e3:39:a6:
3b:52:2d:55:36:ed:9d:3c:57:02:79:68:5c:6b:ca:a9:84:c6:
b6:fb:b5:e4:e2:3d:5d:e8:70:e6:9b:af:1c:31:88:10:6c:37:
c1:bf:03:35:01:e3:14:29:0d:3a:db:a3:d5:b3:75:9f:a4:6c:
e9:bf:90:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQiH4KSpWWq5pHxd+GeTTQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDhkN2YyMTgzMWNjZjRlMDBhNWQwMWNhZjY0MDA2MjhkNDY4YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Aq4jfb7/ph8UBqQizwkTlwpcHWV
+y2yCUl660i8KZPMZWxZF42J/8J+SeI+vpJhuJFvr1znqcPmTjh5z6JsEM+MLX7q
2Cx8dZJ5cqTEzclmI7M8wE0jefghj5Id3KfMP9VIl0JXdKU5KnSvrH7u35HrZJ7n
J1OEZoCVY5fpw4HTxU/z8R1WmK51b3rAy5ktIEtxx2xoG2DgAbnFIDi9b2ygAiBR
7XDs/5NQlQG5aRGn6IQbyTvATrW9hqDaJIAt2BtOBBiszksWdLYNJokm9ci+t6Qr
5zZakglDPa/xoC/IjDHJlHDEMOl3L0MNpbEGrLE7CtDXIOQ3hgNVeCm1DQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFASNfyGDHM9OAKXQHK9kAGKNRoo3MB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvQkkxX0lZTWN6MDRBcGRBY3IyUUFZbzFHaWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgHpAQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHaH8FwI7dQ4gS2C5hIaepGoRYheGGdIJSYo1C
rlpnbtIpCwwcZez1MZq1y4jGobjxRxSqiSDnt9rQfu8KRUYBAHEQYdoJ7BzrqNkm
AXlij19bG8qgS8D+FSjelwRJyeGkFfIgFUMisO33Q5Gc47B+QjPta/2v1S+FGRf8
povip4dcSY8BSLknI6vTQF5fqnSM7DFc7IBC5439TD6LMjc5lnNIXhGMbproLD3B
lVXUHIZPuAKb793Dfl71USTRzLiFoBDjOaY7Ui1VNu2dPFcCeWhca8qphMa2+7Xk
4j1d6HDmm68cMYgQbDfBvwM1AeMUKQ0626PVs3WfpGzpv5Au
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:03:32 2025 by rpki-client