Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/B1zjeI12z7rKzJjEV2xk7Kx6YeQ.roa
File: B1zjeI12z7rKzJjEV2xk7Kx6YeQ.roa (raw, json)
Hash identifier: r2WGLNl7mqhMqh1kFVBikeJbCxyFFZKze+pH0m8/Lxw=
Subject key identifier: 07:5C:E3:78:8D:76:CF:BA:CA:CC:98:C4:57:6C:64:EC:AC:7A:61:E4
Certificate issuer: /CN=b61046dcb185b0bfd9976628d69a189d3c3987d8
Certificate serial: 01949A30A4FDEAEA6BB1747722DB27335110
Authority key identifier: B6:10:46:DC:B1:85:B0:BF:D9:97:66:28:D6:9A:18:9D:3C:39:87:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/thBG3LGFsL_Zl2Yo1poYnTw5h9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/B1zjeI12z7rKzJjEV2xk7Kx6YeQ.roa
Signing time: Fri 24 Jan 2025 21:21:06 +0000
ROA not before: Fri 24 Jan 2025 21:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44947
IP address blocks: 5.63.23.0/24 maxlen: 24
2a13:3cc0::/29 maxlen: 29
2a13:3cc0::/30 maxlen: 30
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9a:30:a4:fd:ea:ea:6b:b1:74:77:22:db:27:33:51:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b61046dcb185b0bfd9976628d69a189d3c3987d8
Validity
Not Before: Jan 24 21:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=075ce3788d76cfbacacc98c4576c64ecac7a61e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b6:bd:5a:ae:06:dd:0b:be:5d:a2:a9:e8:b3:
be:9e:54:b9:00:17:54:bd:b0:52:57:32:4b:f9:f9:
92:79:bd:bf:2d:6e:40:52:d7:30:e2:5b:43:7c:aa:
b0:40:8b:34:2c:0d:39:25:86:c7:49:66:78:74:6a:
61:ad:49:fa:bf:b2:d1:92:15:bc:1a:b0:6e:8a:af:
05:b1:c0:13:7b:2b:25:ac:9b:d6:05:14:b2:8a:ad:
02:7b:c5:ee:0b:95:ea:4e:69:64:de:a5:2a:6f:43:
b7:d6:af:a8:9f:fa:c4:f8:d2:03:f9:60:e8:30:32:
71:b8:a0:d7:a3:93:0b:8c:28:fa:18:2d:83:09:4b:
09:2b:d4:56:ac:b5:24:13:f5:c6:88:59:0f:c3:94:
83:6c:06:cc:b4:6b:49:97:bb:10:e0:05:2b:c2:5e:
7e:65:1e:b5:66:b6:57:e0:7b:8e:9f:23:fa:8a:25:
cf:fa:d5:76:c3:00:95:e6:5b:a5:be:32:76:0c:04:
e7:45:f4:b1:f5:69:32:2b:29:f6:e3:7f:a7:e9:b1:
49:73:71:98:c8:21:45:81:e8:88:2f:9f:6c:d6:f3:
bb:d3:63:6e:1a:f5:59:10:58:8e:ba:fc:b5:ea:b5:
07:b1:cb:61:ef:7e:e2:e6:9e:3b:8a:cd:f5:b3:11:
d6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:5C:E3:78:8D:76:CF:BA:CA:CC:98:C4:57:6C:64:EC:AC:7A:61:E4
X509v3 Authority Key Identifier:
keyid:B6:10:46:DC:B1:85:B0:BF:D9:97:66:28:D6:9A:18:9D:3C:39:87:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/thBG3LGFsL_Zl2Yo1poYnTw5h9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/B1zjeI12z7rKzJjEV2xk7Kx6YeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/70757b-c758-4292-8b5c-cf1f2fa8e5f2/1/thBG3LGFsL_Zl2Yo1poYnTw5h9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.23.0/24
