Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TEmBttlqOql-6WlBVV0HWvswEQo.roa
File: TEmBttlqOql-6WlBVV0HWvswEQo.roa (raw, json)
Hash identifier: fN7yflsLhVlqg4R45jJbYQ9DskvVzHDmzUKU/2SCJrQ=
Subject key identifier: 4C:49:81:B6:D9:6A:3A:A9:7E:E9:69:41:55:5D:07:5A:FB:30:11:0A
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 01944BCAA4609EEEA221EAD24E1866C44776
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TEmBttlqOql-6WlBVV0HWvswEQo.roa
Signing time: Thu 09 Jan 2025 15:59:19 +0000
ROA not before: Thu 09 Jan 2025 15:59:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8285
IP address blocks: 2a06:e8c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4b:ca:a4:60:9e:ee:a2:21:ea:d2:4e:18:66:c4:47:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Jan 9 15:59:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c4981b6d96a3aa97ee96941555d075afb30110a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:10:e5:d7:e0:72:bc:0b:bf:24:86:32:a1:79:
27:0d:96:cd:c9:d2:72:aa:6b:af:29:6c:b2:a5:83:
19:10:2d:82:63:2d:c7:04:d4:36:01:35:78:8f:36:
11:e0:65:35:8d:e0:72:65:73:e2:c4:0c:20:b9:bf:
6b:ff:24:04:10:44:69:37:17:4a:ca:6f:ae:c0:7c:
57:73:3f:e8:95:3b:b7:60:54:8e:af:e3:67:40:59:
83:b6:75:8f:31:41:17:c2:c6:a1:55:a8:97:54:ee:
47:9e:1a:9c:1c:9d:a6:50:cb:ab:a4:7e:24:93:90:
8a:20:f3:53:ff:80:69:48:8e:f3:c7:ec:a8:23:49:
4e:bd:ef:29:a8:28:2f:9d:6d:28:32:3f:d9:13:ff:
7e:53:5f:05:71:47:29:4b:fb:7b:f0:1e:11:8f:af:
0c:54:18:ac:47:f0:12:09:12:d2:a9:fd:bc:f9:e2:
bc:d5:c7:56:a0:31:fd:60:d4:16:8b:e3:4f:8a:b2:
df:35:5e:a8:3c:b9:d9:28:4b:a4:31:a2:68:0a:72:
21:cd:b8:f6:f5:e7:7b:c5:d4:14:cf:58:e6:c0:5b:
15:b2:08:47:15:a1:83:ed:23:2f:f5:99:f3:da:d3:
f1:3c:f4:4d:70:e3:27:94:14:2f:3e:8e:19:c3:ed:
af:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:49:81:B6:D9:6A:3A:A9:7E:E9:69:41:55:5D:07:5A:FB:30:11:0A
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/TEmBttlqOql-6WlBVV0HWvswEQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
83:bc:02:be:b4:c2:88:cb:e2:19:16:7f:db:f1:cf:72:b8:6e:
1e:1d:65:ad:e1:87:b4:27:be:16:4c:25:dc:75:10:16:af:b5:
01:c7:5d:da:8a:81:2b:ae:c4:9b:41:6f:21:b8:4c:5b:9f:c1:
e2:aa:8c:27:46:50:ed:61:44:73:3a:49:66:fd:ea:fb:47:c5:
ec:15:b4:37:8c:ec:42:3e:7d:93:31:aa:26:26:64:d2:df:05:
4b:59:bf:77:75:a3:b9:d4:33:55:ef:89:99:f5:14:ae:f5:a2:
18:99:30:cf:85:2f:00:47:b1:7b:09:13:a3:ba:95:16:28:37:
26:e2:67:bc:af:cf:29:9b:f7:31:ac:98:bf:c9:5a:f2:1a:c6:
0e:69:e7:b8:a7:bf:8d:c1:f4:84:f3:c6:d8:9b:76:0a:48:ff:
82:aa:aa:13:24:1d:1f:3a:39:c7:21:f4:87:5c:56:2c:70:84:
5c:c1:f6:f7:7b:7c:6c:98:4f:42:5d:4f:3f:9d:e3:9b:8d:e4:
ab:fd:c1:50:c7:57:01:51:2c:bc:45:ea:f9:fb:ed:ed:b4:01:
7e:d8:ff:46:e7:cc:27:80:b8:6e:c8:02:b6:ca:ee:2f:58:46:
83:55:63:a2:1d:c3:11:c3:a2:09:3c:a0:53:e0:0f:7e:53:d1:
24:22:44:74
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRLyqRgnu6iIerSThhmxEd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjUwMTA5MTU1OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ5ODFiNmQ5NmEzYWE5N2VlOTY5NDE1NTVkMDc1YWZiMzAxMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxDl1+ByvAu/JIYyoXknDZbNydJy
qmuvKWyypYMZEC2CYy3HBNQ2ATV4jzYR4GU1jeByZXPixAwgub9r/yQEEERpNxdK
ym+uwHxXcz/olTu3YFSOr+NnQFmDtnWPMUEXwsahVaiXVO5HnhqcHJ2mUMurpH4k
k5CKIPNT/4BpSI7zx+yoI0lOve8pqCgvnW0oMj/ZE/9+U18FcUcpS/t78B4Rj68M
VBisR/ASCRLSqf28+eK81cdWoDH9YNQWi+NPirLfNV6oPLnZKEukMaJoCnIhzbj2
9ed7xdQUz1jmwFsVsghHFaGD7SMv9Znz2tPxPPRNcOMnlBQvPo4Zw+2vLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFExJgbbZajqpfulpQVVdB1r7MBEKMB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvVEVtQnR0bHFPcWwtNldsQlZWMEhXdnN3RVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgbowDAN
BgkqhkiG9w0BAQsFAAOCAQEAg7wCvrTCiMviGRZ/2/HPcrhuHh1lreGHtCe+Fkwl
3HUQFq+1Acdd2oqBK67Em0FvIbhMW5/B4qqMJ0ZQ7WFEczpJZv3q+0fF7BW0N4zs
Qj59kzGqJiZk0t8FS1m/d3WjudQzVe+JmfUUrvWiGJkwz4UvAEexewkTo7qVFig3
JuJnvK/PKZv3MayYv8la8hrGDmnnuKe/jcH0hPPG2Jt2Ckj/gqqqEyQdHzo5xyH0
h1xWLHCEXMH293t8bJhPQl1PP53jm43kq/3BUMdXAVEsvEXq+fvt7bQBftj/RufM
J4C4bsgCtsruL1hGg1Vjoh3DEcOiCTygU+APflPRJCJEdA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:04:19 2025 by rpki-client