Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/Kli1CIfvUzezQEeZgfmrCqdQM_I.roa
File: Kli1CIfvUzezQEeZgfmrCqdQM_I.roa (raw, json)
Hash identifier: 78hmVW1qiWAvpebiM5hdAQNsJHKvS7UWJOLOAC6eO10=
Subject key identifier: 2A:58:B5:08:87:EF:53:37:B3:40:47:99:81:F9:AB:0A:A7:50:33:F2
Certificate issuer: /CN=061bb0916c853801f22ce723bc2cc418869db7d0
Certificate serial: 01941F8C0FC259E8BC10762649255B0222E6
Authority key identifier: 06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/Kli1CIfvUzezQEeZgfmrCqdQM_I.roa
Signing time: Wed 01 Jan 2025 01:47:40 +0000
ROA not before: Wed 01 Jan 2025 01:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25098
IP address blocks: 2001:678:b04::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0f:c2:59:e8:bc:10:76:26:49:25:5b:02:22:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=061bb0916c853801f22ce723bc2cc418869db7d0
Validity
Not Before: Jan 1 01:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a58b50887ef5337b340479981f9ab0aa75033f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:06:14:f7:4b:dd:de:64:9a:7b:9b:96:3e:9e:
82:b1:2e:0e:33:e3:28:c0:11:64:fa:cc:01:8a:00:
89:b0:44:e0:f3:0c:05:10:62:94:c9:0b:c8:64:5f:
04:7a:eb:53:bd:bf:f4:2e:2d:f9:7d:97:aa:d9:a1:
e7:f2:81:5d:96:6e:e6:5a:93:d4:b6:f3:09:09:0a:
c5:c7:96:1a:36:5c:09:a9:31:74:c2:37:66:ab:dd:
33:7c:1e:65:99:04:54:73:1c:22:16:ad:55:ed:fc:
9f:93:78:04:f5:ab:11:cd:cd:9f:ff:f8:58:27:f7:
e5:ba:c2:24:8b:63:c5:87:a1:a9:de:82:45:28:10:
a4:d7:be:bb:51:70:58:13:98:1b:2a:b1:ff:e4:0d:
d1:9e:e9:23:ea:1e:20:06:d9:17:35:ed:3b:68:ef:
a3:25:d0:d3:41:67:c1:f2:ed:b5:d1:79:0a:19:df:
ef:59:48:53:cb:11:ba:b1:27:9b:cb:fa:05:b2:7a:
84:5a:56:35:1c:93:4e:ce:46:e5:24:72:b2:10:fe:
5e:2f:f0:bc:22:ec:92:dc:04:23:bd:79:71:5b:a3:
0d:24:9f:02:c3:2b:55:41:94:13:33:13:bc:18:1c:
b9:57:6d:18:85:99:d8:43:9a:af:e2:f3:df:a3:62:
79:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:58:B5:08:87:EF:53:37:B3:40:47:99:81:F9:AB:0A:A7:50:33:F2
X509v3 Authority Key Identifier:
keyid:06:1B:B0:91:6C:85:38:01:F2:2C:E7:23:BC:2C:C4:18:86:9D:B7:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BhuwkWyFOAHyLOcjvCzEGIadt9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/Kli1CIfvUzezQEeZgfmrCqdQM_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/bbb1c6-9f91-4346-b616-c2dc7a058e30/1/BhuwkWyFOAHyLOcjvCzEGIadt9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:b04::/48
Signature Algorithm: sha256WithRSAEncryption
