Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/1bpSh8tm9XsBVsgUiantFBdVrKA.roa
File: 1bpSh8tm9XsBVsgUiantFBdVrKA.roa (raw, json)
Hash identifier: FfvJAG7zkQ2i1r4SRRx5jbL4tQHXrfKkWEVJKGlT2Hk=
Subject key identifier: D5:BA:52:87:CB:66:F5:7B:01:56:C8:14:89:A9:ED:14:17:55:AC:A0
Certificate issuer: /CN=bde6ac28f954e13dcb7db69bc222b785b4d75f2c
Certificate serial: 01856C53BDEB31A8B5F5901FB3AF5DB4C88C
Authority key identifier: BD:E6:AC:28:F9:54:E1:3D:CB:7D:B6:9B:C2:22:B7:85:B4:D7:5F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/veasKPlU4T3LfbabwiK3hbTXXyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/1bpSh8tm9XsBVsgUiantFBdVrKA.roa
Signing time: Sun 01 Jan 2023 07:55:05 +0000
ROA not before: Sun 01 Jan 2023 07:55:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2001:67c:2ccc::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:bd:eb:31:a8:b5:f5:90:1f:b3:af:5d:b4:c8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bde6ac28f954e13dcb7db69bc222b785b4d75f2c
Validity
Not Before: Jan 1 07:55:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5ba5287cb66f57b0156c81489a9ed141755aca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c1:50:cb:fd:24:8d:42:9b:b0:71:3c:e2:15:
25:2c:53:81:d9:27:e2:88:9b:9b:e3:d7:3b:80:cf:
3b:46:ee:5e:fc:7b:e4:b7:02:49:e1:2c:87:6f:2e:
a1:40:9f:21:3e:25:24:a7:7a:dd:80:c8:a4:80:d8:
73:37:0c:2c:1b:59:c0:5b:8e:50:41:b6:fb:39:6c:
2a:10:b3:d4:e6:58:f7:53:c8:20:d7:0a:f6:a1:5c:
2a:2d:81:e7:47:1f:43:a1:87:60:8f:10:60:21:a7:
0e:90:f2:0a:a6:e2:42:51:69:7b:f8:18:8d:61:44:
fa:55:fb:88:d7:7e:6b:31:db:7b:b6:7a:e3:82:a5:
30:8b:e7:fc:de:55:e1:ba:e0:74:f9:31:5e:21:1c:
a3:96:87:19:42:30:23:64:f3:da:63:37:62:db:01:
93:bd:ef:7c:20:13:e1:c3:f9:f1:fa:98:6a:9e:e5:
61:b2:93:19:3f:e2:75:39:e5:a3:06:1b:44:45:61:
2a:6d:16:d2:c0:0e:25:f2:56:03:63:34:56:25:32:
c5:4f:11:b0:5c:d8:df:2a:ec:f8:0a:6a:67:5a:14:
cd:3f:88:6e:33:ea:0f:3e:9d:9e:b2:2b:14:fc:ee:
0a:ff:9a:5a:bb:23:eb:25:bc:24:28:bc:a8:69:26:
57:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BA:52:87:CB:66:F5:7B:01:56:C8:14:89:A9:ED:14:17:55:AC:A0
X509v3 Authority Key Identifier:
keyid:BD:E6:AC:28:F9:54:E1:3D:CB:7D:B6:9B:C2:22:B7:85:B4:D7:5F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/veasKPlU4T3LfbabwiK3hbTXXyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/1bpSh8tm9XsBVsgUiantFBdVrKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/5b4e13-b3dd-4d8a-8e71-cae6c725d92f/1/veasKPlU4T3LfbabwiK3hbTXXyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2ccc::/48
