Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/90b9d6-a6ad-44a6-91a2-281eee31b747/1/bhq2oKJsXiAPmHmxil5SZXJs2hk.roa
File: bhq2oKJsXiAPmHmxil5SZXJs2hk.roa (raw, json)
Hash identifier: y1Ce6WtfvZHZo4j+/NRj6oK2WGjHyCLTganiUlBZ6fg=
Subject key identifier: 6E:1A:B6:A0:A2:6C:5E:20:0F:98:79:B1:8A:5E:52:65:72:6C:DA:19
Certificate issuer: /CN=67b62dbaecd359a4a2a8912cf2e6693b2f48c9ef
Certificate serial: 0194258F44F5B538D7CAE587B2F8F8F05089
Authority key identifier: 67:B6:2D:BA:EC:D3:59:A4:A2:A8:91:2C:F2:E6:69:3B:2F:48:C9:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7YtuuzTWaSiqJEs8uZpOy9Iye8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/90b9d6-a6ad-44a6-91a2-281eee31b747/1/bhq2oKJsXiAPmHmxil5SZXJs2hk.roa
Signing time: Thu 02 Jan 2025 05:48:53 +0000
ROA not before: Thu 02 Jan 2025 05:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196904
IP address blocks: 2a03:dc40:ffdf::/48 maxlen: 48
2a03:dc40:ffff::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:44:f5:b5:38:d7:ca:e5:87:b2:f8:f8:f0:50:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b62dbaecd359a4a2a8912cf2e6693b2f48c9ef
Validity
Not Before: Jan 2 05:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e1ab6a0a26c5e200f9879b18a5e5265726cda19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:81:88:83:fa:7a:83:f3:c0:9d:9e:70:8e:
51:d5:ef:1b:d4:c4:b3:08:b5:47:2d:e6:12:0c:51:
00:20:f6:c3:de:9e:c2:a8:5d:22:fd:f6:4a:4f:2a:
66:c7:ce:d2:d3:c5:4d:3f:57:cb:30:f7:11:55:e7:
39:88:57:1c:e1:26:fb:e5:36:9f:bf:e2:de:59:fa:
11:b7:44:7f:ec:bc:38:57:89:3e:e5:7c:36:61:f7:
5e:52:4c:a7:de:9e:84:bb:8f:0d:e0:3b:bc:5c:b2:
53:23:42:24:be:0f:82:47:13:3b:98:d2:8a:29:e6:
d5:6f:50:55:33:b2:07:99:08:10:d5:6f:8b:9e:95:
bc:eb:90:f0:9f:36:ab:11:23:4c:d2:d0:fc:fe:97:
4a:10:49:4d:9b:75:cb:7a:46:06:d3:62:d2:65:5a:
dd:63:0d:16:a1:a3:03:91:4e:50:48:b8:55:0d:63:
88:a5:6a:52:05:a5:6a:d5:21:fa:6d:cc:c9:a7:68:
f4:67:2e:26:82:7d:6d:ee:36:4b:d9:b2:23:e5:b0:
7b:87:a1:ef:0a:4b:5d:36:69:28:88:2c:07:36:9c:
11:1a:93:e4:f8:35:ae:6c:a0:b8:91:12:ed:07:3b:
81:fe:eb:5e:39:19:d7:b9:01:cf:ee:37:d9:4b:09:
0d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1A:B6:A0:A2:6C:5E:20:0F:98:79:B1:8A:5E:52:65:72:6C:DA:19
X509v3 Authority Key Identifier:
keyid:67:B6:2D:BA:EC:D3:59:A4:A2:A8:91:2C:F2:E6:69:3B:2F:48:C9:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7YtuuzTWaSiqJEs8uZpOy9Iye8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/90b9d6-a6ad-44a6-91a2-281eee31b747/1/bhq2oKJsXiAPmHmxil5SZXJs2hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/90b9d6-a6ad-44a6-91a2-281eee31b747/1/Z7YtuuzTWaSiqJEs8uZpOy9Iye8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:dc40:ffdf::/48