56:f7:eb:b3:1f:34:0a:44:3c:e1:c8:b3:05:46:e6:dd:8c:3e:
e3:49:09:c3:ab:83:c3:d7:cb:60:7d:5d:93:82:4d:ff:73:26:
e9:04:3c:24:b3:0d:31:15:e0:ac:e1:8d:62:eb:2b:1f:a3:e5:
88:f3:b5:dd:be:4e:3f:58:50:61:9d:f6:ac:69:a4:ba:a0:be:
33:d3:8c:2e:ab:20:54:61:d0:98:1f:bc:ae:7e:d8:d8:27:f4:
1c:0a:04:79:1d:b3:1b:25:45:17:9c:d2:9d:33:31:96:6a:77:
30:27:4d:95:79:8d:d4:83:60:49:1a:3b:12:ef:44:b8:14:8b:
0d:d2:1e:41:1b:53:19:c0:ed:ab:61:06:3f:1e:ee:3f:b5:ac:
4c:85:19:15:e0:8c:cd:a4:47:fe:8f:7e:39:6d:f2:79:4d:53:
2f:f7:54:ce:64:91:dd:dd:4a:26:4e:39:c9:1b:b7:6a:9b:6c:
61:54:94:86:19:81:99:a9:6f:f1:c0:30:60:00:89:d8:b6:ed:
5b:28:9c:55:43:aa:37:7f:a1:03:33:e6:2e:5c:22:4e:c9:3f:
ac:0a:66:89:2f:7f:cc:96:fb:16:62:dd:ef:10:66:c4:e6:4b:
9f:75:45:47:7d:ec:78:1a:e6:b1:91:64:eb:93:ce:27:29:4a:
77:17:be:8e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjA/CWei8EHYmSSVbAiLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MWJiMDkxNmM4NTM4MDFmMjJjZTcyM2JjMmNjNDE4ODY5
ZGI3ZDAwHhcNMjUwMTAxMDE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTU4YjUwODg3ZWY1MzM3YjM0MDQ3OTk4MWY5YWIwYWE3NTAzM2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AYU90vd3mSae5uWPp6CsS4OM+Mo
wBFk+swBigCJsETg8wwFEGKUyQvIZF8EeutTvb/0Li35fZeq2aHn8oFdlm7mWpPU
tvMJCQrFx5YaNlwJqTF0wjdmq90zfB5lmQRUcxwiFq1V7fyfk3gE9asRzc2f//hY
J/flusIki2PFh6Gp3oJFKBCk1767UXBYE5gbKrH/5A3Rnukj6h4gBtkXNe07aO+j
JdDTQWfB8u210XkKGd/vWUhTyxG6sSeby/oFsnqEWlY1HJNOzkblJHKyEP5eL/C8
IuyS3AQjvXlxW6MNJJ8CwytVQZQTMxO8GBy5V20YhZnYQ5qv4vPfo2J5hQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCpYtQiH71M3s0BHmYH5qwqnUDPyMB8GA1UdIwQY
MBaAFAYbsJFshTgB8iznI7wsxBiGnbfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmh1d2tXeUZPQUh5TE9janZDekVHSWFkdDlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iYmIxYzYtOWY5MS00MzQ2LWI2MTYt
YzJkYzdhMDU4ZTMwLzEvS2xpMUNJZnZVemV6UUVlWmdmbXJDcWRRTV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iYmIxYzYtOWY5MS00MzQ2LWI2MTYtYzJkYzdhMDU4ZTMw
LzEvQmh1d2tXeUZPQUh5TE9janZDekVHSWFkdDlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAsE
MA0GCSqGSIb3DQEBCwUAA4IBAQBW9+uzHzQKRDzhyLMFRubdjD7jSQnDq4PD18tg
fV2Tgk3/cybpBDwksw0xFeCs4Y1i6ysfo+WI87Xdvk4/WFBhnfasaaS6oL4z04wu
qyBUYdCYH7yuftjYJ/QcCgR5HbMbJUUXnNKdMzGWancwJ02VeY3Ug2BJGjsS70S4
FIsN0h5BG1MZwO2rYQY/Hu4/taxMhRkV4IzNpEf+j345bfJ5TVMv91TOZJHd3Uom
TjnJG7dqm2xhVJSGGYGZqW/xwDBgAInYtu1bKJxVQ6o3f6EDM+YuXCJOyT+sCmaJ
L3/MlvsWYt3vEGbE5kufdUVHfex4GuaxkWTrk84nKUp3F76O
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:40:07 2025 by rpki-client