Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/IzPpbUTZggcdV2sSHi2o08YUXIM.roa
File: IzPpbUTZggcdV2sSHi2o08YUXIM.roa (raw, json)
Hash identifier: OAQwzYHPi8Nf4ztMDwsFVvXfRZhEYHO333td+IigeHI=
Subject key identifier: 23:33:E9:6D:44:D9:82:07:1D:57:6B:12:1E:2D:A8:D3:C6:14:5C:83
Certificate issuer: /CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Certificate serial: 01970DFBCBD76A6BF92EB3DAD0A9599EC3A8
Authority key identifier: 26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/IzPpbUTZggcdV2sSHi2o08YUXIM.roa
Signing time: Mon 26 May 2025 19:04:54 +0000
ROA not before: Mon 26 May 2025 19:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a12:39c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:fb:cb:d7:6a:6b:f9:2e:b3:da:d0:a9:59:9e:c3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=260b2bc45477c81d774daa0c28ab44b774ba0920
Validity
Not Before: May 26 19:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2333e96d44d982071d576b121e2da8d3c6145c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:16:8e:e7:36:cd:ce:ac:d4:75:f2:99:c1:c7:
4c:aa:37:e0:46:68:bd:91:7a:e9:db:ae:ba:97:33:
34:6c:9b:5b:95:c1:ac:01:e8:2b:c6:cb:8b:77:77:
eb:98:52:10:b1:be:af:4a:e8:59:e6:47:72:82:cb:
d7:62:1c:0f:7c:dd:a6:dd:39:9d:6c:b0:dd:da:75:
f9:42:c7:67:cc:97:20:31:a5:a3:d6:3b:52:02:bb:
74:53:16:a7:ba:cb:73:d8:e9:85:c3:63:74:e5:de:
12:db:da:4f:1f:1a:59:cc:d9:bd:2f:fa:0e:15:8c:
7d:e2:84:8d:33:01:16:4d:4d:f7:b5:64:59:e8:ba:
8a:5e:79:06:10:8f:f7:94:c9:aa:8c:e2:d6:08:c7:
c8:35:f1:7f:eb:25:6b:15:78:71:ed:b5:b5:32:69:
99:bd:2a:58:20:e3:7f:6b:34:91:26:53:06:5c:f6:
68:8c:bc:3f:12:d8:62:b9:84:fb:8a:ca:a6:f4:70:
b3:22:6c:0c:98:33:e9:bf:8b:05:f3:e8:72:9d:5d:
77:de:a7:91:f1:22:bb:89:bc:1d:6e:9b:a6:62:28:
5a:00:b0:af:bf:6d:3a:9d:ae:ca:4a:27:d5:57:a9:
01:78:e9:84:d4:c4:0d:18:b5:28:2d:e6:25:3c:1a:
70:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:33:E9:6D:44:D9:82:07:1D:57:6B:12:1E:2D:A8:D3:C6:14:5C:83
X509v3 Authority Key Identifier:
keyid:26:0B:2B:C4:54:77:C8:1D:77:4D:AA:0C:28:AB:44:B7:74:BA:09:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JgsrxFR3yB13TaoMKKtEt3S6CSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/IzPpbUTZggcdV2sSHi2o08YUXIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7b1205-3450-4e90-8b14-17e66c1fd3d1/1/JgsrxFR3yB13TaoMKKtEt3S6CSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:39c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:7c:9c:e1:9c:a3:84:6c:5d:3d:ad:0a:12:6c:f4:c1:d3:24:
