Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1Bm1R_K-iHkODENLkK8hyMpm9ak.roa
File: 1Bm1R_K-iHkODENLkK8hyMpm9ak.roa (raw, json)
Hash identifier: SIgdWSyajEpI0VpvsbLh42jusPFVBnKojHfsHVd79RQ=
Subject key identifier: D4:19:B5:47:F2:BE:88:79:0E:0C:43:4B:90:AF:21:C8:CA:66:F5:A9
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019426D98D9A70C1565FC41EA1336C919255
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1Bm1R_K-iHkODENLkK8hyMpm9ak.roa
Signing time: Thu 02 Jan 2025 11:49:39 +0000
ROA not before: Thu 02 Jan 2025 11:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214702
IP address blocks: 2a03:5840:11b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:8d:9a:70:c1:56:5f:c4:1e:a1:33:6c:91:92:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 2 11:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d419b547f2be88790e0c434b90af21c8ca66f5a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1a:64:f1:38:de:76:40:67:52:a8:57:56:0d:
af:3a:35:9d:99:99:b4:9f:f1:cf:45:53:0e:16:1e:
f8:be:6b:fc:98:74:69:b8:19:d2:4b:a6:0d:12:e4:
3b:6e:50:8c:8d:71:28:79:8f:32:c8:c9:ba:5c:a3:
ce:8f:0a:88:ac:f9:3f:17:4d:54:15:90:d8:e8:1f:
59:ba:6b:d4:1a:39:02:a2:bb:38:4d:c6:76:19:3d:
11:9d:b7:45:38:ca:89:5f:f9:d9:25:b2:77:69:8c:
e4:b3:a1:32:5e:0d:31:e8:99:d0:92:d2:f5:28:b1:
c1:fc:ac:1d:b1:fd:25:5b:0c:79:bc:e0:57:8f:74:
b3:c3:ec:7d:94:c9:f2:86:76:fd:bb:f3:4a:b3:6e:
66:e6:6b:ca:78:1d:ac:36:9b:1e:12:1d:14:34:0d:
2b:c4:02:d6:2c:20:6e:98:08:d6:a5:2b:75:c1:21:
cd:19:56:23:87:4c:7e:6f:79:b8:f0:22:f6:ec:c7:
82:36:ce:a9:6e:03:b8:c6:89:a0:31:f3:52:af:5d:
78:25:3e:1e:da:21:eb:3b:d4:43:79:64:ce:9d:57:
52:4e:80:05:c9:9e:e3:14:4b:8d:f7:7f:4e:c0:3b:
1e:3a:43:89:e8:fb:8b:f9:4c:dd:b0:91:2d:c2:31:
dc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:19:B5:47:F2:BE:88:79:0E:0C:43:4B:90:AF:21:C8:CA:66:F5:A9
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/1Bm1R_K-iHkODENLkK8hyMpm9ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:11b::/48
Signature Algorithm: sha256WithRSAEncryption
6b:27:03:c8:a6:63:1a:17:fc:80:80:5e:bd:b5:b4:b9:f0:02:
bf:16:29:b5:cf:11:ca:c4:da:78:66:7e:cd:a3:e5:d4:f1:e6:
80:2f:e1:b7:67:f1:34:cc:11:91:ee:3c:da:3e:82:08:0c:f7:
be:3b:a7:06:dd:05:63:47:04:7b:7b:8d:cd:82:f7:c4:40:92:
1b:50:53:b7:31:af:ce:7b:8a:72:20:f3:bd:a7:c2:a2:d2:48:
db:f6:0e:9c:8f:58:d0:50:06:a9:f3:ad:04:f9:25:ee:90:92:
cb:4b:b7:51:b2:bc:3b:58:c7:8f:2e:9e:dc:32:3b:5c:17:aa:
03:f5:d8:92:81:35:28:92:bf:ae:fa:cc:9a:da:81:27:6d:12:
34:c6:23:ee:c3:b3:7a:3c:4e:80:6d:12:c2:2e:e0:11:b1:83:
b6:c8:f6:5b:d3:89:e8:05:e8:4a:7d:d4:e3:f3:c8:bc:fe:13:
c0:d3:e0:5e:fe:36:57:cf:29:80:10:aa:26:d8:7e:79:ae:1d:
69:57:54:c5:d9:82:83:f0:2c:2d:72:ad:97:db:bf:ae:9d:84:
5b:d9:0e:07:4d:12:f2:79:92:2c:87:8d:68:c1:22:f0:ab:75:
26:73:ae:00:ba:0d:72:f9:35:1f:8c:ec:6a:34:95:28:4e:6d:
bd:80:dc:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQm2Y2acMFWX8QeoTNskZJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjUwMTAyMTE0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE5YjU0N2YyYmU4ODc5MGUwYzQzNGI5MGFmMjFjOGNhNjZmNWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xpk8TjedkBnUqhXVg2vOjWdmZm0
n/HPRVMOFh74vmv8mHRpuBnSS6YNEuQ7blCMjXEoeY8yyMm6XKPOjwqIrPk/F01U
FZDY6B9ZumvUGjkCors4TcZ2GT0RnbdFOMqJX/nZJbJ3aYzks6EyXg0x6JnQktL1
KLHB/Kwdsf0lWwx5vOBXj3Szw+x9lMnyhnb9u/NKs25m5mvKeB2sNpseEh0UNA0r
xALWLCBumAjWpSt1wSHNGVYjh0x+b3m48CL27MeCNs6pbgO4xomgMfNSr114JT4e
2iHrO9RDeWTOnVdSToAFyZ7jFEuN939OwDseOkOJ6PuL+UzdsJEtwjHcPQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNQZtUfyvoh5DgxDS5CvIcjKZvWpMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvMUJtMVJfSy1pSGtPREVOTGtLOGh5TXBtOWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAEb
MA0GCSqGSIb3DQEBCwUAA4IBAQBrJwPIpmMaF/yAgF69tbS58AK/Fim1zxHKxNp4
Zn7No+XU8eaAL+G3Z/E0zBGR7jzaPoIIDPe+O6cG3QVjRwR7e43NgvfEQJIbUFO3
Ma/Oe4pyIPO9p8Ki0kjb9g6cj1jQUAap860E+SXukJLLS7dRsrw7WMePLp7cMjtc
F6oD9diSgTUokr+u+sya2oEnbRI0xiPuw7N6PE6AbRLCLuARsYO2yPZb04noBehK
fdTj88i8/hPA0+Be/jZXzymAEKom2H55rh1pV1TF2YKD8Cwtcq2X27+unYRb2Q4H
TRLyeZIsh41owSLwq3Umc64Aug1y+TUfjOxqNJUoTm29gNyb
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:04:05 2025 by rpki-client