Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/3d7e20-9022-492a-b882-3188e9d1f5a0/1/bGf4cCRG9dkpmbXoKNR-wNn-qNk.roa
File: bGf4cCRG9dkpmbXoKNR-wNn-qNk.roa (raw, json)
Hash identifier: Cp+HX5WugU73QzyqqCmrt27DN2j3Lyp2sZVezzd5Obc=
Subject key identifier: 6C:67:F8:70:24:46:F5:D9:29:99:B5:E8:28:D4:7E:C0:D9:FE:A8:D9
Certificate issuer: /CN=d588db17666fa9515af31dba095d0f250f84bdf7
Certificate serial: 019422FC2E09DC123CF7427D14EFBF6AD984
Authority key identifier: D5:88:DB:17:66:6F:A9:51:5A:F3:1D:BA:09:5D:0F:25:0F:84:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YjbF2ZvqVFa8x26CV0PJQ-Evfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/3d7e20-9022-492a-b882-3188e9d1f5a0/1/bGf4cCRG9dkpmbXoKNR-wNn-qNk.roa
Signing time: Wed 01 Jan 2025 17:48:59 +0000
ROA not before: Wed 01 Jan 2025 17:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207880
IP address blocks: 2001:678:b6c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:2e:09:dc:12:3c:f7:42:7d:14:ef:bf:6a:d9:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d588db17666fa9515af31dba095d0f250f84bdf7
Validity
Not Before: Jan 1 17:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c67f8702446f5d92999b5e828d47ec0d9fea8d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:44:6c:10:9c:db:67:67:9b:ba:1c:67:a2:42:
f0:f7:30:6e:af:97:7f:29:21:61:ef:67:92:30:06:
e9:f7:67:00:56:a8:d0:26:f0:42:8f:48:37:ca:39:
01:de:85:4a:6b:c2:2e:85:a6:b2:dd:14:f5:1c:14:
54:82:d7:64:82:ea:1b:9b:d4:54:b6:bc:03:b3:75:
6c:5f:b8:65:66:42:c7:3b:97:4c:82:b9:bc:3c:e9:
4a:44:40:3d:ce:3f:f1:7c:e5:b3:cd:1a:74:8c:40:
54:5a:11:48:80:f7:54:5c:71:e3:9a:15:d5:ea:fa:
5a:1c:9c:4a:bd:e2:29:a3:30:80:0a:d9:17:13:4c:
02:64:b8:c5:1c:05:eb:22:78:da:83:56:bf:3e:85:
5e:6c:95:09:76:12:a8:2d:52:3c:c9:74:da:5f:ca:
42:c2:91:c2:64:98:0c:a2:1e:2c:44:ce:a5:34:48:
e5:58:b4:1d:a6:71:f1:75:a4:bd:83:26:3d:1b:70:
94:8b:0c:ac:92:ce:f9:14:bf:e5:c5:6e:5e:13:a9:
07:70:e3:81:19:db:a3:58:25:93:94:d2:e3:c9:d1:
97:6c:ff:dd:44:f6:01:97:ce:a8:1b:d0:ce:1c:e8:
26:c6:dd:c0:e7:8e:39:81:b4:fd:2c:8b:2f:a7:cc:
5d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:67:F8:70:24:46:F5:D9:29:99:B5:E8:28:D4:7E:C0:D9:FE:A8:D9
X509v3 Authority Key Identifier:
keyid:D5:88:DB:17:66:6F:A9:51:5A:F3:1D:BA:09:5D:0F:25:0F:84:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YjbF2ZvqVFa8x26CV0PJQ-Evfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3d7e20-9022-492a-b882-3188e9d1f5a0/1/bGf4cCRG9dkpmbXoKNR-wNn-qNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/3d7e20-9022-492a-b882-3188e9d1f5a0/1/1YjbF2ZvqVFa8x26CV0PJQ-Evfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:b6c::/48
