Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/i2WjIkNXUPeX7xGHYrjhSSYgFy4.roa
File: i2WjIkNXUPeX7xGHYrjhSSYgFy4.roa (raw, json)
Hash identifier: C+2xN+JP/GjkI/37xlqqEgKPEWpo/BcSUMTEOcKEDPs=
Subject key identifier: 8B:65:A3:22:43:57:50:F7:97:EF:11:87:62:B8:E1:49:26:20:17:2E
Certificate issuer: /CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Certificate serial: 0194228DE67C908877403A3E6B004C190935
Authority key identifier: 2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/i2WjIkNXUPeX7xGHYrjhSSYgFy4.roa
Signing time: Wed 01 Jan 2025 15:48:32 +0000
ROA not before: Wed 01 Jan 2025 15:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57097
IP address blocks: 2a12:8fc6:300::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:e6:7c:90:88:77:40:3a:3e:6b:00:4c:19:09:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b967e772cc7298305a11ffa65dd185f6a58910b
Validity
Not Before: Jan 1 15:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b65a322435750f797ef118762b8e1492620172e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bd:11:58:13:a7:e2:68:e8:ce:0e:3b:6a:43:
58:69:af:b4:ff:bd:00:99:44:ef:1a:b8:3a:f6:26:
8d:c0:b9:07:97:f1:61:85:23:6e:d8:bd:62:ba:f8:
fd:92:f4:34:fc:ec:30:fa:a3:8c:d4:db:ce:75:0d:
72:28:2c:8e:6a:e5:25:fa:c4:90:c4:88:43:a3:64:
0a:c8:89:18:8f:0d:47:5a:66:cc:8e:07:ab:c0:e6:
ca:d4:60:9a:fe:ca:60:1b:0c:5b:f9:c1:66:76:46:
83:d1:6f:82:ec:1a:05:cd:10:41:3b:09:a1:80:5c:
dd:67:64:13:ce:91:f4:09:5e:e5:2b:71:9b:d9:7f:
23:a7:26:be:2b:83:95:54:ea:23:11:35:34:41:82:
69:7b:f2:ed:0f:1d:d3:5a:cc:ef:b6:c3:4a:9a:31:
df:2a:65:ed:2f:d0:3f:f4:f1:a0:a8:61:b4:54:18:
bb:2a:ca:d8:55:f3:48:c6:f8:5f:dc:cc:6f:fc:17:
e3:3b:01:23:ea:92:eb:26:e1:19:8b:eb:eb:5d:79:
e7:76:12:11:81:2b:dc:9b:29:c8:b9:6f:7e:ca:05:
01:ac:18:70:59:9c:28:f3:d7:f3:d0:1a:3e:77:1a:
9e:b6:16:7f:a1:7d:57:d8:bd:5b:be:f5:c2:4b:e5:
9e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:65:A3:22:43:57:50:F7:97:EF:11:87:62:B8:E1:49:26:20:17:2E
X509v3 Authority Key Identifier:
keyid:2B:96:7E:77:2C:C7:29:83:05:A1:1F:FA:65:DD:18:5F:6A:58:91:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/i2WjIkNXUPeX7xGHYrjhSSYgFy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/660e74-a3bc-444b-9c6a-58c96d66f0a1/1/K5Z-dyzHKYMFoR_6Zd0YX2pYkQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:8fc6:300::/48
Signature Algorithm: sha256WithRSAEncryption
