Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a7538a-69be-4fbe-97e1-87d97e2aadc4/1/BJ7sjp5ibHEtMZwGH8QOSgEVeks.roa
File: BJ7sjp5ibHEtMZwGH8QOSgEVeks.roa (raw, json)
Hash identifier: vdUAgWFb0/ninRNnqapYY+qZwNPE4UbocwPx101zVCg=
Subject key identifier: 04:9E:EC:8E:9E:62:6C:71:2D:31:9C:06:1F:C4:0E:4A:01:15:7A:4B
Certificate issuer: /CN=7e6e2e6966e06ab25ca0e1da66e1e3d64248b3a1
Certificate serial: 019547E6FF8EE0B7EB3200D3A7DD9092D417
Authority key identifier: 7E:6E:2E:69:66:E0:6A:B2:5C:A0:E1:DA:66:E1:E3:D6:42:48:B3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fm4uaWbgarJcoOHaZuHj1kJIs6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/a7538a-69be-4fbe-97e1-87d97e2aadc4/1/BJ7sjp5ibHEtMZwGH8QOSgEVeks.roa
Signing time: Thu 27 Feb 2025 14:54:35 +0000
ROA not before: Thu 27 Feb 2025 14:54:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212540
IP address blocks: 2a14:9b80::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:e6:ff:8e:e0:b7:eb:32:00:d3:a7:dd:90:92:d4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e6e2e6966e06ab25ca0e1da66e1e3d64248b3a1
Validity
Not Before: Feb 27 14:54:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=049eec8e9e626c712d319c061fc40e4a01157a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ce:f4:04:ea:9e:90:ce:8a:96:ad:a6:f7:31:
50:7b:b8:9c:1a:58:77:cf:37:b1:9a:ba:3b:0b:6f:
2c:b0:42:29:7e:6f:33:61:8a:d0:a7:66:70:13:3c:
57:a7:39:58:5b:3a:28:fa:a5:fd:19:90:4a:29:55:
d8:0e:ef:4a:88:f9:77:4b:ef:33:04:fe:f5:68:db:
71:20:ad:6a:3c:9a:e6:73:82:5c:02:4c:ac:25:ce:
fa:08:c7:a0:64:ad:2f:49:42:26:8d:81:6e:a4:4f:
73:9d:85:ab:3b:5d:54:35:10:b0:d1:fd:ff:00:fb:
24:d1:6a:85:c5:c4:ec:9a:d1:f6:cd:f9:1a:e4:9e:
7a:06:03:a2:19:1d:99:df:87:6c:76:3e:b4:46:fa:
8f:eb:38:c4:65:9c:ce:b4:e2:e7:5f:fd:8c:85:e7:
09:6d:20:c1:e7:74:50:77:26:7b:f3:5a:d0:30:8a:
d4:19:bf:13:f7:da:ee:36:e7:19:49:03:30:cd:35:
aa:18:6c:fe:30:63:04:f8:a4:5f:e3:06:27:e7:f4:
64:34:a1:b8:a6:93:68:5b:f9:82:a2:cb:89:2c:b8:
c7:93:60:a9:b0:38:ab:96:10:c2:4b:e4:c5:c9:7e:
b8:f7:d8:46:71:bb:86:28:ab:9e:2a:1d:0e:07:16:
e8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:9E:EC:8E:9E:62:6C:71:2D:31:9C:06:1F:C4:0E:4A:01:15:7A:4B
X509v3 Authority Key Identifier:
keyid:7E:6E:2E:69:66:E0:6A:B2:5C:A0:E1:DA:66:E1:E3:D6:42:48:B3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fm4uaWbgarJcoOHaZuHj1kJIs6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a7538a-69be-4fbe-97e1-87d97e2aadc4/1/BJ7sjp5ibHEtMZwGH8QOSgEVeks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a7538a-69be-4fbe-97e1-87d97e2aadc4/1/fm4uaWbgarJcoOHaZuHj1kJIs6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9b80::/32
