Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f5d0f9-ca2f-4b6e-917c-137109369621/1/hBprFDZElX2sHj2Kaw0JJ0jN9Ro.roa
File: hBprFDZElX2sHj2Kaw0JJ0jN9Ro.roa (raw, json)
Hash identifier: 2JG09FHe5eSpxaJ9idEhdaHS+yUplvNwc1d04eIKBko=
Subject key identifier: 84:1A:6B:14:36:44:95:7D:AC:1E:3D:8A:6B:0D:09:27:48:CD:F5:1A
Certificate issuer: /CN=2bfb0d548c49b6a5618a4d3b3c1da4c3d144bf46
Certificate serial: 019427481D6FB29954906498C6AA650B11BC
Authority key identifier: 2B:FB:0D:54:8C:49:B6:A5:61:8A:4D:3B:3C:1D:A4:C3:D1:44:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K_sNVIxJtqVhik07PB2kw9FEv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f5d0f9-ca2f-4b6e-917c-137109369621/1/hBprFDZElX2sHj2Kaw0JJ0jN9Ro.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210152
IP address blocks: 2001:67c:c14::/48 maxlen: 48
2001:67c:e88::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1d:6f:b2:99:54:90:64:98:c6:aa:65:0b:11:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bfb0d548c49b6a5618a4d3b3c1da4c3d144bf46
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=841a6b143644957dac1e3d8a6b0d092748cdf51a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:52:ad:51:f7:7a:bf:5a:6a:d3:9f:f9:bf:78:
26:38:00:ae:96:16:74:ee:20:fe:f7:3d:7e:e7:a9:
84:27:48:99:db:03:33:7f:a8:07:8c:9e:7a:d1:7e:
22:76:31:b7:85:d1:26:e9:27:eb:ac:c0:07:23:cb:
dd:dd:b9:dc:d5:1f:be:28:08:8b:57:6e:7d:fd:61:
28:2f:b7:cb:7d:0e:4f:c3:cf:56:20:91:c1:a9:76:
1f:33:e0:64:3d:75:bd:90:34:71:f2:d5:3a:0f:53:
f2:7e:c4:72:73:9c:dc:ed:1c:28:42:ea:75:b0:52:
f0:4f:29:f4:d6:2c:5f:67:df:65:fc:33:ff:36:f0:
0c:ff:39:10:69:e7:75:d6:5c:07:75:a2:04:cf:54:
36:fb:27:81:7b:52:39:52:b9:7b:5d:0d:3f:b6:45:
23:8a:55:93:32:7c:20:0b:50:a0:91:86:3d:f6:b1:
d9:e2:f0:65:86:89:e1:c0:99:52:f9:91:d1:5a:a9:
d7:60:5a:9e:90:67:55:c5:53:3b:24:fe:95:07:77:
aa:7c:28:9f:00:0d:42:b1:93:3f:aa:8b:b4:7b:e0:
ed:ae:78:16:53:51:f7:c2:9a:2e:3c:8b:2b:1a:71:
64:e4:0a:67:27:5f:68:af:45:c0:94:e0:b9:3c:86:
7f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1A:6B:14:36:44:95:7D:AC:1E:3D:8A:6B:0D:09:27:48:CD:F5:1A
X509v3 Authority Key Identifier:
keyid:2B:FB:0D:54:8C:49:B6:A5:61:8A:4D:3B:3C:1D:A4:C3:D1:44:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K_sNVIxJtqVhik07PB2kw9FEv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f5d0f9-ca2f-4b6e-917c-137109369621/1/hBprFDZElX2sHj2Kaw0JJ0jN9Ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f5d0f9-ca2f-4b6e-917c-137109369621/1/K_sNVIxJtqVhik07PB2kw9FEv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:c14::/48
