Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/yOQNrNfqnu-zUPwseIlDnR9db6I.roa
File: yOQNrNfqnu-zUPwseIlDnR9db6I.roa (raw, json)
Hash identifier: M4/IvWYWT3V9C0qv4qy17doGNXNBQ4Xqnwnw1suYfCM=
Subject key identifier: C8:E4:0D:AC:D7:EA:9E:EF:B3:50:FC:2C:78:89:43:9D:1F:5D:6F:A2
Certificate issuer: /CN=ff44dbaca56dac319401f68a50d917f5424611ad
Certificate serial: 018CC7944F00D9EA204A2E6CEB24D46AEA27
Authority key identifier: FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/yOQNrNfqnu-zUPwseIlDnR9db6I.roa
Signing time: Tue 02 Jan 2024 00:30:34 +0000
ROA not before: Tue 02 Jan 2024 00:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212144
IP address blocks: 2a12:6d80::/29 maxlen: 29
2a12:3f80::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:4f:00:d9:ea:20:4a:2e:6c:eb:24:d4:6a:ea:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff44dbaca56dac319401f68a50d917f5424611ad
Validity
Not Before: Jan 2 00:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8e40dacd7ea9eefb350fc2c7889439d1f5d6fa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5b:19:fc:b6:b2:e1:64:bb:78:3c:d0:d1:d5:
06:c4:d8:9b:5d:8d:60:72:a2:df:ee:0d:5f:9a:06:
20:1c:8e:a2:e9:b9:f6:50:29:9c:d5:05:c6:6f:22:
83:c7:68:a0:ee:32:b2:2a:ea:75:b9:32:85:ee:1b:
eb:db:2d:54:60:7a:96:1a:ad:0d:b3:29:36:00:4f:
94:14:3e:e6:ca:a3:02:01:c7:8f:cb:3a:76:ec:e4:
ef:c7:13:b7:97:9f:dd:62:cd:ef:fa:95:45:bb:c9:
b2:62:0f:fb:c6:1c:7d:39:0e:b8:5d:dc:8b:d5:bf:
b9:16:74:3f:84:4c:77:2c:f4:2c:42:17:c1:3b:45:
80:f9:8a:52:a3:af:33:ca:c0:91:f2:3f:32:5b:a1:
e5:32:a5:c4:32:8f:90:ac:81:42:b4:dd:47:cc:89:
0e:68:54:6b:73:b7:bc:7e:1e:d7:e4:d9:65:8f:0c:
c7:00:7b:08:36:c7:20:87:a1:45:59:0b:6d:95:88:
d2:ad:fa:17:90:2a:03:2b:b9:ab:92:64:24:12:0e:
3e:90:4a:75:8c:2e:f1:47:f1:5c:53:e0:f4:77:4b:
d5:46:82:15:00:27:93:61:4c:56:fa:87:e9:99:3c:
b5:55:d7:c8:17:24:26:ec:99:f3:89:05:54:52:8e:
2c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E4:0D:AC:D7:EA:9E:EF:B3:50:FC:2C:78:89:43:9D:1F:5D:6F:A2
X509v3 Authority Key Identifier:
keyid:FF:44:DB:AC:A5:6D:AC:31:94:01:F6:8A:50:D9:17:F5:42:46:11:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0TbrKVtrDGUAfaKUNkX9UJGEa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/yOQNrNfqnu-zUPwseIlDnR9db6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/53a947-fd03-4014-9827-c5d8950818ec/1/_0TbrKVtrDGUAfaKUNkX9UJGEa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3f80::/29
2a12:6d80::/29
