Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bNQYZ4WIgrR27s6SPvBI-CniVIo.roa
File: bNQYZ4WIgrR27s6SPvBI-CniVIo.roa (raw, json)
Hash identifier: Muu82HYsa0AAqBtULV4FSm2Z58KHY8C3k2UWGdD2cbc=
Subject key identifier: 6C:D4:18:67:85:88:82:B4:76:EE:CE:92:3E:F0:48:F8:29:E2:54:8A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427482B5814897D9EE97AF1227A74DF4E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bNQYZ4WIgrR27s6SPvBI-CniVIo.roa
Signing time: Thu 02 Jan 2025 13:50:28 +0000
ROA not before: Thu 02 Jan 2025 13:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198571
IP address blocks: 2a0d:8f80::/29 maxlen: 29
2a0e:f500::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:2b:58:14:89:7d:9e:e9:7a:f1:22:7a:74:df:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cd41867858882b476eece923ef048f829e2548a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:c3:11:05:d5:1c:0c:34:78:6d:39:84:5e:
1e:bc:40:2a:6e:18:06:d2:c1:4b:2a:cf:c8:c3:94:
9e:0b:65:2f:a1:21:51:5f:d4:d1:47:ff:e4:2c:d3:
d3:e4:fa:54:ef:12:bf:e8:ca:66:85:9d:73:44:6f:
4d:eb:3c:df:b8:c3:0e:34:4a:37:09:06:75:56:29:
76:1b:92:8a:26:54:96:b2:81:39:16:f1:74:53:1c:
77:f7:bd:6f:86:5f:94:23:29:8e:4a:3d:66:9e:4f:
00:9a:30:75:1d:56:a9:1b:03:47:aa:64:b0:42:b7:
48:2b:c2:6a:ce:d7:5f:2c:ba:5e:0f:1c:e8:32:4a:
32:46:84:88:2b:c1:eb:47:61:70:32:28:ac:85:80:
87:56:86:d6:04:8b:1a:f0:17:ce:5c:ac:a4:2a:3c:
e5:a3:47:e4:46:26:04:37:6c:90:81:4b:34:36:9b:
94:7a:29:ef:1f:ae:19:ec:10:c4:4e:ab:6d:3e:23:
82:ec:a4:b1:16:5e:fd:19:79:56:ca:ad:9c:35:fc:
1a:60:13:55:71:1a:bf:aa:bd:db:63:6b:48:6f:cb:
93:b6:86:d0:59:d8:e8:d9:6c:e9:9e:2c:7e:45:0c:
02:e9:0a:ae:16:27:67:d0:6d:30:e0:a3:4f:85:88:
3f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D4:18:67:85:88:82:B4:76:EE:CE:92:3E:F0:48:F8:29:E2:54:8A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bNQYZ4WIgrR27s6SPvBI-CniVIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8f80::/29
2a0e:f500::/29
2a10:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
28:a0:ae:57:6d:45:b4:66:3f:aa:d2:73:d6:93:96:b0:ba:84:
ec:22:5e:35:7f:4c:02:8f:16:70:d1:5d:7d:f2:ff:e4:d3:82:
be:15:b6:ae:ec:06:4b:c8:00:72:dc:61:81:46:a4:c8:a1:d9:
a2:cf:cc:43:52:6e:47:2e:8f:f9:a0:1c:c3:76:a5:4a:7d:35:
5b:86:96:4e:4c:2a:a5:b3:d6:e7:2b:b1:16:67:f1:e1:cc:37:
c3:5a:f6:f9:f3:ce:0c:05:e0:72:b6:72:2d:47:d3:d1:f4:72:
32:02:fa:aa:1f:20:96:54:03:13:45:88:b7:5a:5d:f9:71:4a:
8c:be:78:65:a5:3b:21:5d:17:61:bc:6c:2a:4b:b3:e1:a5:10:
fa:58:31:32:1c:ae:8e:fe:8f:72:6e:2b:7b:82:6c:ca:26:a6:
dc:2d:e9:0f:ba:02:5c:31:86:2c:f5:f5:e7:f8:14:4e:cc:2a:
bb:ed:8e:9a:7d:fb:b2:dc:3c:d6:5d:f3:d6:ac:eb:a8:45:12:
54:d4:bb:67:c9:bf:85:94:0e:33:68:59:53:fb:9f:af:f4:76:
1e:4f:c7:80:bd:f3:eb:ee:44:07:67:b1:a2:bc:1d:4a:35:29:
a5:67:1e:f8:c5:26:85:60:5f:89:52:a7:7b:ee:c8:19:3d:9f:
0a:c7:1d:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQnSCtYFIl9nul68SJ6dN9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q0MTg2Nzg1ODg4MmI0NzZlZWNlOTIzZWYwNDhmODI5ZTI1NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3XDEQXVHAw0eG05hF4evEAqbhgG
0sFLKs/Iw5SeC2UvoSFRX9TRR//kLNPT5PpU7xK/6MpmhZ1zRG9N6zzfuMMONEo3
CQZ1Vil2G5KKJlSWsoE5FvF0Uxx3971vhl+UIymOSj1mnk8AmjB1HVapGwNHqmSw
QrdIK8JqztdfLLpeDxzoMkoyRoSIK8HrR2FwMiishYCHVobWBIsa8BfOXKykKjzl
o0fkRiYEN2yQgUs0NpuUeinvH64Z7BDETqttPiOC7KSxFl79GXlWyq2cNfwaYBNV
cRq/qr3bY2tIb8uTtobQWdjo2Wzpnix+RQwC6QquFidn0G0w4KNPhYg/cQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGzUGGeFiIK0du7Okj7wSPgp4lSKMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYk5RWVo0V0lnclIyN3M2U1B2QkktQ25pVklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg2PgAMF
AyoO9QADBQMqEDfAMA0GCSqGSIb3DQEBCwUAA4IBAQAooK5XbUW0Zj+q0nPWk5aw
uoTsIl41f0wCjxZw0V198v/k04K+Fbau7AZLyABy3GGBRqTIodmiz8xDUm5HLo/5
oBzDdqVKfTVbhpZOTCqls9bnK7EWZ/HhzDfDWvb5884MBeBytnItR9PR9HIyAvqq
HyCWVAMTRYi3Wl35cUqMvnhlpTshXRdhvGwqS7PhpRD6WDEyHK6O/o9ybit7gmzK
JqbcLekPugJcMYYs9fXn+BROzCq77Y6affuy3DzWXfPWrOuoRRJU1Ltnyb+FlA4z
aFlT+5+v9HYeT8eAvfPr7kQHZ7GivB1KNSmlZx74xSaFYF+JUqd77sgZPZ8Kxx0+
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:10:36 2025 by rpki-client