Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/1dc3DBkabesIXWrXBlpTN4WCVvg.roa
File: 1dc3DBkabesIXWrXBlpTN4WCVvg.roa (raw, json)
Hash identifier: JYxWS4xKuhpIMkdw4zx8bR8Wle4y3ahKccOsObqb8OA=
Subject key identifier: D5:D7:37:0C:19:1A:6D:EB:08:5D:6A:D7:06:5A:53:37:85:82:56:F8
Certificate issuer: /CN=bc55b1ca3724255d60a0a1ef295727df08e3b14c
Certificate serial: 018B510C8438EC7D244FC2E9112BFB477A95
Authority key identifier: BC:55:B1:CA:37:24:25:5D:60:A0:A1:EF:29:57:27:DF:08:E3:B1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vFWxyjckJV1goKHvKVcn3wjjsUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/1dc3DBkabesIXWrXBlpTN4WCVvg.roa
Signing time: Sat 21 Oct 2023 07:04:16 +0000
ROA not before: Sat 21 Oct 2023 07:04:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8075
IP address blocks: 2a0b:a4c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:51:0c:84:38:ec:7d:24:4f:c2:e9:11:2b:fb:47:7a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc55b1ca3724255d60a0a1ef295727df08e3b14c
Validity
Not Before: Oct 21 07:04:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5d7370c191a6deb085d6ad7065a5337858256f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:71:33:67:e4:6a:75:81:4a:78:1e:9e:4d:33:
60:9e:b8:85:0c:a1:d5:b5:09:a3:62:db:2a:21:93:
31:4d:a4:99:50:3c:f1:d3:e1:ea:41:67:3c:fd:5e:
b9:a7:1c:10:65:a3:61:a2:8d:51:ec:ff:b8:06:8b:
4a:90:4a:b1:0c:1e:8c:4a:c3:fd:2f:d6:c4:39:85:
c6:34:cd:c4:6a:15:db:0a:f5:36:5d:c1:d3:9b:ae:
b6:9f:87:6f:9e:9b:36:2f:76:cc:01:4a:19:de:91:
ac:36:65:8c:17:8c:62:2f:9d:5f:99:88:68:d6:b6:
69:18:c4:e8:5b:af:2f:55:87:6b:8e:88:27:d9:3c:
4a:77:17:97:6c:85:3f:f3:9f:79:70:fc:c4:7a:7c:
41:73:4f:0e:41:d4:c3:00:e9:12:c7:3b:92:fe:29:
0d:70:8c:f7:9f:2e:6c:54:73:b7:3b:ff:62:a5:30:
d0:78:7d:1d:bd:b0:34:1d:9e:51:84:f1:a7:ff:4f:
62:0b:cc:b5:5f:f4:fe:58:71:28:63:df:cf:e9:28:
2e:16:28:d6:2b:42:30:96:a7:2d:ed:87:e0:0e:82:
0c:a7:2b:5f:95:85:28:a5:6c:c8:95:41:f1:b0:b4:
f8:4e:b5:c2:7d:f6:26:21:00:08:04:4f:28:13:57:
00:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D7:37:0C:19:1A:6D:EB:08:5D:6A:D7:06:5A:53:37:85:82:56:F8
X509v3 Authority Key Identifier:
keyid:BC:55:B1:CA:37:24:25:5D:60:A0:A1:EF:29:57:27:DF:08:E3:B1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vFWxyjckJV1goKHvKVcn3wjjsUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/1dc3DBkabesIXWrXBlpTN4WCVvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/37fd7b-1303-404f-a588-cbb3cd9fedfe/1/vFWxyjckJV1goKHvKVcn3wjjsUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a4c1::/32