IPv6:
2a13:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:88:6e:78:9b:16:5b:28:20:ff:ef:01:45:86:91:6d:89:9e:
69:09:cf:10:31:38:06:8f:e3:5c:4e:ee:2a:d7:d0:0e:d4:bb:
cf:8f:c5:f4:12:f4:d5:21:1d:ba:be:61:d5:57:37:02:87:56:
1a:33:0d:6a:4a:db:64:5e:e7:4d:bd:e0:9e:89:94:01:0d:6a:
49:8b:f4:c6:95:bc:f9:7b:34:4a:1f:97:6a:c8:2b:86:86:0c:
15:3b:c2:75:b9:dc:a9:4f:47:92:2e:5e:25:86:d5:83:79:d2:
ec:b9:76:f2:f3:9b:66:b9:4d:d5:f1:b4:15:e1:8b:0d:ea:2d:
fd:eb:60:c3:3a:4c:67:7d:a5:1f:03:7a:6b:9d:94:74:b3:0a:
84:5c:85:ba:92:02:63:a5:68:be:fb:28:7f:e7:01:72:a3:11:
4c:b3:70:d0:b1:70:8b:b9:0a:e3:6a:f9:34:be:50:6f:34:27:
84:90:11:42:64:fd:e5:e0:17:eb:22:ca:10:48:51:79:bb:2f:
43:6a:f8:53:df:36:8b:30:3d:47:e9:74:3a:fe:be:f7:9c:b6:
0d:3c:41:1a:06:a7:8c:d1:5b:f8:07:ec:39:d1:ad:bb:8a:d8:
7c:5c:fa:f3:7c:5a:d9:b5:b2:3c:8e:6d:e1:e1:34:df:41:00:
c6:40:a2:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSaMKT96uprsXR3ItsnM1EQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MTA0NmRjYjE4NWIwYmZkOTk3NjYyOGQ2OWExODlkM2Mz
OTg3ZDgwHhcNMjUwMTI0MjEyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzVjZTM3ODhkNzZjZmJhY2FjYzk4YzQ1NzZjNjRlY2FjN2E2MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLa9Wq4G3Qu+XaKp6LO+nlS5ABdU
vbBSVzJL+fmSeb2/LW5AUtcw4ltDfKqwQIs0LA05JYbHSWZ4dGphrUn6v7LRkhW8
GrBuiq8FscATeyslrJvWBRSyiq0Ce8XuC5XqTmlk3qUqb0O31q+on/rE+NID+WDo
MDJxuKDXo5MLjCj6GC2DCUsJK9RWrLUkE/XGiFkPw5SDbAbMtGtJl7sQ4AUrwl5+
ZR61ZrZX4HuOnyP6iiXP+tV2wwCV5lulvjJ2DATnRfSx9WkyKyn243+n6bFJc3GY
yCFFgeiIL59s1vO702NuGvVZEFiOuvy16rUHscth737i5p47is31sxHWEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAdc43iNds+6ysyYxFdsZOysemHkMB8GA1UdIwQY
MBaAFLYQRtyxhbC/2ZdmKNaaGJ08OYfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGhCRzNMR0ZzTF9abDJZbzFwb1luVHc1aDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83MDc1N2ItYzc1OC00MjkyLThiNWMt
Y2YxZjJmYThlNWYyLzEvQjF6amVJMTJ6N3JLekpqRVYyeGs3S3g2WWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83MDc1N2ItYzc1OC00MjkyLThiNWMtY2YxZjJmYThlNWYy
LzEvdGhCRzNMR0ZzTF9abDJZbzFwb1luVHc1aDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABT8XMA0E
AgACMAcDBQMqEzzAMA0GCSqGSIb3DQEBCwUAA4IBAQBsiG54mxZbKCD/7wFFhpFt
iZ5pCc8QMTgGj+NcTu4q19AO1LvPj8X0EvTVIR26vmHVVzcCh1YaMw1qSttkXudN
veCeiZQBDWpJi/TGlbz5ezRKH5dqyCuGhgwVO8J1udypT0eSLl4lhtWDedLsuXby
85tmuU3V8bQV4YsN6i3962DDOkxnfaUfA3prnZR0swqEXIW6kgJjpWi++yh/5wFy
oxFMs3DQsXCLuQrjavk0vlBvNCeEkBFCZP3l4BfrIsoQSFF5uy9DavhT3zaLMD1H
6XQ6/r73nLYNPEEaBqeM0Vv4B+w50a27ith8XPrzfFrZtbI8jm3h4TTfQQDGQKJD
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:40:50 2025 by rpki-client