Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/oBfIX-UPea3NkS-3Llowx_SLLx0.roa
File: oBfIX-UPea3NkS-3Llowx_SLLx0.roa (raw, json)
Hash identifier: 5Sv2oOS9V3EMfZuLdrD7m+/1XLVe/0xfnbCgY3aI/uU=
Subject key identifier: A0:17:C8:5F:E5:0F:79:AD:CD:91:2F:B7:2E:5A:30:C7:F4:8B:2F:1D
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01877F120A8EC7BB918FAF21BA418EE28256
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/oBfIX-UPea3NkS-3Llowx_SLLx0.roa
Signing time: Fri 14 Apr 2023 09:21:41 +0000
ROA not before: Fri 14 Apr 2023 09:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198924
IP address blocks: 2a12:f8c3:3000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:12:0a:8e:c7:bb:91:8f:af:21:ba:41:8e:e2:82:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Apr 14 09:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a017c85fe50f79adcd912fb72e5a30c7f48b2f1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ad:58:8e:3b:64:35:a8:71:96:e3:fe:92:9f:
63:98:eb:56:19:ad:a0:f8:87:52:e3:b7:8e:fc:7b:
04:83:3e:69:f3:58:70:62:6d:8e:3a:84:af:f2:62:
d2:5d:99:8a:b8:9a:98:3a:96:ce:3b:f1:27:c4:6f:
23:47:af:fa:ae:af:1f:a1:a2:db:9a:c4:af:04:23:
14:bc:7f:4d:13:5b:c0:a4:55:d8:ba:70:3e:c6:ee:
97:89:11:a9:ae:ec:71:61:dc:42:31:d3:8c:b0:d9:
22:6e:3b:6d:61:3d:69:6f:f7:67:f8:4b:f7:19:17:
7e:d7:3a:5f:1b:ed:1b:91:e9:d8:75:e7:bf:e4:c7:
9d:83:3d:d5:9a:c3:c9:2e:6f:53:a3:53:ae:25:55:
f5:a8:6a:62:6b:37:98:6b:b3:53:20:0e:d8:46:d3:
35:8a:1e:33:dc:8a:1f:13:4c:2e:47:51:62:dd:c1:
8e:ab:fa:77:37:1f:79:b2:1f:7a:53:59:b1:f4:a4:
bd:b3:3b:ab:25:d7:9c:a2:d2:fd:24:ab:e6:00:f9:
3a:d4:4a:8b:4a:14:60:a9:8c:4b:a1:fd:80:7b:4c:
9c:3a:71:c3:34:46:e1:97:06:6b:17:7f:87:af:e2:
0c:77:cd:b4:64:63:a7:bd:86:41:5a:60:3b:5b:b1:
d2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:17:C8:5F:E5:0F:79:AD:CD:91:2F:B7:2E:5A:30:C7:F4:8B:2F:1D
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/oBfIX-UPea3NkS-3Llowx_SLLx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c3:3000::/36
Signature Algorithm: sha256WithRSAEncryption
3d:a7:77:33:5c:6e:41:8d:44:6b:ee:cd:42:71:fa:36:27:c6:
46:f4:81:89:f5:b4:52:5e:7d:d3:1c:7f:1b:6a:fc:78:00:75:
3b:31:e0:a4:77:02:68:8e:d7:42:c7:9b:d1:7d:c6:2b:7d:79:
2d:c0:b8:8c:f0:1e:2c:18:2e:63:5a:6b:74:d4:72:4c:c2:3a:
88:0d:2e:54:c6:f1:c0:18:61:63:d4:b4:8a:15:fd:03:99:ba:
40:fb:80:b9:b2:c6:c3:f2:45:f7:56:4e:ae:89:59:ca:b7:31:
d0:4b:bd:7e:6f:e1:f0:95:9b:75:94:a5:2c:e4:cc:a3:b8:2d:
94:b6:b8:53:87:9b:36:af:49:3d:26:c6:86:0f:64:58:76:8a:
46:f9:fd:15:de:cb:fd:b2:99:94:64:36:84:aa:18:5f:30:0e:
95:93:46:5c:05:65:db:03:5f:41:3a:d2:89:75:bd:41:14:2f:
88:7e:fe:e7:5e:63:96:e5:b3:5c:ec:6d:c4:ac:07:c8:d5:e0:
34:d6:83:ca:27:5b:8f:e0:0e:28:00:1d:a8:4f:ab:3f:9a:ee:
0b:58:a8:89:04:7c:8a:98:9f:d8:32:19:3d:f9:bc:fb:2c:88:
43:86:48:07:ca:5b:ca:98:a5:79:f8:c0:b6:cd:e7:e8:b9:b2:
b2:60:a7:7c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYd/EgqOx7uRj68hukGO4oJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNDE0MDkyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDE3Yzg1ZmU1MGY3OWFkY2Q5MTJmYjcyZTVhMzBjN2Y0OGIyZjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa1YjjtkNahxluP+kp9jmOtWGa2g
+IdS47eO/HsEgz5p81hwYm2OOoSv8mLSXZmKuJqYOpbOO/EnxG8jR6/6rq8foaLb
msSvBCMUvH9NE1vApFXYunA+xu6XiRGpruxxYdxCMdOMsNkibjttYT1pb/dn+Ev3
GRd+1zpfG+0bkenYdee/5Medgz3VmsPJLm9To1OuJVX1qGpiazeYa7NTIA7YRtM1
ih4z3IofE0wuR1Fi3cGOq/p3Nx95sh96U1mx9KS9szurJdecotL9JKvmAPk61EqL
ShRgqYxLof2Ae0ycOnHDNEbhlwZrF3+Hr+IMd820ZGOnvYZBWmA7W7HS2QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKAXyF/lD3mtzZEvty5aMMf0iy8dMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvb0JmSVgtVVBlYTNOa1MtM0xsb3d4X1NMTHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhL4wzAw
DQYJKoZIhvcNAQELBQADggEBAD2ndzNcbkGNRGvuzUJx+jYnxkb0gYn1tFJefdMc
fxtq/HgAdTsx4KR3AmiO10LHm9F9xit9eS3AuIzwHiwYLmNaa3TUckzCOogNLlTG
8cAYYWPUtIoV/QOZukD7gLmyxsPyRfdWTq6JWcq3MdBLvX5v4fCVm3WUpSzkzKO4
LZS2uFOHmzavST0mxoYPZFh2ikb5/RXey/2ymZRkNoSqGF8wDpWTRlwFZdsDX0E6
0ol1vUEUL4h+/udeY5bls1zsbcSsB8jV4DTWg8onW4/gDigAHahPqz+a7gtYqIkE
fIqYn9gyGT35vPssiEOGSAfKW8qYpXn4wLbN5+i5srJgp3w=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:24:53 2025 by rpki-client