2a03:dc40:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
93:f2:b2:64:81:17:94:26:f8:e5:bb:44:d2:f9:c1:a7:1c:70:
f5:ea:93:9a:fd:51:ef:54:76:ef:51:a1:1b:4d:a6:44:5b:d4:
31:ff:5b:5f:3b:38:71:e8:75:fe:1a:43:f0:75:66:8b:59:73:
01:56:ad:34:78:27:a2:d6:a7:f9:17:3b:2c:21:61:f2:c7:31:
e3:2d:55:21:74:69:a6:bd:59:e9:77:cd:4b:6d:5f:43:39:32:
a6:5e:8e:e4:3a:4d:4a:76:c4:10:60:bd:e9:c8:69:e5:c4:e8:
82:41:b7:3a:2c:24:a8:9d:8c:61:75:74:8a:bd:5b:f5:72:5e:
12:12:f1:b7:27:3b:a8:5b:4e:bb:1b:f1:ea:78:37:c8:0b:59:
8c:96:1c:a9:f4:8f:7a:09:b1:6b:8c:56:0d:d5:33:41:f7:56:
ca:44:4c:8f:9d:58:6c:d7:43:fd:82:2f:c1:8f:5b:72:49:a4:
ea:f6:47:87:a6:f8:70:1b:ac:8d:5b:1a:b3:4e:e5:dc:70:8b:
4d:4d:2b:08:c3:30:b8:ed:2c:93:f0:e1:66:ea:07:f0:ad:19:
62:9d:6c:e3:99:0b:a5:50:99:72:9d:1e:61:58:6e:2a:f6:e9:
3f:c0:4e:22:cd:0a:df:0b:bf:8e:36:9d:e5:c5:1c:28:8e:37:
e2:0b:da:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj0T1tTjXyuWHsvj48FCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjYyZGJhZWNkMzU5YTRhMmE4OTEyY2YyZTY2OTNiMmY0
OGM5ZWYwHhcNMjUwMTAyMDU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFhYjZhMGEyNmM1ZTIwMGY5ODc5YjE4YTVlNTI2NTcyNmNkYTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveKBiIP6eoPzwJ2ecI5R1e8b1MSz
CLVHLeYSDFEAIPbD3p7CqF0i/fZKTypmx87S08VNP1fLMPcRVec5iFcc4Sb75Taf
v+LeWfoRt0R/7Lw4V4k+5Xw2YfdeUkyn3p6Eu48N4Du8XLJTI0Ikvg+CRxM7mNKK
KebVb1BVM7IHmQgQ1W+LnpW865DwnzarESNM0tD8/pdKEElNm3XLekYG02LSZVrd
Yw0WoaMDkU5QSLhVDWOIpWpSBaVq1SH6bczJp2j0Zy4mgn1t7jZL2bIj5bB7h6Hv
CktdNmkoiCwHNpwRGpPk+DWubKC4kRLtBzuB/uteORnXuQHP7jfZSwkN9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG4atqCibF4gD5h5sYpeUmVybNoZMB8GA1UdIwQY
MBaAFGe2Lbrs01mkoqiRLPLmaTsvSMnvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdZdHV1elRXYVNpcUpFczh1WnBPeTlJeWU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85MGI5ZDYtYTZhZC00NGE2LTkxYTIt
MjgxZWVlMzFiNzQ3LzEvYmhxMm9LSnNYaUFQbUhteGlsNVNaWEpzMmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85MGI5ZDYtYTZhZC00NGE2LTkxYTItMjgxZWVlMzFiNzQ3
LzEvWjdZdHV1elRXYVNpcUpFczh1WnBPeTlJeWU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgPcQP/f
AwcAKgPcQP//MA0GCSqGSIb3DQEBCwUAA4IBAQCT8rJkgReUJvjlu0TS+cGnHHD1
6pOa/VHvVHbvUaEbTaZEW9Qx/1tfOzhx6HX+GkPwdWaLWXMBVq00eCei1qf5Fzss
IWHyxzHjLVUhdGmmvVnpd81LbV9DOTKmXo7kOk1KdsQQYL3pyGnlxOiCQbc6LCSo
nYxhdXSKvVv1cl4SEvG3JzuoW067G/HqeDfIC1mMlhyp9I96CbFrjFYN1TNB91bK
REyPnVhs10P9gi/Bj1tySaTq9keHpvhwG6yNWxqzTuXccItNTSsIwzC47SyT8OFm
6gfwrRlinWzjmQulUJlynR5hWG4q9uk/wE4izQrfC7+ONp3lxRwojjfiC9ok
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:42 2025 by rpki-client on console.sobornost.net