Signature Algorithm: sha256WithRSAEncryption
39:d3:26:e0:12:c6:2c:01:fb:c5:1d:bc:9a:b0:a5:2b:60:54:
73:50:bb:3c:82:55:d9:7c:8e:de:96:ab:33:dd:0d:59:36:b6:
9b:49:8c:89:b7:9b:09:60:fa:93:8b:7c:82:96:32:6b:0c:06:
ff:ff:06:8a:0e:04:60:7c:82:7f:bd:75:21:a4:90:13:a3:77:
50:77:80:fb:e6:24:d8:f1:30:78:ce:1e:14:4f:7e:0a:91:d5:
41:63:e0:1c:e8:e7:6f:a8:f9:a0:dd:05:fe:d2:9f:e4:b3:d2:
5e:05:44:c2:c7:d8:ce:3c:47:1a:09:43:ec:b9:fd:12:b0:78:
c5:88:73:51:79:ae:94:db:52:03:f4:3c:ef:ff:53:99:5a:5a:
d8:ce:b3:ce:18:8a:c6:6f:81:2e:fd:57:01:71:2a:f0:88:a6:
ef:74:df:99:96:c7:ab:65:af:26:b6:67:dd:27:9e:64:8b:ce:
54:7c:f6:de:07:fb:b9:df:ed:0b:57:b1:2e:3b:09:a2:f1:9a:
fa:b2:f9:c9:8d:7e:b5:0b:ff:bf:1d:13:39:af:b4:b5:23:77:
c1:a0:5a:44:a5:5e:cf:a5:7c:18:c2:c8:e8:7b:5c:45:c5:a8:
86:4a:2e:1d:e6:5c:1b:d0:ce:d0:08:8f:7e:af:2c:f1:70:01:
cb:25:43:7b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtRDIQ47H0kT8LpESv7R3qVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNTViMWNhMzcyNDI1NWQ2MGEwYTFlZjI5NTcyN2RmMDhl
M2IxNGMwHhcNMjMxMDIxMDcwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ3MzcwYzE5MWE2ZGViMDg1ZDZhZDcwNjVhNTMzNzg1ODI1NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXEzZ+RqdYFKeB6eTTNgnriFDKHV
tQmjYtsqIZMxTaSZUDzx0+HqQWc8/V65pxwQZaNhoo1R7P+4BotKkEqxDB6MSsP9
L9bEOYXGNM3EahXbCvU2XcHTm662n4dvnps2L3bMAUoZ3pGsNmWMF4xiL51fmYho
1rZpGMToW68vVYdrjogn2TxKdxeXbIU/8595cPzEenxBc08OQdTDAOkSxzuS/ikN
cIz3ny5sVHO3O/9ipTDQeH0dvbA0HZ5RhPGn/09iC8y1X/T+WHEoY9/P6SguFijW
K0Iwlqct7YfgDoIMpytflYUopWzIlUHxsLT4TrXCffYmIQAIBE8oE1cAQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNXXNwwZGm3rCF1q1wZaUzeFglb4MB8GA1UdIwQY
MBaAFLxVsco3JCVdYKCh7ylXJ98I47FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkZXeHlqY2tKVjFnb0tIdktWY24zd2pqc1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zN2ZkN2ItMTMwMy00MDRmLWE1ODgt
Y2JiM2NkOWZlZGZlLzEvMWRjM0RCa2FiZXNJWFdyWEJscFRONFdDVnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zN2ZkN2ItMTMwMy00MDRmLWE1ODgtY2JiM2NkOWZlZGZl
LzEvdkZXeHlqY2tKVjFnb0tIdktWY24zd2pqc1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgukwTAN
BgkqhkiG9w0BAQsFAAOCAQEAOdMm4BLGLAH7xR28mrClK2BUc1C7PIJV2XyO3par
M90NWTa2m0mMibebCWD6k4t8gpYyawwG//8Gig4EYHyCf711IaSQE6N3UHeA++Yk
2PEweM4eFE9+CpHVQWPgHOjnb6j5oN0F/tKf5LPSXgVEwsfYzjxHGglD7Ln9ErB4
xYhzUXmulNtSA/Q87/9TmVpa2M6zzhiKxm+BLv1XAXEq8Iim73TfmZbHq2WvJrZn
3SeeZIvOVHz23gf7ud/tC1exLjsJovGa+rL5yY1+tQv/vx0TOa+0tSN3waBaRKVe
z6V8GMLI6HtcRcWohkouHeZcG9DO0AiPfq8s8XAByyVDew==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:17 2025 by rpki-client