Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/bbCSbkJ69E4ZyMcMf3FWG13o9vw.roa
File: bbCSbkJ69E4ZyMcMf3FWG13o9vw.roa (raw, json)
Hash identifier: QLK4XGB/GAetu80z0dQMeItgOqPLMqF/gY1QoYjWP2U=
Subject key identifier: 6D:B0:92:6E:42:7A:F4:4E:19:C8:C7:0C:7F:71:56:1B:5D:E8:F6:FC
Certificate issuer: /CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Certificate serial: 01942369E81D7A40E39EC004B9594DBC60DD
Authority key identifier: 86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/bbCSbkJ69E4ZyMcMf3FWG13o9vw.roa
Signing time: Wed 01 Jan 2025 19:48:50 +0000
ROA not before: Wed 01 Jan 2025 19:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16175
IP address blocks: 2a00:e08::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:e8:1d:7a:40:e3:9e:c0:04:b9:59:4d:bc:60:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Validity
Not Before: Jan 1 19:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6db0926e427af44e19c8c70c7f71561b5de8f6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:78:87:a7:bc:5b:c9:27:90:35:1f:f4:a7:
3b:59:f5:16:e6:b9:ca:ef:61:91:88:af:8a:7a:15:
a1:40:f5:ac:8e:db:53:22:92:be:bb:0a:5d:d4:4f:
b6:3c:34:29:ea:c1:85:d5:b3:c6:a6:c2:ee:63:e2:
db:9d:cf:fe:8c:98:94:9e:c9:15:e5:8d:87:c7:4d:
96:76:bb:27:94:19:2a:30:1f:5c:f4:16:74:c6:8b:
54:73:89:34:94:34:57:0a:97:5c:23:1c:4c:1e:5a:
b8:82:0e:79:89:eb:27:c6:12:5f:0c:1e:8c:27:15:
12:88:d1:c3:8a:0f:66:d6:26:0b:de:59:e0:50:07:
c5:c3:c5:bf:8c:f2:dc:23:de:36:ff:70:21:ef:c5:
c5:dc:41:04:08:ff:f1:af:79:48:91:3e:1c:94:6d:
a8:99:9e:29:92:48:f6:01:bb:24:28:df:66:f7:39:
48:78:4b:3a:27:03:59:f0:80:dd:2f:1a:52:9e:63:
e5:96:1e:35:a0:23:5a:6f:f5:6e:2a:26:0d:b7:42:
76:f4:ff:77:32:99:39:3e:c0:ab:3a:17:26:e9:95:
5d:f8:b4:66:51:b9:3b:be:d7:96:cc:7d:59:02:95:
c7:76:01:35:60:50:ba:7e:87:48:aa:7c:44:71:82:
7b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B0:92:6E:42:7A:F4:4E:19:C8:C7:0C:7F:71:56:1B:5D:E8:F6:FC
X509v3 Authority Key Identifier:
keyid:86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/bbCSbkJ69E4ZyMcMf3FWG13o9vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:e08::/32
Signature Algorithm: sha256WithRSAEncryption
ac:2b:64:bb:ef:6b:81:dc:ff:3e:28:56:2a:75:f0:fc:0f:95:
5a:e5:41:fe:6c:15:8d:98:1c:51:f3:91:5b:4f:63:ee:46:3a:
8d:2c:16:41:c8:ff:02:f2:0e:a8:2e:0a:58:ce:e6:c9:1c:e2:
7a:01:5b:02:34:56:9b:79:fd:f5:87:99:02:46:a1:bb:3e:6b:
fe:27:4e:c5:f0:0f:88:c4:74:63:3b:d7:59:0a:25:4d:3f:c6:
50:43:42:8b:60:ab:8b:c9:55:b1:18:fe:4a:49:48:91:89:61:
a5:f2:6b:1c:d1:65:1c:1a:c5:a7:36:fb:b1:d1:33:e4:a2:0f:
d5:cf:77:51:4d:b6:e5:3e:8d:c8:e0:fe:34:93:42:45:f5:14:
f4:a6:da:2c:6b:76:26:27:08:73:99:b1:bb:ac:d0:e0:1b:ee:
68:9c:83:c4:2d:af:86:c5:30:70:3e:3f:40:4b:8c:db:b6:16:
18:bf:25:bc:67:27:cd:91:e7:2f:90:1e:81:7f:05:e4:12:18:
bc:63:46:af:27:67:e7:2c:fc:2a:41:76:d1:45:37:36:4d:8f:
21:5a:58:b9:24:e9:a2:bb:11:4c:03:a8:41:84:24:67:64:1d:
41:2b:5b:d9:3a:19:cb:8a:f9:82:11:0b:b4:3a:a0:f4:e8:3e:
10:bd:c3:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQjaegdekDjnsAEuVlNvGDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDU0MjMyM2MwZTMwNTFjOWM3YmI4ZWQxZDFlOGFjZmQz
ZGI4MzQwHhcNMjUwMTAxMTk0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGIwOTI2ZTQyN2FmNDRlMTljOGM3MGM3ZjcxNTYxYjVkZThmNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIJ4h6e8W8knkDUf9Kc7WfUW5rnK
72GRiK+KehWhQPWsjttTIpK+uwpd1E+2PDQp6sGF1bPGpsLuY+Lbnc/+jJiUnskV
5Y2Hx02WdrsnlBkqMB9c9BZ0xotUc4k0lDRXCpdcIxxMHlq4gg55iesnxhJfDB6M
JxUSiNHDig9m1iYL3lngUAfFw8W/jPLcI942/3Ah78XF3EEECP/xr3lIkT4clG2o
mZ4pkkj2AbskKN9m9zlIeEs6JwNZ8IDdLxpSnmPllh41oCNab/VuKiYNt0J29P93
Mpk5PsCrOhcm6ZVd+LRmUbk7vteWzH1ZApXHdgE1YFC6fodIqnxEcYJ7dQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG2wkm5CevROGcjHDH9xVhtd6Pb8MB8GA1UdIwQY
MBaAFIbVQjI8DjBRyce7jtHR6Kz9Pbg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgt
NzBkYWQ1MWU3M2ZiLzEvYmJDU2JrSjY5RTRaeU1jTWYzRldHMTNvOXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgtNzBkYWQ1MWU3M2Zi
LzEvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAOCDAN
BgkqhkiG9w0BAQsFAAOCAQEArCtku+9rgdz/PihWKnXw/A+VWuVB/mwVjZgcUfOR
W09j7kY6jSwWQcj/AvIOqC4KWM7myRziegFbAjRWm3n99YeZAkahuz5r/idOxfAP
iMR0YzvXWQolTT/GUENCi2Cri8lVsRj+SklIkYlhpfJrHNFlHBrFpzb7sdEz5KIP
1c93UU225T6NyOD+NJNCRfUU9KbaLGt2JicIc5mxu6zQ4BvuaJyDxC2vhsUwcD4/
QEuM27YWGL8lvGcnzZHnL5AegX8F5BIYvGNGrydn5yz8KkF20UU3Nk2PIVpYuSTp
orsRTAOoQYQkZ2QdQStb2ToZy4r5ghELtDqg9Og+EL3Djw==
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:08:46 2025 by rpki-client