Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/q9Jrngm46mG5T1TG4CJKxl6zZbk.roa
File: q9Jrngm46mG5T1TG4CJKxl6zZbk.roa (raw, json)
Hash identifier: SuJBRA0vpCNsa13dZKLmhojFUmnM4H8nyxuRo32qDQM=
Subject key identifier: AB:D2:6B:9E:09:B8:EA:61:B9:4F:54:C6:E0:22:4A:C6:5E:B3:65:B9
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042A8DFD567D4A87FF4F5D16DBC769A
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/q9Jrngm46mG5T1TG4CJKxl6zZbk.roa
Signing time: Mon 02 Jan 2023 02:14:54 +0000
ROA not before: Mon 02 Jan 2023 02:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35543
IP address blocks: 2a12:a4c1::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:a8:df:d5:67:d4:a8:7f:f4:f5:d1:6d:bc:76:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abd26b9e09b8ea61b94f54c6e0224ac65eb365b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ca:c6:7d:60:de:17:e3:7a:e4:84:d3:5a:a2:
e4:d4:88:a8:fa:7d:c6:aa:cc:18:8e:1f:15:bf:3e:
8d:95:48:6c:f6:2d:63:3e:f2:71:ef:46:94:d4:de:
d6:f5:26:cc:e6:26:ca:a4:ec:29:07:9d:47:6d:e0:
ad:cb:8b:78:7e:8d:0a:4c:db:6d:f6:1f:d0:78:f5:
df:34:53:6c:df:fb:a7:ae:5b:9c:30:b1:55:b7:52:
bc:27:31:94:9d:17:cc:a2:89:03:9c:61:71:67:6d:
df:58:cf:6f:74:eb:ff:68:c3:61:30:18:c7:8a:4a:
0b:2a:06:5c:c0:87:51:83:80:ec:34:4f:91:f7:c4:
d5:ec:fa:21:55:43:28:ea:e4:36:de:60:b6:f0:34:
ee:f5:9f:e6:04:56:a8:41:3d:1c:27:46:4c:70:c5:
29:04:dd:24:08:e2:7e:3f:eb:b1:15:d5:4c:ee:68:
bc:ff:4c:b9:d2:76:14:26:47:54:4b:8c:37:e6:2c:
17:00:a0:23:0e:6f:85:2d:74:ab:70:08:b5:d0:63:
b7:d0:a3:79:40:4f:2d:eb:d0:0f:a9:1a:cc:83:2a:
bd:23:f6:2c:41:5a:a8:41:a4:f3:85:7a:03:ae:f3:
bf:c2:7e:48:51:e6:f0:1d:74:b9:22:fd:0f:ec:e1:
bc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D2:6B:9E:09:B8:EA:61:B9:4F:54:C6:E0:22:4A:C6:5E:B3:65:B9
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/q9Jrngm46mG5T1TG4CJKxl6zZbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a4c1::/32
Signature Algorithm: sha256WithRSAEncryption
6c:b2:d2:74:fa:b2:d3:31:d8:3d:ac:2e:c0:17:6c:f1:65:94:
eb:3d:c3:00:8b:6e:4b:72:a8:eb:67:bd:72:6e:41:b9:47:55:
2b:66:fa:a9:3c:71:33:1f:a3:b3:ff:b4:8a:38:f5:01:7b:03:
12:6c:41:4b:53:f4:b7:80:31:92:4d:c6:4f:21:3b:1d:b2:9c:
56:15:39:ba:8f:38:33:06:8f:97:7b:43:a8:5d:8b:3b:c4:f5:
cc:1d:77:a0:ce:cf:5c:57:1c:ab:73:1e:12:8a:63:af:73:a1:
50:0c:dd:35:94:0c:e2:49:fa:bf:c5:5c:26:31:eb:2b:3a:4a:
b7:eb:d9:eb:9b:33:8a:6b:d7:a4:45:46:9f:67:26:17:71:07:
9d:bd:7b:06:23:74:47:02:98:9d:a2:52:a6:3f:4c:5a:b8:c0:
87:eb:46:89:ef:13:dd:b4:d1:88:9f:2a:92:cc:c0:0c:fb:61:
77:31:fa:f9:c3:cd:4d:6f:3b:57:57:32:c7:3a:3d:17:94:5a:
2e:82:25:e8:01:97:3b:57:8f:91:1b:05:2d:2e:66:ef:a6:c1:
53:13:f2:e5:8f:0d:8e:6a:f3:52:e8:83:fe:20:d1:4f:b9:87:
92:5c:11:51:36:0e:9f:09:6d:4f:8d:cd:cf:5d:33:15:62:3e:
e8:54:ff:7f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwQqjf1WfUqH/09dFtvHaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQyNmI5ZTA5YjhlYTYxYjk0ZjU0YzZlMDIyNGFjNjVlYjM2NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsrGfWDeF+N65ITTWqLk1Iio+n3G
qswYjh8Vvz6NlUhs9i1jPvJx70aU1N7W9SbM5ibKpOwpB51HbeCty4t4fo0KTNtt
9h/QePXfNFNs3/unrlucMLFVt1K8JzGUnRfMookDnGFxZ23fWM9vdOv/aMNhMBjH
ikoLKgZcwIdRg4DsNE+R98TV7PohVUMo6uQ23mC28DTu9Z/mBFaoQT0cJ0ZMcMUp
BN0kCOJ+P+uxFdVM7mi8/0y50nYUJkdUS4w35iwXAKAjDm+FLXSrcAi10GO30KN5
QE8t69APqRrMgyq9I/YsQVqoQaTzhXoDrvO/wn5IUebwHXS5Iv0P7OG8lQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKvSa54JuOphuU9UxuAiSsZes2W5MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvcTlKcm5nbTQ2bUc1VDFURzRDSkt4bDZ6WmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKkwTAN
BgkqhkiG9w0BAQsFAAOCAQEAbLLSdPqy0zHYPawuwBds8WWU6z3DAItuS3Ko62e9
cm5BuUdVK2b6qTxxMx+js/+0ijj1AXsDEmxBS1P0t4Axkk3GTyE7HbKcVhU5uo84
MwaPl3tDqF2LO8T1zB13oM7PXFccq3MeEopjr3OhUAzdNZQM4kn6v8VcJjHrKzpK
t+vZ65szimvXpEVGn2cmF3EHnb17BiN0RwKYnaJSpj9MWrjAh+tGie8T3bTRiJ8q
kszADPthdzH6+cPNTW87V1cyxzo9F5RaLoIl6AGXO1ePkRsFLS5m76bBUxPy5Y8N
jmrzUuiD/iDRT7mHklwRUTYOnwltT43Nz10zFWI+6FT/fw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:53 2025 by rpki-client