Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/BY3gmYE2jAUAzVYgNkSF1kzgx38.roa
File: BY3gmYE2jAUAzVYgNkSF1kzgx38.roa (raw, json)
Hash identifier: o+T/NGOLnxz7Wv8sLagAUwobjqcsqFCif9O5RgNrbi4=
Subject key identifier: 05:8D:E0:99:81:36:8C:05:00:CD:56:20:36:44:85:D6:4C:E0:C7:7F
Certificate issuer: /CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c
Certificate serial: 019427B5BC9D11EEC15C81618DAEB0498AA6
Authority key identifier: 23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/BY3gmYE2jAUAzVYgNkSF1kzgx38.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206459
IP address blocks: 2a12:bd40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bc:9d:11:ee:c1:5c:81:61:8d:ae:b0:49:8a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23b29accd4c0d5f5f8377ea7f46343b7606bab7c
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=058de09981368c0500cd5620364485d64ce0c77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f4:ea:69:1c:f1:60:48:5e:02:68:00:90:5e:
b4:2a:d0:c7:d0:7e:51:e6:78:ce:3d:43:1e:2d:2e:
a6:3f:67:1c:6c:d3:63:c9:57:7c:02:bc:4a:21:11:
0f:91:c6:65:9b:46:50:45:1d:9b:98:1b:fc:ec:8a:
f1:16:15:52:bc:f1:5e:83:1f:8b:31:78:1d:f1:5d:
9f:de:a4:54:66:7d:7c:51:79:11:93:0e:c5:87:c6:
13:0b:82:54:ca:78:13:5f:e2:45:0b:8f:63:1c:cc:
91:09:41:81:b5:fe:93:f4:8f:7b:5e:ba:80:54:38:
03:52:02:e1:89:1b:21:89:02:2e:ee:a2:52:fa:e4:
f8:47:f4:ed:5c:97:8d:82:b4:c1:e4:66:68:73:9b:
95:93:7d:9f:94:1f:59:d8:dd:66:ee:e5:bd:f0:11:
4e:88:e0:4b:38:25:0a:eb:3c:dd:f6:b4:09:31:c8:
6f:32:49:03:c6:22:d5:a7:58:fc:8c:39:08:41:cd:
c3:b6:38:27:05:1e:a2:66:f3:f0:99:de:89:a6:db:
42:ef:c0:d0:27:2d:96:18:54:88:b5:8d:6c:1a:0a:
3d:7f:53:2d:c5:e5:64:f9:18:06:17:e7:16:a7:8a:
b4:59:6a:96:46:b8:50:97:8e:28:c9:fe:08:70:c4:
3f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8D:E0:99:81:36:8C:05:00:CD:56:20:36:44:85:D6:4C:E0:C7:7F
X509v3 Authority Key Identifier:
keyid:23:B2:9A:CC:D4:C0:D5:F5:F8:37:7E:A7:F4:63:43:B7:60:6B:AB:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I7KazNTA1fX4N36n9GNDt2Brq3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/BY3gmYE2jAUAzVYgNkSF1kzgx38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/811db9-cbe0-4a89-a220-1174a428036b/1/I7KazNTA1fX4N36n9GNDt2Brq3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
98:15:b0:a3:26:e3:cb:d2:a7:35:bc:a4:1f:a0:4e:b6:5f:83:
c7:9a:2e:2f:21:b9:14:fa:30:94:64:f3:56:7d:49:3c:25:44:
44:65:34:c2:7e:a4:3a:5b:3e:b6:39:96:db:00:e1:8d:f6:3d:
c0:7f:6f:8b:36:8a:ca:45:e1:0f:6f:75:37:69:46:1a:46:cf:
55:04:a9:06:2c:db:a2:49:05:97:93:b9:10:eb:a2:aa:1e:64:
00:99:35:3a:23:62:a3:dc:36:e9:e8:9f:6d:05:77:5e:87:f3:
81:6d:b6:8b:34:d5:26:7c:da:74:e7:f6:a6:c5:40:63:11:ea:
c1:bc:06:d8:42:41:cc:99:5a:ac:3e:51:40:11:fa:f3:73:c8:
40:33:28:f2:0b:e0:cf:61:94:dc:a2:52:ed:ab:8e:cb:95:50:
e2:7b:4e:dd:e9:e4:c3:39:ce:fa:7d:d7:3e:12:45:d8:59:c8:
2f:b8:2a:4c:9d:e2:ee:70:1c:05:08:18:26:df:4b:e5:e2:2b:
30:b0:fd:56:0c:9b:10:ef:d6:27:6c:bb:85:3a:40:fa:69:1d:
aa:c8:92:b9:3c:0f:6e:01:bd:98:cf:30:16:df:dc:69:a2:44:
4c:ae:91:1c:e4:2c:cb:fa:e4:97:6a:b4:31:eb:a4:ef:2e:e1:
ae:75:1a:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntbydEe7BXIFhja6wSYqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYjI5YWNjZDRjMGQ1ZjVmODM3N2VhN2Y0NjM0M2I3NjA2
YmFiN2MwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThkZTA5OTgxMzY4YzA1MDBjZDU2MjAzNjQ0ODVkNjRjZTBjNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/TqaRzxYEheAmgAkF60KtDH0H5R
5njOPUMeLS6mP2ccbNNjyVd8ArxKIREPkcZlm0ZQRR2bmBv87IrxFhVSvPFegx+L
MXgd8V2f3qRUZn18UXkRkw7Fh8YTC4JUyngTX+JFC49jHMyRCUGBtf6T9I97XrqA
VDgDUgLhiRshiQIu7qJS+uT4R/TtXJeNgrTB5GZoc5uVk32flB9Z2N1m7uW98BFO
iOBLOCUK6zzd9rQJMchvMkkDxiLVp1j8jDkIQc3DtjgnBR6iZvPwmd6JpttC78DQ
Jy2WGFSItY1sGgo9f1MtxeVk+RgGF+cWp4q0WWqWRrhQl44oyf4IcMQ/BwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAWN4JmBNowFAM1WIDZEhdZM4Md/MB8GA1UdIwQY
MBaAFCOymszUwNX1+Dd+p/RjQ7dga6t8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAt
MTE3NGE0MjgwMzZiLzEvQlkzZ21ZRTJqQVVBelZZZ05rU0Yxa3pneDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84MTFkYjktY2JlMC00YTg5LWEyMjAtMTE3NGE0MjgwMzZi
LzEvSTdLYXpOVEExZlg0TjM2bjlHTkR0MkJycTN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhK9QDAN
BgkqhkiG9w0BAQsFAAOCAQEAmBWwoybjy9KnNbykH6BOtl+Dx5ouLyG5FPowlGTz
Vn1JPCVERGU0wn6kOls+tjmW2wDhjfY9wH9vizaKykXhD291N2lGGkbPVQSpBizb
okkFl5O5EOuiqh5kAJk1OiNio9w26eifbQV3XofzgW22izTVJnzadOf2psVAYxHq
wbwG2EJBzJlarD5RQBH683PIQDMo8gvgz2GU3KJS7auOy5VQ4ntO3enkwznO+n3X
PhJF2FnIL7gqTJ3i7nAcBQgYJt9L5eIrMLD9VgybEO/WJ2y7hTpA+mkdqsiSuTwP
bgG9mM8wFt/caaJETK6RHOQsy/rkl2q0Meuk7y7hrnUaGw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:36:44 2025 by rpki-client