2001:67c:e88::/48
Signature Algorithm: sha256WithRSAEncryption
80:f5:61:3f:9e:ac:2f:39:da:19:d9:71:96:6f:53:3a:aa:2e:
09:b6:53:e6:24:92:98:57:ce:2b:43:4d:66:93:3f:82:0d:fa:
46:d2:a3:21:e7:7f:68:4c:be:18:32:9b:f6:06:95:e8:49:26:
63:11:9b:63:f1:aa:5c:f6:20:40:4c:71:71:36:9c:02:52:b1:
03:22:60:fb:d8:ab:d1:28:cd:03:42:99:f8:5e:dd:5f:00:cb:
a7:d1:5a:32:9c:1d:e5:ac:b8:fa:ed:05:ec:61:df:d9:b6:3b:
4b:c6:d4:63:e6:55:50:a4:07:93:3f:21:a7:9b:54:bc:66:0b:
9a:6d:9b:fa:9b:74:56:a4:ec:a2:aa:16:12:4d:3b:e4:4d:e8:
60:70:9c:b5:73:f3:72:ab:c0:d0:62:10:bd:b9:fd:d1:a6:e2:
d7:87:17:fe:16:81:44:20:30:f6:e4:bd:db:99:f8:3d:6a:a0:
52:84:50:db:71:cf:bb:e2:8c:60:9a:6c:2a:df:c4:b0:e9:48:
29:40:f7:08:07:7d:9c:31:93:6a:3d:5e:9f:e0:13:2f:77:21:
a1:bd:47:8f:1e:b5:f5:b8:b9:9a:a1:d8:6a:a1:29:39:22:be:
97:3f:b4:0c:14:1e:88:32:c8:35:91:fc:14:74:e7:35:44:ae:
15:6e:86:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnSB1vsplUkGSYxqplCxG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZmIwZDU0OGM0OWI2YTU2MThhNGQzYjNjMWRhNGMzZDE0
NGJmNDYwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFhNmIxNDM2NDQ5NTdkYWMxZTNkOGE2YjBkMDkyNzQ4Y2RmNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFKtUfd6v1pq05/5v3gmOACulhZ0
7iD+9z1+56mEJ0iZ2wMzf6gHjJ560X4idjG3hdEm6SfrrMAHI8vd3bnc1R++KAiL
V259/WEoL7fLfQ5Pw89WIJHBqXYfM+BkPXW9kDRx8tU6D1PyfsRyc5zc7RwoQup1
sFLwTyn01ixfZ99l/DP/NvAM/zkQaed11lwHdaIEz1Q2+yeBe1I5Url7XQ0/tkUj
ilWTMnwgC1CgkYY99rHZ4vBlhonhwJlS+ZHRWqnXYFqekGdVxVM7JP6VB3eqfCif
AA1CsZM/qou0e+DtrngWU1H3wpouPIsrGnFk5ApnJ19or0XAlOC5PIZ/AwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIQaaxQ2RJV9rB49imsNCSdIzfUaMB8GA1UdIwQY
MBaAFCv7DVSMSbalYYpNOzwdpMPRRL9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS19zTlZJeEp0cVZoaWswN1BCMmt3OUZFdjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mNWQwZjktY2EyZi00YjZlLTkxN2Mt
MTM3MTA5MzY5NjIxLzEvaEJwckZEWkVsWDJzSGoyS2F3MEpKMGpOOVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mNWQwZjktY2EyZi00YjZlLTkxN2MtMTM3MTA5MzY5NjIx
LzEvS19zTlZJeEp0cVZoaWswN1BCMmt3OUZFdjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfAwU
AwcAIAEGfA6IMA0GCSqGSIb3DQEBCwUAA4IBAQCA9WE/nqwvOdoZ2XGWb1M6qi4J
tlPmJJKYV84rQ01mkz+CDfpG0qMh539oTL4YMpv2BpXoSSZjEZtj8apc9iBATHFx
NpwCUrEDImD72KvRKM0DQpn4Xt1fAMun0VoynB3lrLj67QXsYd/ZtjtLxtRj5lVQ
pAeTPyGnm1S8ZguabZv6m3RWpOyiqhYSTTvkTehgcJy1c/Nyq8DQYhC9uf3RpuLX
hxf+FoFEIDD25L3bmfg9aqBShFDbcc+74oxgmmwq38Sw6UgpQPcIB32cMZNqPV6f
4BMvdyGhvUePHrX1uLmaodhqoSk5Ir6XP7QMFB6IMsg1kfwUdOc1RK4VboaE
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:20 2025 by rpki-client