Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/1QgqhoL1f8rVrZsBTbv_ukiW3_U.roa
File: 1QgqhoL1f8rVrZsBTbv_ukiW3_U.roa (raw, json)
Hash identifier: FtHGg2smc+8B3MpNfm7Vb9xIWP4EyZ43pe81r6EdMLE=
Subject key identifier: D5:08:2A:86:82:F5:7F:CA:D5:AD:9B:01:4D:BB:FF:BA:48:96:DF:F5
Certificate issuer: /CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Certificate serial: 0194266B4874582C1ED911109369C861454C
Authority key identifier: 63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/1QgqhoL1f8rVrZsBTbv_ukiW3_U.roa
Signing time: Thu 02 Jan 2025 09:49:12 +0000
ROA not before: Thu 02 Jan 2025 09:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51847
IP address blocks: 2a12:f8c1:50::/48 maxlen: 48
2a12:f8c1:51::/48 maxlen: 48
2a12:f8c1:52::/48 maxlen: 48
2a12:f8c1:53::/48 maxlen: 48
2a12:f8c1:54::/48 maxlen: 48
2a12:f8c1:55::/48 maxlen: 48
2a12:f8c1:56::/48 maxlen: 48
2a12:f8c1:57::/48 maxlen: 48
2a12:f8c1:58::/48 maxlen: 48
2a13:fc0::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:48:74:58:2c:1e:d9:11:10:93:69:c8:61:45:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63392e929317ae6bde08a5a3b98a2b701ddb893a
Validity
Not Before: Jan 2 09:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5082a8682f57fcad5ad9b014dbbffba4896dff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e3:ab:27:bf:fe:19:66:94:ca:0f:c1:fe:b4:
7f:86:86:7b:0e:a3:24:e7:d4:e5:e2:b4:68:a0:00:
99:fd:7c:63:43:bf:d6:03:75:46:70:a0:e7:eb:64:
8d:6c:a8:ec:2a:4a:97:ba:12:09:54:a2:aa:c4:20:
a5:21:40:9b:6b:7a:8e:97:66:d9:6f:ea:9a:56:b3:
60:b5:7c:a0:2c:26:59:49:7e:97:4e:63:74:f3:90:
80:94:e4:d5:ee:5f:47:df:6a:f4:03:29:5b:7d:97:
cd:53:96:3a:c6:e2:aa:33:ee:47:5e:96:8b:1e:45:
6b:05:19:fe:44:3c:63:22:75:c3:d7:dc:99:82:54:
d7:78:1e:f5:d5:f9:7c:a7:a9:36:d5:59:ac:29:d4:
0e:8b:cb:d0:e4:f5:91:2b:e4:73:94:aa:68:e7:74:
b9:52:d7:05:ed:d7:f1:db:db:53:a8:31:05:f6:e2:
56:0f:3e:68:41:73:c8:bb:9f:6a:84:6d:50:d3:62:
07:4a:1f:e4:40:ae:8c:82:cd:c5:e4:05:99:b6:c1:
08:80:6c:67:e3:28:67:f8:04:cf:fc:01:54:5d:fe:
a8:01:09:fb:5f:22:1e:62:0d:d8:23:79:7f:99:94:
bf:b9:d2:71:e6:66:ee:5f:a5:20:99:2c:46:5e:67:
3a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:08:2A:86:82:F5:7F:CA:D5:AD:9B:01:4D:BB:FF:BA:48:96:DF:F5
X509v3 Authority Key Identifier:
keyid:63:39:2E:92:93:17:AE:6B:DE:08:A5:A3:B9:8A:2B:70:1D:DB:89:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YzkukpMXrmveCKWjuYorcB3biTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/1QgqhoL1f8rVrZsBTbv_ukiW3_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/fe702e-c26b-4429-99c1-87250f5a07cc/1/YzkukpMXrmveCKWjuYorcB3biTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:f8c1:50::-2a12:f8c1:58:ffff:ffff:ffff:ffff:ffff
