Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/0fe64a-fcc5-4a2f-84cc-d264010f45b7/1/bzbYjhzOPfTtS4wY6SF4QNu6KH8.roa
File: bzbYjhzOPfTtS4wY6SF4QNu6KH8.roa (raw, json)
Hash identifier: HZZaoLesVd/HoqgW3N5NnTleC+8cjZjrf6H1puPXv4s=
Subject key identifier: 6F:36:D8:8E:1C:CE:3D:F4:ED:4B:8C:18:E9:21:78:40:DB:BA:28:7F
Certificate issuer: /CN=94b21640a951055dfe9c09e345739cb820054dd4
Certificate serial: 01856F824DFE493AA9564DBF9106D7EDD5B3
Authority key identifier: 94:B2:16:40:A9:51:05:5D:FE:9C:09:E3:45:73:9C:B8:20:05:4D:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lLIWQKlRBV3-nAnjRXOcuCAFTdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/0fe64a-fcc5-4a2f-84cc-d264010f45b7/1/bzbYjhzOPfTtS4wY6SF4QNu6KH8.roa
Signing time: Sun 01 Jan 2023 22:44:48 +0000
ROA not before: Sun 01 Jan 2023 22:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209260
IP address blocks: 62.3.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4d:fe:49:3a:a9:56:4d:bf:91:06:d7:ed:d5:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94b21640a951055dfe9c09e345739cb820054dd4
Validity
Not Before: Jan 1 22:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f36d88e1cce3df4ed4b8c18e9217840dbba287f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:db:53:0b:6c:97:3a:a5:7e:ee:5f:57:d1:9a:
78:d7:18:7b:16:b7:c0:37:41:45:d0:39:38:54:2c:
f5:c3:02:79:5d:48:fa:88:3e:49:a5:27:59:c3:d8:
38:d6:40:10:7b:cd:80:45:79:74:bd:eb:a6:2d:33:
2b:39:02:1d:f2:8a:7a:60:b1:c4:83:14:da:81:87:
bb:3d:77:58:06:b3:4c:1c:5b:d9:55:19:ef:23:f8:
61:be:5e:d6:30:0d:38:5a:19:41:05:16:fc:5a:bd:
26:66:95:65:3a:18:55:8e:fc:38:19:c5:21:88:9c:
97:ec:6c:d9:0b:be:91:66:a6:35:ed:b1:5a:b3:0c:
02:f6:52:92:9c:98:50:5e:f4:56:30:2d:25:d3:2f:
d2:c7:71:cc:38:80:d0:de:ba:af:9b:f0:38:b3:71:
35:14:df:05:ca:bc:1b:af:81:cc:89:36:1b:c5:5c:
39:96:b1:eb:68:2f:41:6a:fa:45:ea:21:23:86:bb:
0e:fd:2d:40:7d:49:ab:70:e8:ca:c8:54:91:89:8c:
09:2f:ec:d3:4f:1e:90:d8:a2:28:b8:58:21:05:bb:
fd:be:00:17:cd:8b:6c:67:07:b4:8d:25:24:4c:af:
45:42:e6:41:0f:dc:fd:9d:78:61:9f:e1:6b:32:61:
c0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:36:D8:8E:1C:CE:3D:F4:ED:4B:8C:18:E9:21:78:40:DB:BA:28:7F
X509v3 Authority Key Identifier:
keyid:94:B2:16:40:A9:51:05:5D:FE:9C:09:E3:45:73:9C:B8:20:05:4D:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lLIWQKlRBV3-nAnjRXOcuCAFTdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/0fe64a-fcc5-4a2f-84cc-d264010f45b7/1/bzbYjhzOPfTtS4wY6SF4QNu6KH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/0fe64a-fcc5-4a2f-84cc-d264010f45b7/1/lLIWQKlRBV3-nAnjRXOcuCAFTdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.62.0/24
