Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/VacaElxkh2b6OJBU9SxxcNwSORY.roa
File: VacaElxkh2b6OJBU9SxxcNwSORY.roa (raw, json)
Hash identifier: RP3+KVwMc6V925RbqleZnirW+iP89qL4bLex0erm7P0=
Subject key identifier: 55:A7:1A:12:5C:64:87:66:FA:38:90:54:F5:2C:71:70:DC:12:39:16
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 01915B80079919C394A8D777A66FC59DFA28
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/VacaElxkh2b6OJBU9SxxcNwSORY.roa
Signing time: Fri 16 Aug 2024 14:03:22 +0000
ROA not before: Fri 16 Aug 2024 14:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a12:4140::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:80:07:99:19:c3:94:a8:d7:77:a6:6f:c5:9d:fa:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Aug 16 14:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55a71a125c648766fa389054f52c7170dc123916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b6:fe:55:f7:a4:b0:5b:ce:37:a5:ed:08:48:
a0:0b:ea:20:22:6e:21:20:c7:9d:08:25:3b:94:4e:
ff:36:7d:5d:6b:50:b1:a9:6a:d8:60:40:93:c1:5c:
69:d9:37:bd:f1:7f:65:af:7a:4c:bf:42:17:c3:9f:
68:71:7a:2a:9f:74:5e:24:1f:e0:2e:34:f9:4e:8f:
00:75:d1:e7:b6:86:41:38:32:20:ec:70:4e:4a:a7:
c4:68:74:34:89:40:25:a2:ea:40:9f:c1:2f:b9:c2:
2c:ff:fa:1b:55:a8:43:a9:e8:a1:d6:e3:8a:16:68:
2b:ed:06:f3:35:66:83:f4:1d:03:f2:32:55:eb:0f:
d6:64:be:b1:84:2e:bb:ec:e2:83:df:fd:54:16:bc:
a7:c0:d0:75:07:40:c1:f7:0d:6e:2c:92:a5:b4:87:
c5:0f:6e:dd:bb:9b:5a:4c:45:77:20:48:20:61:30:
ea:94:1c:50:7b:ec:0a:4a:70:e9:cb:8d:b5:a7:d0:
59:f1:55:b4:e0:31:80:8f:04:20:19:12:ca:34:1e:
c1:27:cd:22:06:58:a8:bb:9c:db:a3:e2:4c:22:4d:
7e:a3:50:9d:cb:80:42:e6:f8:7d:f7:e9:44:aa:87:
bb:de:6a:e9:6a:2c:e0:10:79:36:e5:d3:93:27:f6:
b6:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:A7:1A:12:5C:64:87:66:FA:38:90:54:F5:2C:71:70:DC:12:39:16
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/VacaElxkh2b6OJBU9SxxcNwSORY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4140::/29
Signature Algorithm: sha256WithRSAEncryption
49:b4:61:d1:ac:43:87:4c:2d:7b:e3:4e:4a:ef:c9:73:ed:cd:
c4:01:3f:29:14:90:8b:5b:9a:69:a9:d5:05:9c:9e:9b:51:6f:
ba:cd:41:ca:97:34:cb:51:14:b8:3e:db:22:04:dd:38:a9:49:
5e:82:d8:2f:c9:4f:66:f7:da:34:70:53:23:01:8e:28:53:93:
db:19:37:7a:c2:58:0c:72:5d:0e:9b:c7:95:21:92:1b:34:1f:
d5:7c:cd:21:03:e1:ce:a0:da:ef:14:52:55:d8:41:fa:6b:d7:
3a:5c:21:eb:01:f4:f1:e4:9a:48:ee:09:8b:42:60:3a:87:82:
c2:52:ba:fa:b5:02:f6:cd:78:55:c5:6b:3d:af:8c:f6:1c:95:
15:90:7d:46:11:2f:05:62:23:55:1e:45:fe:17:d7:6b:28:c3:
f8:1b:1f:d6:91:64:71:b7:ac:4a:be:19:45:c4:b0:08:9c:dc:
08:c9:8f:44:78:37:35:70:31:4b:5e:1a:3d:e8:44:51:3b:8f:
76:a3:ae:6d:5e:19:f3:02:29:b2:76:1a:03:24:f8:42:73:b7:
8b:5f:d5:de:e9:74:9f:57:80:90:fa:5b:44:c1:0c:72:40:ce:
68:7e:f4:eb:49:bb:bf:e4:43:34:5c:3e:56:53:89:3b:82:22:
67:94:d0:a1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZFbgAeZGcOUqNd3pm/FnfooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjQwODE2MTQwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWE3MWExMjVjNjQ4NzY2ZmEzODkwNTRmNTJjNzE3MGRjMTIzOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbb+VfeksFvON6XtCEigC+ogIm4h
IMedCCU7lE7/Nn1da1CxqWrYYECTwVxp2Te98X9lr3pMv0IXw59ocXoqn3ReJB/g
LjT5To8AddHntoZBODIg7HBOSqfEaHQ0iUAloupAn8EvucIs//obVahDqeih1uOK
Fmgr7QbzNWaD9B0D8jJV6w/WZL6xhC677OKD3/1UFrynwNB1B0DB9w1uLJKltIfF
D27du5taTEV3IEggYTDqlBxQe+wKSnDpy421p9BZ8VW04DGAjwQgGRLKNB7BJ80i
Bliou5zbo+JMIk1+o1Cdy4BC5vh99+lEqoe73mrpaizgEHk25dOTJ/a2/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFFWnGhJcZIdm+jiQVPUscXDcEjkWMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvVmFjYUVseGtoMmI2T0pCVTlTeHhjTndTT1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJBQDAN
BgkqhkiG9w0BAQsFAAOCAQEASbRh0axDh0wte+NOSu/Jc+3NxAE/KRSQi1uaaanV
BZyem1Fvus1Bypc0y1EUuD7bIgTdOKlJXoLYL8lPZvfaNHBTIwGOKFOT2xk3esJY
DHJdDpvHlSGSGzQf1XzNIQPhzqDa7xRSVdhB+mvXOlwh6wH08eSaSO4Ji0JgOoeC
wlK6+rUC9s14VcVrPa+M9hyVFZB9RhEvBWIjVR5F/hfXayjD+Bsf1pFkcbesSr4Z
RcSwCJzcCMmPRHg3NXAxS14aPehEUTuPdqOubV4Z8wIpsnYaAyT4QnO3i1/V3ul0
n1eAkPpbRMEMckDOaH7060m7v+RDNFw+VlOJO4IiZ5TQoQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:16:49 2025 by rpki-client