Signature Algorithm: sha256WithRSAEncryption
63:ce:37:a9:b6:4b:42:c8:5d:e1:22:6d:dc:46:4d:70:48:d0:
03:23:d3:65:77:6d:e9:eb:7f:1e:e7:7f:5c:2f:30:19:c5:32:
42:d2:19:68:02:2c:99:4b:b7:54:b9:56:0a:46:b3:64:be:bc:
d3:55:5e:60:08:b9:96:6e:02:9e:42:5f:34:3d:36:a2:0f:37:
7f:78:d3:88:a8:55:f4:91:65:6d:c4:f9:d7:a2:98:69:b0:ff:
c9:ea:fb:43:75:a2:fd:40:e0:fc:95:0a:ea:d3:4d:83:59:8a:
a4:94:b2:cc:0d:f4:97:e3:15:51:54:6b:a4:ad:20:f5:4f:63:
d2:1c:f1:53:9b:2c:f6:f1:5c:17:9f:48:9b:7d:e5:9e:2a:47:
49:32:87:5e:73:f1:59:39:6e:97:a3:bf:42:95:b1:e6:b2:0e:
91:69:f6:8e:90:11:2e:b3:96:29:b5:19:94:09:df:ce:eb:12:
12:e5:31:73:62:ad:06:f0:c3:4e:15:86:7c:3d:76:cc:e0:eb:
6e:bf:25:d7:d0:36:e3:a7:2e:cc:33:0b:f7:34:c4:9d:40:93:
54:7b:17:3a:1e:11:87:d3:f9:85:18:17:f2:f8:65:1a:01:9c:
9e:94:1d:d2:1e:47:16:5a:ba:db:ad:fa:c8:8c:e4:6a:d6:3d:
86:d3:50:84
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlE8A2eogSi5s6yTUauonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDRkYmFjYTU2ZGFjMzE5NDAxZjY4YTUwZDkxN2Y1NDI0
NjExYWQwHhcNMjQwMTAyMDAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGU0MGRhY2Q3ZWE5ZWVmYjM1MGZjMmM3ODg5NDM5ZDFmNWQ2ZmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1sZ/Lay4WS7eDzQ0dUGxNibXY1g
cqLf7g1fmgYgHI6i6bn2UCmc1QXGbyKDx2ig7jKyKup1uTKF7hvr2y1UYHqWGq0N
syk2AE+UFD7myqMCAcePyzp27OTvxxO3l5/dYs3v+pVFu8myYg/7xhx9OQ64XdyL
1b+5FnQ/hEx3LPQsQhfBO0WA+YpSo68zysCR8j8yW6HlMqXEMo+QrIFCtN1HzIkO
aFRrc7e8fh7X5NlljwzHAHsINscgh6FFWQttlYjSrfoXkCoDK7mrkmQkEg4+kEp1
jC7xR/FcU+D0d0vVRoIVACeTYUxW+ofpmTy1VdfIFyQm7JnziQVUUo4siQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMjkDazX6p7vs1D8LHiJQ50fXW+iMB8GA1UdIwQY
MBaAFP9E26ylbawxlAH2ilDZF/VCRhGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4Mjct
YzVkODk1MDgxOGVjLzEveU9RTnJOZnFudS16VVB3c2VJbERuUjlkYjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81M2E5NDctZmQwMy00MDE0LTk4MjctYzVkODk1MDgxOGVj
LzEvXzBUYnJLVnRyREdVQWZhS1VOa1g5VUpHRWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhI/gAMF
AyoSbYAwDQYJKoZIhvcNAQELBQADggEBAGPON6m2S0LIXeEibdxGTXBI0AMj02V3
benrfx7nf1wvMBnFMkLSGWgCLJlLt1S5VgpGs2S+vNNVXmAIuZZuAp5CXzQ9NqIP
N39404ioVfSRZW3E+deimGmw/8nq+0N1ov1A4PyVCurTTYNZiqSUsswN9JfjFVFU
a6StIPVPY9Ic8VObLPbxXBefSJt95Z4qR0kyh15z8Vk5bpejv0KVseayDpFp9o6Q
ES6zlim1GZQJ387rEhLlMXNirQbww04Vhnw9dszg626/JdfQNuOnLswzC/c0xJ1A
k1R7FzoeEYfT+YUYF/L4ZRoBnJ6UHdIeRxZautut+siM5GrWPYbTUIQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:34 2025 by rpki-client