Signature Algorithm: sha256WithRSAEncryption
9b:3f:e2:f1:7b:cd:17:2f:38:c7:d1:17:2e:b6:c7:27:5f:ba:
53:48:6b:52:32:21:b1:a1:db:fe:69:d5:cf:7f:c9:4e:ce:34:
f5:03:1f:f4:6f:e9:a2:89:d0:12:d3:a9:eb:1b:2e:d6:19:b1:
23:72:ba:a5:19:07:49:20:6d:52:04:67:08:a4:4f:b2:9e:af:
c9:54:a3:fe:57:ad:e6:fb:28:e5:2b:03:c4:de:2e:0e:91:dd:
1d:44:84:7d:73:1a:b0:19:95:c2:05:e0:ba:f1:db:eb:15:47:
9a:29:d0:30:21:04:c4:88:e7:7d:fe:a2:a5:4b:d5:88:d7:5b:
9c:52:0a:f5:ad:28:f9:2e:78:06:a1:8e:cc:a6:d2:49:76:df:
3d:e0:b5:31:72:d2:84:1f:7b:3d:7e:0b:7c:ae:1c:44:75:87:
c8:65:95:1f:04:3b:0c:17:b9:8d:61:22:72:db:01:82:20:6c:
fd:bd:58:ab:c6:a2:7d:2e:2e:87:a3:d9:31:b3:01:9e:5a:99:
a4:04:03:f0:21:70:8f:eb:c7:de:02:b3:43:d3:b3:68:3d:c1:
15:f0:b4:56:28:51:86:a1:b2:21:11:97:2d:3d:72:2d:41:89:
30:d7:85:11:b0:f3:05:0e:a9:22:02:41:08:7d:2a:30:ad:91:
10:93:cf:f8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi/C4J3BI890J9FO+/atmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODhkYjE3NjY2ZmE5NTE1YWYzMWRiYTA5NWQwZjI1MGY4
NGJkZjcwHhcNMjUwMTAxMTc0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzY3Zjg3MDI0NDZmNWQ5Mjk5OWI1ZTgyOGQ0N2VjMGQ5ZmVhOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkRsEJzbZ2ebuhxnokLw9zBur5d/
KSFh72eSMAbp92cAVqjQJvBCj0g3yjkB3oVKa8Iuhaay3RT1HBRUgtdkguobm9RU
trwDs3VsX7hlZkLHO5dMgrm8POlKREA9zj/xfOWzzRp0jEBUWhFIgPdUXHHjmhXV
6vpaHJxKveIpozCACtkXE0wCZLjFHAXrInjag1a/PoVebJUJdhKoLVI8yXTaX8pC
wpHCZJgMoh4sRM6lNEjlWLQdpnHxdaS9gyY9G3CUiwysks75FL/lxW5eE6kHcOOB
GdujWCWTlNLjydGXbP/dRPYBl86oG9DOHOgmxt3A5445gbT9LIsvp8xd+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGxn+HAkRvXZKZm16CjUfsDZ/qjZMB8GA1UdIwQY
MBaAFNWI2xdmb6lRWvMdugldDyUPhL33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlqYkYyWnZxVkZhOHgyNkNWMFBKUS1FdmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8zZDdlMjAtOTAyMi00OTJhLWI4ODIt
MzE4OGU5ZDFmNWEwLzEvYkdmNGNDUkc5ZGtwbWJYb0tOUi13Tm4tcU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8zZDdlMjAtOTAyMi00OTJhLWI4ODItMzE4OGU5ZDFmNWEw
LzEvMVlqYkYyWnZxVkZhOHgyNkNWMFBKUS1FdmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAts
MA0GCSqGSIb3DQEBCwUAA4IBAQCbP+Lxe80XLzjH0RcutscnX7pTSGtSMiGxodv+
adXPf8lOzjT1Ax/0b+miidAS06nrGy7WGbEjcrqlGQdJIG1SBGcIpE+ynq/JVKP+
V63m+yjlKwPE3i4Okd0dRIR9cxqwGZXCBeC68dvrFUeaKdAwIQTEiOd9/qKlS9WI
11ucUgr1rSj5LngGoY7MptJJdt894LUxctKEH3s9fgt8rhxEdYfIZZUfBDsMF7mN
YSJy2wGCIGz9vVirxqJ9Li6Ho9kxswGeWpmkBAPwIXCP68feArND07NoPcEV8LRW
KFGGobIhEZctPXItQYkw14URsPMFDqkiAkEIfSowrZEQk8/4
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:45:48 2025 by rpki-client