Signature Algorithm: sha256WithRSAEncryption
77:b5:28:f7:46:ea:37:83:b5:c2:b0:f7:b8:09:20:13:89:5c:
45:1d:19:d9:a8:96:76:5a:03:7b:8d:0c:dd:6a:51:78:b9:08:
9e:f1:48:b4:10:dc:f2:1c:f7:99:d8:b7:7e:c0:04:e2:6b:08:
cf:2e:ba:1f:82:e2:ac:a5:bf:75:1b:98:41:9f:4b:23:25:51:
c1:71:6b:5f:83:8c:f9:d5:ef:3d:f8:dd:8d:3f:c7:e8:99:d5:
ad:01:d9:01:08:c2:ec:4d:bf:35:2f:e8:96:ec:ff:89:95:aa:
d0:bf:39:14:db:3e:ec:19:81:7d:93:9f:7b:64:98:9a:f1:be:
64:62:0b:52:0f:93:31:7f:3e:c4:85:dd:e8:70:43:9f:a7:09:
16:85:ac:09:8f:4c:2b:1a:22:ec:01:f4:78:4c:7c:75:5e:a9:
8d:2f:36:0d:44:0a:a5:4c:27:5f:4a:44:53:20:f0:72:29:e4:
02:12:45:ae:a5:40:5e:62:66:9f:ae:c3:c0:22:32:ca:c8:fa:
3e:f5:16:18:bf:c5:6c:29:9b:be:b9:46:e4:f7:76:8a:2e:54:
90:2f:95:b4:97:9d:c9:dd:6c:74:bc:6a:ef:41:d0:5a:2c:a1:
50:23:2c:8c:81:34:87:6f:92:8e:cb:ca:da:d6:3f:6c:e3:ef:
18:69:29:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVH5v+O4LfrMgDTp92QktQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNmUyZTY5NjZlMDZhYjI1Y2EwZTFkYTY2ZTFlM2Q2NDI0
OGIzYTEwHhcNMjUwMjI3MTQ1NDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDllZWM4ZTllNjI2YzcxMmQzMTljMDYxZmM0MGU0YTAxMTU3YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7s70BOqekM6Klq2m9zFQe7icGlh3
zzexmro7C28ssEIpfm8zYYrQp2ZwEzxXpzlYWzoo+qX9GZBKKVXYDu9KiPl3S+8z
BP71aNtxIK1qPJrmc4JcAkysJc76CMegZK0vSUImjYFupE9znYWrO11UNRCw0f3/
APsk0WqFxcTsmtH2zfka5J56BgOiGR2Z34dsdj60RvqP6zjEZZzOtOLnX/2MhecJ
bSDB53RQdyZ781rQMIrUGb8T99ruNucZSQMwzTWqGGz+MGME+KRf4wYn5/RkNKG4
ppNoW/mCosuJLLjHk2CpsDirlhDCS+TFyX6499hGcbuGKKueKh0OBxbolwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFASe7I6eYmxxLTGcBh/EDkoBFXpLMB8GA1UdIwQY
MBaAFH5uLmlm4GqyXKDh2mbh49ZCSLOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZm00dWFXYmdhckpjb09IYVp1SGoxa0pJczZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hNzUzOGEtNjliZS00ZmJlLTk3ZTEt
ODdkOTdlMmFhZGM0LzEvQko3c2pwNWliSEV0TVp3R0g4UU9TZ0VWZWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hNzUzOGEtNjliZS00ZmJlLTk3ZTEtODdkOTdlMmFhZGM0
LzEvZm00dWFXYmdhckpjb09IYVp1SGoxa0pJczZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhSbgDAN
BgkqhkiG9w0BAQsFAAOCAQEAd7Uo90bqN4O1wrD3uAkgE4lcRR0Z2aiWdloDe40M
3WpReLkInvFItBDc8hz3mdi3fsAE4msIzy66H4LirKW/dRuYQZ9LIyVRwXFrX4OM
+dXvPfjdjT/H6JnVrQHZAQjC7E2/NS/oluz/iZWq0L85FNs+7BmBfZOfe2SYmvG+
ZGILUg+TMX8+xIXd6HBDn6cJFoWsCY9MKxoi7AH0eEx8dV6pjS82DUQKpUwnX0pE
UyDwcinkAhJFrqVAXmJmn67DwCIyysj6PvUWGL/FbCmbvrlG5Pd2ii5UkC+VtJed
yd1sdLxq70HQWiyhUCMsjIE0h2+SjsvK2tY/bOPvGGkpaw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:49 2025 by rpki-client on console.sobornost.net