2a13:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
38:10:4c:53:d3:8a:ac:d3:5a:0e:f1:03:5f:af:ca:ef:28:f4:
fd:bd:8d:42:45:d2:73:29:91:3d:ed:1d:d0:22:cc:18:ba:12:
3f:7d:b6:76:78:8e:7e:b7:35:9b:bf:60:f8:c5:9b:f5:38:34:
fe:64:f9:16:27:ef:a9:50:bc:b6:b6:eb:e1:05:0e:c9:13:7d:
55:e5:6f:2e:3a:06:ff:5c:7e:90:0d:80:ba:3c:85:12:96:13:
42:91:df:d4:49:35:78:73:df:43:4f:fa:f4:f2:f3:bb:6d:c0:
87:b4:d2:82:dc:5f:8e:8d:99:a4:b7:5c:f5:fe:af:69:9c:06:
0b:fc:de:c7:b3:5f:3e:ef:59:21:4f:25:c0:ca:60:33:a3:a8:
17:8c:43:b2:33:18:d0:be:ce:02:1f:f7:04:93:a5:24:fb:fd:
f0:b3:b1:49:b0:eb:59:a9:25:68:5e:b5:67:1a:af:12:1c:aa:
4b:d7:21:47:7c:ab:4a:c8:87:c0:46:29:a8:1c:80:db:b3:fe:
a9:41:ef:8f:75:47:42:d7:8d:7f:f3:21:74:9f:4b:04:1e:01:
87:13:9e:ac:d6:c1:12:9a:7e:ac:e3:bd:db:7a:46:72:5d:4f:
3d:02:e4:50:60:5d:24:da:1f:c2:51:7a:20:49:6c:30:ba:ec:
03:81:80:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQma0h0WCwe2REQk2nIYUVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMzkyZTkyOTMxN2FlNmJkZTA4YTVhM2I5OGEyYjcwMWRk
Yjg5M2EwHhcNMjUwMTAyMDk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA4MmE4NjgyZjU3ZmNhZDVhZDliMDE0ZGJiZmZiYTQ4OTZkZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOOrJ7/+GWaUyg/B/rR/hoZ7DqMk
59Tl4rRooACZ/XxjQ7/WA3VGcKDn62SNbKjsKkqXuhIJVKKqxCClIUCba3qOl2bZ
b+qaVrNgtXygLCZZSX6XTmN085CAlOTV7l9H32r0AylbfZfNU5Y6xuKqM+5HXpaL
HkVrBRn+RDxjInXD19yZglTXeB711fl8p6k21VmsKdQOi8vQ5PWRK+RzlKpo53S5
UtcF7dfx29tTqDEF9uJWDz5oQXPIu59qhG1Q02IHSh/kQK6Mgs3F5AWZtsEIgGxn
4yhn+ATP/AFUXf6oAQn7XyIeYg3YI3l/mZS/udJx5mbuX6UgmSxGXmc6fwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNUIKoaC9X/K1a2bAU27/7pIlt/1MB8GA1UdIwQY
MBaAFGM5LpKTF65r3gilo7mKK3Ad24k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEt
ODcyNTBmNWEwN2NjLzEvMVFncWhvTDFmOHJWclpzQlRidl91a2lXM19VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mZTcwMmUtYzI2Yi00NDI5LTk5YzEtODcyNTBmNWEwN2Nj
LzEvWXprdWtwTVhybXZlQ0tXanVZb3JjQjNiaVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbMBIDBwQqEvjB
AFADBwAqEvjBAFgDBQMqEw/AMA0GCSqGSIb3DQEBCwUAA4IBAQA4EExT04qs01oO
8QNfr8rvKPT9vY1CRdJzKZE97R3QIswYuhI/fbZ2eI5+tzWbv2D4xZv1ODT+ZPkW
J++pULy2tuvhBQ7JE31V5W8uOgb/XH6QDYC6PIUSlhNCkd/USTV4c99DT/r08vO7
bcCHtNKC3F+OjZmkt1z1/q9pnAYL/N7Hs18+71khTyXAymAzo6gXjEOyMxjQvs4C
H/cEk6Uk+/3ws7FJsOtZqSVoXrVnGq8SHKpL1yFHfKtKyIfARimoHIDbs/6pQe+P
dUdC141/8yF0n0sEHgGHE56s1sESmn6s473bekZyXU89AuRQYF0k2h/CUXogSWww
uuwDgYBU
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:16 2025 by rpki-client