Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/tdwLtG60iPmJgEQF5Td2EAp-Xm0.roa
File: tdwLtG60iPmJgEQF5Td2EAp-Xm0.roa (raw, json)
Hash identifier: 3l+DJLt0k/HdQmfOP5qpesY/sXqCDEwC80Gd6IA2SJA=
Subject key identifier: B5:DC:0B:B4:6E:B4:88:F9:89:80:44:05:E5:37:76:10:0A:7E:5E:6D
Certificate issuer: /CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Certificate serial: 01878EF5BA996B88FB406A44C5D8394DC79C
Authority key identifier: B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/tdwLtG60iPmJgEQF5Td2EAp-Xm0.roa
Signing time: Mon 17 Apr 2023 11:24:41 +0000
ROA not before: Mon 17 Apr 2023 11:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63796
IP address blocks: 2a12:f8c1:2::/48 maxlen: 48
2a12:f8c3:4000::/36 maxlen: 36
2a12:f8c1:3::/48 maxlen: 48
2a12:f8c1:1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:f5:ba:99:6b:88:fb:40:6a:44:c5:d8:39:4d:c7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07ab922565e2b3e2cc63d485a55dd4fc41d357e
Validity
Not Before: Apr 17 11:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5dc0bb46eb488f989804405e53776100a7e5e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b4:a8:c6:8c:b9:a8:c8:7a:5c:22:61:2e:da:
99:65:25:ea:90:7d:0d:9a:f4:54:fc:fc:b9:71:df:
ea:ff:0d:4c:17:14:3c:c6:67:d7:18:33:43:37:26:
d3:7b:76:6e:94:a2:da:7a:cf:37:5c:70:b9:a9:3d:
19:34:42:3f:73:09:9e:b2:b4:71:88:6f:3d:af:3d:
ad:a4:e3:dd:46:eb:28:b4:67:fa:31:cb:45:81:20:
d2:bc:3f:84:18:c0:1a:eb:ce:04:34:0c:c7:bf:68:
b3:86:fe:a1:58:75:38:5d:44:4d:aa:9c:ce:b0:8e:
1b:f6:b9:00:a4:62:86:6d:f6:f8:17:64:ef:a3:a7:
44:ff:3a:60:d4:7d:40:c1:a1:7f:c6:29:de:8e:ce:
d3:5c:5d:66:96:6d:20:e2:ac:53:6a:17:ab:00:7c:
e1:ac:bf:e2:27:d0:96:a8:69:fd:6c:87:97:17:82:
f3:01:c7:31:16:fe:58:97:ed:18:31:7f:7a:32:fd:
ab:b3:b5:9b:b4:a2:4c:76:b6:a0:2f:87:17:b8:fb:
d2:6b:71:f4:41:fc:32:cf:5a:e2:d5:16:75:1e:61:
0f:54:d8:b3:83:e7:29:f5:d6:a7:10:63:2a:61:20:
98:ee:5d:02:ad:f0:c8:53:b2:ac:ea:08:5d:2c:16:
d7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DC:0B:B4:6E:B4:88:F9:89:80:44:05:E5:37:76:10:0A:7E:5E:6D
X509v3 Authority Key Identifier:
keyid:B0:7A:B9:22:56:5E:2B:3E:2C:C6:3D:48:5A:55:DD:4F:C4:1D:35:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHq5IlZeKz4sxj1IWlXdT8QdNX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/tdwLtG60iPmJgEQF5Td2EAp-Xm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6d59d9-9daf-4fcb-8d05-13bcc752119a/1/sHq5IlZeKz4sxj1IWlXdT8QdNX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:1::-2a12:f8c1:3:ffff:ffff:ffff:ffff:ffff
