Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/bxqRKqA4ZCz-HC5KXbkRpv1VjKY.roa
File: bxqRKqA4ZCz-HC5KXbkRpv1VjKY.roa (raw, json)
Hash identifier: 1IZMZI5YlnRhnfeBN3K+N1PwHEVvMMcDuqlDUtvJ1nU=
Subject key identifier: 6F:1A:91:2A:A0:38:64:2C:FE:1C:2E:4A:5D:B9:11:A6:FD:55:8C:A6
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0194221F80ACAE358651F563BB3D4A0D4F63
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/bxqRKqA4ZCz-HC5KXbkRpv1VjKY.roa
Signing time: Wed 01 Jan 2025 13:47:57 +0000
ROA not before: Wed 01 Jan 2025 13:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211944
IP address blocks: 2a01:e901:102::/48 maxlen: 48
2a01:e901:112::/48 maxlen: 48
2a01:e901:122::/48 maxlen: 48
2a01:e901:132::/48 maxlen: 48
2a01:e901:142::/48 maxlen: 48
2a01:e901:152::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:80:ac:ae:35:86:51:f5:63:bb:3d:4a:0d:4f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jan 1 13:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f1a912aa038642cfe1c2e4a5db911a6fd558ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8a:ec:9d:9f:84:53:6a:d3:d5:bd:39:75:4e:
3f:e8:7e:12:74:4d:af:3f:df:fd:0c:3c:0a:1d:47:
55:13:e7:ce:8e:e3:69:0c:58:12:d0:88:d1:21:dc:
30:05:05:4d:03:dc:99:65:8f:dc:6d:b7:7f:1c:ee:
48:bb:c2:41:4b:43:12:08:b9:06:01:0b:87:c9:99:
46:4f:19:5a:20:1d:3b:7d:31:11:7a:22:6e:32:a9:
0e:54:59:eb:b2:1d:3e:ac:90:94:a6:34:3d:d0:55:
a8:91:e3:2e:48:11:24:e3:9c:c5:1e:fc:ea:67:d8:
b3:b8:df:06:62:d3:3e:cc:8d:7d:43:31:13:7f:31:
21:17:07:6d:a6:9b:7c:e0:29:98:e4:bd:b4:58:3a:
cd:e3:bb:c2:5a:2f:11:ec:27:14:01:0f:35:6f:8c:
e9:10:25:10:8f:f6:67:b7:40:0f:fe:28:bb:32:89:
fd:77:30:88:a7:f7:66:60:8a:47:3d:6c:92:9e:dd:
85:a5:e5:44:45:72:12:a5:d6:98:9e:4c:da:76:7d:
be:c9:37:18:35:b2:df:97:ed:7b:6f:60:23:a5:eb:
d2:69:03:69:c2:03:10:3c:d4:4c:7d:18:c6:59:34:
21:9a:8b:6c:90:1d:ad:d0:82:a6:90:75:6b:20:21:
2b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:1A:91:2A:A0:38:64:2C:FE:1C:2E:4A:5D:B9:11:A6:FD:55:8C:A6
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/bxqRKqA4ZCz-HC5KXbkRpv1VjKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:102::/48
2a01:e901:112::/48
2a01:e901:122::/48
2a01:e901:132::/48
2a01:e901:142::/48
2a01:e901:152::/48
Signature Algorithm: sha256WithRSAEncryption
20:82:d7:d8:d1:ba:8d:c9:b4:65:d4:e9:d4:7e:52:5f:7a:30:
b7:b7:98:1f:4b:50:0d:c5:c3:2d:ad:26:7e:03:03:40:69:14:
f5:aa:d2:67:b5:40:17:28:51:4a:23:cf:81:8d:f2:e4:23:60:
38:50:ee:e1:3c:3b:a3:03:17:87:cf:2b:3c:d8:32:58:13:16:
7c:a4:72:f1:2d:2b:82:ef:1e:89:eb:58:fa:b2:e5:63:0c:16:
91:98:9f:16:d1:22:b0:f2:7a:ed:84:12:3a:26:97:3d:63:8a:
15:b9:b8:7a:4e:e8:8c:09:b6:c7:a6:5a:f7:78:5c:95:c6:d3:
8f:d3:1d:42:b9:e9:a8:3a:69:7c:62:90:9d:ea:49:52:93:05:
b5:57:96:b6:c9:d5:61:05:55:b5:a8:fd:ed:12:63:98:c9:d6:
14:9b:8b:ee:20:d9:22:2f:7d:b3:f8:46:2d:e7:61:0e:3a:b9:
29:5c:4e:54:6a:1d:79:73:29:25:58:3b:09:08:c6:be:bb:61:
83:77:8d:93:53:7c:a7:2a:bb:ac:b3:34:69:62:36:3f:e7:34:
64:ea:b0:26:73:59:14:7f:d6:dd:ab:f9:07:80:66:37:a5:3e:
09:87:34:a2:1e:bb:d7:a6:be:84:89:4f:1b:48:4a:32:da:a6:
ad:2f:24:61
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQiH4CsrjWGUfVjuz1KDU9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwMTAxMTM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjFhOTEyYWEwMzg2NDJjZmUxYzJlNGE1ZGI5MTFhNmZkNTU4Y2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYrsnZ+EU2rT1b05dU4/6H4SdE2v
P9/9DDwKHUdVE+fOjuNpDFgS0IjRIdwwBQVNA9yZZY/cbbd/HO5Iu8JBS0MSCLkG
AQuHyZlGTxlaIB07fTEReiJuMqkOVFnrsh0+rJCUpjQ90FWokeMuSBEk45zFHvzq
Z9izuN8GYtM+zI19QzETfzEhFwdtppt84CmY5L20WDrN47vCWi8R7CcUAQ81b4zp
ECUQj/Znt0AP/ii7Mon9dzCIp/dmYIpHPWySnt2FpeVERXISpdaYnkzadn2+yTcY
NbLfl+17b2AjpevSaQNpwgMQPNRMfRjGWTQhmotskB2t0IKmkHVrICErCQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFG8akSqgOGQs/hwuSl25Eab9VYymMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvYnhxUktxQTRaQ3otSEM1S1hia1JwdjFWaktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQEC
AwcAKgHpAQESAwcAKgHpAQEiAwcAKgHpAQEyAwcAKgHpAQFCAwcAKgHpAQFSMA0G
CSqGSIb3DQEBCwUAA4IBAQAggtfY0bqNybRl1OnUflJfejC3t5gfS1ANxcMtrSZ+
AwNAaRT1qtJntUAXKFFKI8+BjfLkI2A4UO7hPDujAxeHzys82DJYExZ8pHLxLSuC
7x6J61j6suVjDBaRmJ8W0SKw8nrthBI6Jpc9Y4oVubh6TuiMCbbHplr3eFyVxtOP
0x1CuemoOml8YpCd6klSkwW1V5a2ydVhBVW1qP3tEmOYydYUm4vuINkiL32z+EYt
52EOOrkpXE5Uah15cyklWDsJCMa+u2GDd42TU3ynKrusszRpYjY/5zRk6rAmc1kU
f9bdq/kHgGY3pT4JhzSiHrvXpr6EiU8bSEoy2qatLyRh
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:37:22 2025 by rpki-client