Signature Algorithm: sha256WithRSAEncryption
61:11:7e:a0:d5:24:f2:9d:ac:b4:84:ea:81:ab:55:ed:dc:46:
b9:dd:ba:46:0a:62:3d:f3:34:bc:e0:7f:50:a8:bb:50:f3:61:
70:15:b0:0d:e9:4f:75:47:69:b7:8f:9e:36:4d:df:e3:fb:74:
f7:9c:4d:37:80:b2:5b:e8:9b:dd:64:88:8b:d8:83:1b:5c:90:
1a:f5:f1:f7:87:98:7b:be:88:12:36:16:eb:b3:3c:75:1e:39:
f2:f2:87:df:6f:27:6a:1b:ea:98:58:2b:12:e7:d7:48:7e:ec:
66:6e:8a:ce:3e:b8:81:d1:d5:a7:89:7e:0f:58:39:6d:b4:73:
c8:d7:1d:d8:2d:b5:dc:23:05:e7:c8:01:94:56:e4:a9:84:c9:
8f:45:0d:75:7f:3b:79:0e:fe:e7:30:47:df:9c:a2:45:aa:27:
fd:72:e4:87:e6:37:f0:3b:ab:8f:bd:bd:14:ca:42:47:b3:1a:
40:f4:64:30:1e:d9:c6:ca:72:5d:48:db:f8:bb:65:8a:62:e4:
30:02:69:85:58:c0:17:f3:e9:83:8b:8a:94:b4:fb:d9:dc:16:
f3:0e:18:f7:9b:23:28:9c:f2:c2:78:cd:ea:b3:35:f7:dc:69:
f3:0a:cb:5f:2e:ce:81:da:e3:94:de:89:c2:f3:af:45:12:14:
6a:54:5b:89
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVsU73rMai19ZAfs69dtMiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZTZhYzI4Zjk1NGUxM2RjYjdkYjY5YmMyMjJiNzg1YjRk
NzVmMmMwHhcNMjMwMTAxMDc1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJhNTI4N2NiNjZmNTdiMDE1NmM4MTQ4OWE5ZWQxNDE3NTVhY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8FQy/0kjUKbsHE84hUlLFOB2Sfi
iJub49c7gM87Ru5e/HvktwJJ4SyHby6hQJ8hPiUkp3rdgMikgNhzNwwsG1nAW45Q
Qbb7OWwqELPU5lj3U8gg1wr2oVwqLYHnRx9DoYdgjxBgIacOkPIKpuJCUWl7+BiN
YUT6VfuI135rMdt7tnrjgqUwi+f83lXhuuB0+TFeIRyjlocZQjAjZPPaYzdi2wGT
ve98IBPhw/nx+phqnuVhspMZP+J1OeWjBhtERWEqbRbSwA4l8lYDYzRWJTLFTxGw
XNjfKuz4CmpnWhTNP4huM+oPPp2esisU/O4K/5pauyPrJbwkKLyoaSZX3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNW6UofLZvV7AVbIFImp7RQXVaygMB8GA1UdIwQY
MBaAFL3mrCj5VOE9y322m8Iit4W0118sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmVhc0tQbFU0VDNMZmJhYndpSzNoYlRYWHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81YjRlMTMtYjNkZC00ZDhhLThlNzEt
Y2FlNmM3MjVkOTJmLzEvMWJwU2g4dG05WHNCVnNnVWlhbnRGQmRWcktBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81YjRlMTMtYjNkZC00ZDhhLThlNzEtY2FlNmM3MjVkOTJm
LzEvdmVhc0tQbFU0VDNMZmJhYndpSzNoYlRYWHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCzM
MA0GCSqGSIb3DQEBCwUAA4IBAQBhEX6g1STynay0hOqBq1Xt3Ea53bpGCmI98zS8
4H9QqLtQ82FwFbAN6U91R2m3j542Td/j+3T3nE03gLJb6JvdZIiL2IMbXJAa9fH3
h5h7vogSNhbrszx1Hjny8offbydqG+qYWCsS59dIfuxmborOPriB0dWniX4PWDlt
tHPI1x3YLbXcIwXnyAGUVuSphMmPRQ11fzt5Dv7nMEffnKJFqif9cuSH5jfwO6uP
vb0UykJHsxpA9GQwHtnGynJdSNv4u2WKYuQwAmmFWMAX8+mDi4qUtPvZ3BbzDhj3
myMonPLCeM3qszX33GnzCstfLs6B2uOU3onC869FEhRqVFuJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:33 2025 by rpki-client