2a12:f8c3:4000::/36
Signature Algorithm: sha256WithRSAEncryption
0f:4c:35:83:b6:25:32:ba:8f:20:d4:34:ed:46:3e:72:84:80:
ae:1d:ac:2f:7c:43:af:47:49:6e:47:79:77:3c:44:fe:1d:9e:
10:53:ca:86:49:5e:e8:c2:1b:de:89:0a:88:30:7e:a6:fd:94:
11:b7:f7:5d:d7:ed:6d:c4:84:81:c2:7d:97:95:86:9d:0e:2d:
f5:e1:ca:5e:7f:23:54:30:cb:b5:5e:c7:7d:a7:dd:9b:3a:18:
91:45:95:a2:a4:05:38:4c:aa:75:02:01:ee:a2:c0:c1:15:28:
d9:de:96:8e:7e:fb:73:cb:9e:78:e0:6d:45:d0:17:ce:b5:31:
1f:6f:8c:18:59:76:34:bb:fa:01:db:ee:52:8f:95:ce:08:71:
ca:81:1f:b5:c9:9a:4d:94:0f:95:fb:e2:45:b8:0f:fd:7a:d1:
07:eb:05:19:bc:db:ad:7b:05:10:2e:0a:10:12:25:53:13:bb:
60:46:92:a9:7a:61:1d:56:bd:cd:2a:51:37:05:da:ed:cf:07:
55:2a:e9:79:ab:c2:48:7d:a5:5d:12:71:15:e9:af:d5:d6:81:
3f:b3:13:4e:79:19:ba:3a:9b:9a:f3:2f:e6:55:96:bc:78:41:
30:6d:8a:ec:39:16:46:62:be:52:f4:43:9a:c1:e4:92:46:e7:
f6:61:de:74
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYeO9bqZa4j7QGpExdg5TcecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2FiOTIyNTY1ZTJiM2UyY2M2M2Q0ODVhNTVkZDRmYzQx
ZDM1N2UwHhcNMjMwNDE3MTEyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRjMGJiNDZlYjQ4OGY5ODk4MDQ0MDVlNTM3NzYxMDBhN2U1ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrSoxoy5qMh6XCJhLtqZZSXqkH0N
mvRU/Py5cd/q/w1MFxQ8xmfXGDNDNybTe3ZulKLaes83XHC5qT0ZNEI/cwmesrRx
iG89rz2tpOPdRusotGf6MctFgSDSvD+EGMAa684ENAzHv2izhv6hWHU4XURNqpzO
sI4b9rkApGKGbfb4F2Tvo6dE/zpg1H1AwaF/xinejs7TXF1mlm0g4qxTaherAHzh
rL/iJ9CWqGn9bIeXF4LzAccxFv5Yl+0YMX96Mv2rs7WbtKJMdragL4cXuPvSa3H0
Qfwyz1ri1RZ1HmEPVNizg+cp9danEGMqYSCY7l0CrfDIU7Ks6ghdLBbX/QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLXcC7RutIj5iYBEBeU3dhAKfl5tMB8GA1UdIwQY
MBaAFLB6uSJWXis+LMY9SFpV3U/EHTV+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUt
MTNiY2M3NTIxMTlhLzEvdGR3THRHNjBpUG1KZ0VRRjVUZDJFQXAtWG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82ZDU5ZDktOWRhZi00ZmNiLThkMDUtMTNiY2M3NTIxMTlh
LzEvc0hxNUlsWmVLejRzeGoxSVdsWGRUOFFkTlg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcMBIDBwAqEvjB
AAEDBwIqEvjBAAADBgQqEvjDQDANBgkqhkiG9w0BAQsFAAOCAQEAD0w1g7YlMrqP
INQ07UY+coSArh2sL3xDr0dJbkd5dzxE/h2eEFPKhkle6MIb3okKiDB+pv2UEbf3
XdftbcSEgcJ9l5WGnQ4t9eHKXn8jVDDLtV7HfafdmzoYkUWVoqQFOEyqdQIB7qLA
wRUo2d6Wjn77c8ueeOBtRdAXzrUxH2+MGFl2NLv6AdvuUo+VzghxyoEftcmaTZQP
lfviRbgP/XrRB+sFGbzbrXsFEC4KEBIlUxO7YEaSqXphHVa9zSpRNwXa7c8HVSrp
eavCSH2lXRJxFemv1daBP7MTTnkZujqbmvMv5lWWvHhBMG2K7DkWRmK+UvRDmsHk
kkbn9mHedA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:48 2025 by rpki-client