10:07:51:ac:a6:24:a1:86:7d:d8:ef:da:f1:ab:ad:11:e4:c5:
2c:2a:63:6d:ea:2c:1b:4b:93:4e:e4:c5:28:15:81:9b:e5:aa:
88:35:be:77:be:71:de:5d:84:ba:5c:b8:d4:fc:5c:47:46:e0:
44:94:09:e4:3c:d5:b7:5c:3e:44:b6:65:2a:b9:2c:d3:e0:f0:
31:fc:f7:f8:1f:33:84:a4:94:c7:ff:f8:61:dd:26:ce:40:15:
cf:85:6a:cc:35:22:25:57:85:e6:5a:46:3a:ab:1e:5c:1f:36:
e4:56:48:4c:e2:c3:69:d3:01:cd:a6:c1:a0:3b:4a:22:3f:37:
05:27:36:36:73:15:b8:af:1d:33:ec:a7:01:53:e7:a6:18:a2:
2f:95:79:82:aa:ac:7f:6d:f3:a4:78:5c:ac:22:61:80:05:ca:
8d:3a:5e:d6:91:ba:66:3b:db:aa:20:c0:64:d1:aa:47:87:86:
ec:a9:42:4c:57:1c:f4:9d:3e:fe:72:0c:12:0e:6e:78:f4:05:
75:1c:58:23:36:0b:5c:b0:1e:62:84:6d:bb:b4:fd:fe:5f:a8:
c1:c0:eb:5a:bf:3b:e6:68:53:a4:2a:83:f6:03:32:d6:ac:4e:
68:d9:d2:ed
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZcN+8vXamv5LrPa0KlZnsOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MGIyYmM0NTQ3N2M4MWQ3NzRkYWEwYzI4YWI0NGI3NzRi
YTA5MjAwHhcNMjUwNTI2MTkwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMzZTk2ZDQ0ZDk4MjA3MWQ1NzZiMTIxZTJkYThkM2M2MTQ1YzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BaO5zbNzqzUdfKZwcdMqjfgRmi9
kXrp2666lzM0bJtblcGsAegrxsuLd3frmFIQsb6vSuhZ5kdygsvXYhwPfN2m3Tmd
bLDd2nX5QsdnzJcgMaWj1jtSArt0Uxanustz2OmFw2N05d4S29pPHxpZzNm9L/oO
FYx94oSNMwEWTU33tWRZ6LqKXnkGEI/3lMmqjOLWCMfINfF/6yVrFXhx7bW1MmmZ
vSpYION/azSRJlMGXPZojLw/EthiuYT7isqm9HCzImwMmDPpv4sF8+hynV133qeR
8SK7ibwdbpumYihaALCvv206na7KSifVV6kBeOmE1MQNGLUoLeYlPBpwiwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCMz6W1E2YIHHVdrEh4tqNPGFFyDMB8GA1UdIwQY
MBaAFCYLK8RUd8gdd02qDCirRLd0ugkgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQt
MTdlNjZjMWZkM2QxLzEvSXpQcGJVVFpnZ2NkVjJzU0hpMm8wOFlVWElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YjEyMDUtMzQ1MC00ZTkwLThiMTQtMTdlNjZjMWZkM2Qx
LzEvSmdzcnhGUjN5QjEzVGFvTUtLdEV0M1M2Q1NBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhI5wDAN
BgkqhkiG9w0BAQsFAAOCAQEAb3yc4ZyjhGxdPa0KEmz0wdMkEAdRrKYkoYZ92O/a
8autEeTFLCpjbeosG0uTTuTFKBWBm+WqiDW+d75x3l2Euly41PxcR0bgRJQJ5DzV
t1w+RLZlKrks0+DwMfz3+B8zhKSUx//4Yd0mzkAVz4VqzDUiJVeF5lpGOqseXB82
5FZITOLDadMBzabBoDtKIj83BSc2NnMVuK8dM+ynAVPnphiiL5V5gqqsf23zpHhc
rCJhgAXKjTpe1pG6ZjvbqiDAZNGqR4eG7KlCTFcc9J0+/nIMEg5uePQFdRxYIzYL
XLAeYoRtu7T9/l+owcDrWr875mhTpCqD9gMy1qxOaNnS7Q==
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:37:21 2025 by rpki-client