Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/rZfBI75kuDIF2aIxsEx1hcY2lXs.roa
File: rZfBI75kuDIF2aIxsEx1hcY2lXs.roa (raw, json)
Hash identifier: PLQiXwMX44ivIOaOW7tJo/dlFTfIke5qTZbaMzs3iec=
Subject key identifier: AD:97:C1:23:BE:64:B8:32:05:D9:A2:31:B0:4C:75:85:C6:36:95:7B
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 0194274847AB92DD9B9C6874868893747D2B
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/rZfBI75kuDIF2aIxsEx1hcY2lXs.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208626
IP address blocks: 2a12:1547::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:47:ab:92:dd:9b:9c:68:74:86:88:93:74:7d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad97c123be64b83205d9a231b04c7585c636957b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:05:c9:3d:2c:92:d9:67:31:0f:82:9c:fa:5e:
d0:c3:15:2d:66:0c:c4:c6:57:75:2d:85:46:ca:b0:
38:36:90:28:f3:88:d9:57:70:2f:c8:4f:85:00:c2:
47:65:12:b2:86:9a:d4:1a:34:ec:78:98:e9:e9:da:
34:97:87:d1:1b:ad:0c:8c:ea:d5:2e:ed:2e:3e:a1:
c8:89:18:6c:6b:43:3e:b4:5f:87:6f:4d:e6:d5:bb:
06:d1:17:9e:b0:96:74:1c:91:84:fd:57:50:5a:ed:
9a:d9:bf:d4:7b:a8:72:64:7e:5f:8e:ff:fd:9a:43:
63:2d:e2:f5:d6:3b:65:77:76:e1:48:ed:ab:62:88:
db:a9:ec:86:c8:2a:71:82:9f:c0:05:5b:5a:47:2b:
e3:8c:b4:8d:54:a1:70:93:71:6b:f7:89:6e:c2:bf:
7b:cc:b2:11:58:8e:6c:b4:7a:34:35:52:40:44:46:
ec:a3:5d:1f:e0:e0:d3:0a:9d:b5:ca:61:19:82:37:
26:0a:12:33:01:0f:2a:14:9b:c5:db:9e:6f:75:a0:
99:57:9c:37:a1:b7:b2:ca:75:e5:8f:05:09:ba:86:
78:a3:1e:23:02:ad:43:b0:6d:35:c1:a3:0c:91:28:
b3:cc:aa:97:45:76:72:ff:59:2b:5a:8a:01:b6:61:
b1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:97:C1:23:BE:64:B8:32:05:D9:A2:31:B0:4C:75:85:C6:36:95:7B
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/rZfBI75kuDIF2aIxsEx1hcY2lXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:1547::/32
Signature Algorithm: sha256WithRSAEncryption
ac:d4:36:a0:c8:a6:9a:99:e7:21:eb:c4:2c:b8:7b:1c:72:3d:
5b:d5:c9:a1:18:8f:73:fc:6f:40:4f:3e:53:16:a9:cd:ed:8d:
b3:a9:23:a4:bd:c9:0f:4c:6e:e2:97:23:2d:d3:42:b1:39:50:
24:0a:0c:da:24:44:11:a0:5a:ec:53:26:b5:4c:c9:ba:4a:7c:
2c:2f:95:a6:98:1d:fa:5f:5a:ac:82:c6:b1:3e:cf:a3:97:c8:
d1:3e:e5:38:66:66:a1:ee:e6:2e:8e:ab:69:9a:41:ce:76:ea:
46:1a:6c:98:54:77:fe:bd:e0:1d:31:76:57:92:5f:04:fa:71:
3b:21:67:fb:fc:52:a9:d8:77:62:7d:eb:bd:32:6c:d8:cc:51:
55:08:60:dc:6b:70:0b:5d:48:4e:8f:ef:c6:7d:e7:0d:39:28:
16:96:77:02:c4:de:8f:2d:7d:6e:20:8d:0a:0a:92:d1:1d:29:
fd:a2:e6:03:b5:d7:98:39:e5:7e:be:95:ff:9f:68:24:23:70:
62:f4:85:81:b5:c9:c3:fa:6f:45:1c:4d:ed:2c:0d:42:8d:e3:
2f:9e:26:1d:5a:47:68:d3:cc:46:b5:6e:96:81:73:71:8f:49:
e1:e0:05:c6:73:e6:fe:3e:47:5e:70:01:5e:d4:ff:84:fb:50:
20:1d:9d:b4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSEerkt2bnGh0hoiTdH0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk3YzEyM2JlNjRiODMyMDVkOWEyMzFiMDRjNzU4NWM2MzY5NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwXJPSyS2WcxD4Kc+l7QwxUtZgzE
xld1LYVGyrA4NpAo84jZV3AvyE+FAMJHZRKyhprUGjTseJjp6do0l4fRG60MjOrV
Lu0uPqHIiRhsa0M+tF+Hb03m1bsG0ReesJZ0HJGE/VdQWu2a2b/Ue6hyZH5fjv/9
mkNjLeL11jtld3bhSO2rYojbqeyGyCpxgp/ABVtaRyvjjLSNVKFwk3Fr94luwr97
zLIRWI5stHo0NVJAREbso10f4ODTCp21ymEZgjcmChIzAQ8qFJvF255vdaCZV5w3
obeyynXljwUJuoZ4ox4jAq1DsG01waMMkSizzKqXRXZy/1krWooBtmGxcQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK2XwSO+ZLgyBdmiMbBMdYXGNpV7MB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvclpmQkk3NWt1RElGMmFJeHNFeDFoY1kybFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhIVRzAN
BgkqhkiG9w0BAQsFAAOCAQEArNQ2oMimmpnnIevELLh7HHI9W9XJoRiPc/xvQE8+
Uxapze2Ns6kjpL3JD0xu4pcjLdNCsTlQJAoM2iREEaBa7FMmtUzJukp8LC+Vppgd
+l9arILGsT7Po5fI0T7lOGZmoe7mLo6raZpBznbqRhpsmFR3/r3gHTF2V5JfBPpx
OyFn+/xSqdh3Yn3rvTJs2MxRVQhg3GtwC11ITo/vxn3nDTkoFpZ3AsTejy19biCN
CgqS0R0p/aLmA7XXmDnlfr6V/59oJCNwYvSFgbXJw/pvRRxN7SwNQo3jL54mHVpH
aNPMRrVuloFzcY9J4eAFxnPm/j5HXnABXtT/hPtQIB2dtA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:32:48 2025 by rpki-client