Signature Algorithm: sha256WithRSAEncryption
37:6a:b3:6f:15:97:d8:f1:62:73:93:ba:cc:bc:23:10:f9:33:
8e:10:ba:1c:62:d6:6a:6c:31:a6:e5:1f:cc:fe:7b:85:78:d1:
d6:24:6e:e5:e5:cf:0b:74:cb:27:75:7e:71:44:57:2e:8e:56:
70:8e:43:0f:3f:8c:eb:24:5a:7d:40:29:ac:09:a6:61:27:ea:
57:de:54:f9:4e:d7:de:60:9e:7f:a7:22:b8:17:0b:0f:41:ff:
1a:9e:2c:f4:62:98:5b:e7:60:1f:3d:78:a0:b8:fc:50:7e:95:
8a:53:f1:5f:c1:26:d5:7c:af:17:ab:14:51:c1:65:6f:1b:36:
8c:87:af:ff:c4:e1:b8:d8:94:a0:57:08:fd:05:0f:00:d7:91:
b6:6f:bf:f9:58:e5:87:e3:01:f0:6e:8d:39:80:57:f9:4b:3c:
d2:54:a7:0b:64:ec:24:94:5d:4e:b3:71:82:ec:d9:4a:0b:ea:
8e:3d:cb:a2:b1:1e:2d:24:59:ee:6b:da:a8:31:c2:6f:3c:70:
5c:5a:f5:25:b1:ff:59:dc:24:13:b3:61:ab:39:0b:c6:43:77:
82:74:b6:cc:f7:da:5c:1e:38:92:b5:c2:17:6a:b8:03:4f:83:
db:bf:ad:f2:13:b7:1e:9f:af:ac:59:8f:d7:53:35:a1:40:fe:
d3:73:ab:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgk3+STqpVk2/kQbX7dWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YjIxNjQwYTk1MTA1NWRmZTljMDllMzQ1NzM5Y2I4MjAw
NTRkZDQwHhcNMjMwMTAxMjI0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM2ZDg4ZTFjY2UzZGY0ZWQ0YjhjMThlOTIxNzg0MGRiYmEyODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNtTC2yXOqV+7l9X0Zp41xh7FrfA
N0FF0Dk4VCz1wwJ5XUj6iD5JpSdZw9g41kAQe82ARXl0veumLTMrOQId8op6YLHE
gxTagYe7PXdYBrNMHFvZVRnvI/hhvl7WMA04WhlBBRb8Wr0mZpVlOhhVjvw4GcUh
iJyX7GzZC76RZqY17bFaswwC9lKSnJhQXvRWMC0l0y/Sx3HMOIDQ3rqvm/A4s3E1
FN8Fyrwbr4HMiTYbxVw5lrHraC9BavpF6iEjhrsO/S1AfUmrcOjKyFSRiYwJL+zT
Tx6Q2KIouFghBbv9vgAXzYtsZwe0jSUkTK9FQuZBD9z9nXhhn+FrMmHANQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG822I4czj307UuMGOkheEDbuih/MB8GA1UdIwQY
MBaAFJSyFkCpUQVd/pwJ40VznLggBU3UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbExJV1FLbFJCVjMtbkFualJYT2N1Q0FGVGRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8wZmU2NGEtZmNjNS00YTJmLTg0Y2Mt
ZDI2NDAxMGY0NWI3LzEvYnpiWWpoek9QZlR0UzR3WTZTRjRRTnU2S0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8wZmU2NGEtZmNjNS00YTJmLTg0Y2MtZDI2NDAxMGY0NWI3
LzEvbExJV1FLbFJCVjMtbkFualJYT2N1Q0FGVGRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgM+MA0G
CSqGSIb3DQEBCwUAA4IBAQA3arNvFZfY8WJzk7rMvCMQ+TOOELocYtZqbDGm5R/M
/nuFeNHWJG7l5c8LdMsndX5xRFcujlZwjkMPP4zrJFp9QCmsCaZhJ+pX3lT5Ttfe
YJ5/pyK4FwsPQf8aniz0Yphb52AfPXiguPxQfpWKU/FfwSbVfK8XqxRRwWVvGzaM
h6//xOG42JSgVwj9BQ8A15G2b7/5WOWH4wHwbo05gFf5SzzSVKcLZOwklF1Os3GC
7NlKC+qOPcuisR4tJFnua9qoMcJvPHBcWvUlsf9Z3CQTs2GrOQvGQ3eCdLbM99pc
HjiStcIXargDT4Pbv63yE7cen6+sWY/XUzWhQP7Tc6v+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:30 2025 by rpki-client