ac:7d:82:b0:5b:0a:d3:29:62:56:a6:31:c3:39:ec:3d:e5:73:
14:41:df:9c:bf:ae:79:e3:51:ea:44:80:1c:41:52:6c:46:53:
76:29:30:a5:ef:f7:c4:87:ba:30:48:fd:62:32:98:16:da:6d:
ea:79:03:38:b4:4e:88:32:54:c6:f3:24:75:07:59:c0:7b:b2:
30:0b:d0:34:0a:22:98:64:9b:48:a1:f1:52:74:df:41:86:28:
d5:bb:d8:a4:2f:80:c5:d5:13:e2:4d:e4:a9:b9:fe:45:11:96:
9a:97:4c:c1:d9:ed:d7:e4:56:90:47:65:7a:68:6b:cf:43:62:
3d:3e:7c:8a:f7:25:0d:32:0f:71:5f:df:1c:28:ff:d8:d4:e6:
68:71:98:b5:d7:a4:6d:85:02:42:33:a9:aa:b4:39:3e:26:f3:
cd:28:d8:cc:d5:88:fc:19:58:4a:f7:ae:64:58:2e:7b:1d:60:
16:72:ee:bf:bb:d8:a8:e9:8f:5a:23:b3:9c:c9:65:b6:bd:1c:
a2:cd:0d:6a:2d:2d:14:06:96:e1:30:b3:df:8b:9e:1d:1b:bd:
99:c6:67:54:84:0f:1f:19:33:27:7d:67:f9:f7:d6:5e:d3:8b:
46:51:06:b7:0e:28:4c:2b:7c:63:67:be:43:97:c5:8e:55:53:
3a:89:5f:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQijeZ8kIh3QDo+awBMGQk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTY3ZTc3MmNjNzI5ODMwNWExMWZmYTY1ZGQxODVmNmE1
ODkxMGIwHhcNMjUwMTAxMTU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjY1YTMyMjQzNTc1MGY3OTdlZjExODc2MmI4ZTE0OTI2MjAxNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvr0RWBOn4mjozg47akNYaa+0/70A
mUTvGrg69iaNwLkHl/FhhSNu2L1iuvj9kvQ0/Oww+qOM1NvOdQ1yKCyOauUl+sSQ
xIhDo2QKyIkYjw1HWmbMjgerwObK1GCa/spgGwxb+cFmdkaD0W+C7BoFzRBBOwmh
gFzdZ2QTzpH0CV7lK3Gb2X8jpya+K4OVVOojETU0QYJpe/LtDx3TWszvtsNKmjHf
KmXtL9A/9PGgqGG0VBi7KsrYVfNIxvhf3Mxv/BfjOwEj6pLrJuEZi+vrXXnndhIR
gSvcmynIuW9+ygUBrBhwWZwo89fz0Bo+dxqethZ/oX1X2L1bvvXCS+We0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFItloyJDV1D3l+8Rh2K44UkmIBcuMB8GA1UdIwQY
MBaAFCuWfncsxymDBaEf+mXdGF9qWJELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEt
NThjOTZkNjZmMGExLzEvaTJXaklrTlhVUGVYN3hHSFlyamhTU1lnRnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NjBlNzQtYTNiYy00NDRiLTljNmEtNThjOTZkNjZmMGEx
LzEvSzVaLWR5ekhLWU1Gb1JfNlpkMFlYMnBZa1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKPxgMA
MA0GCSqGSIb3DQEBCwUAA4IBAQCsfYKwWwrTKWJWpjHDOew95XMUQd+cv65541Hq
RIAcQVJsRlN2KTCl7/fEh7owSP1iMpgW2m3qeQM4tE6IMlTG8yR1B1nAe7IwC9A0
CiKYZJtIofFSdN9BhijVu9ikL4DF1RPiTeSpuf5FEZaal0zB2e3X5FaQR2V6aGvP
Q2I9PnyK9yUNMg9xX98cKP/Y1OZocZi116RthQJCM6mqtDk+JvPNKNjM1Yj8GVhK
965kWC57HWAWcu6/u9io6Y9aI7OcyWW2vRyizQ1qLS0UBpbhMLPfi54dG72ZxmdU
hA8fGTMnfWf599Ze04tGUQa3DihMK3xjZ75Dl8WOVVM6iV/B
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:22:13 2025 by rpki-client