Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/JHm9DlVoCa9GNkJZBuc6icEEKnY.roa
File: JHm9DlVoCa9GNkJZBuc6icEEKnY.roa (raw, json)
Hash identifier: piCHNKHJCXVn7DVI9vFWcAl90i+AgLw2euOpQ4qh1mk=
Subject key identifier: 24:79:BD:0E:55:68:09:AF:46:36:42:59:06:E7:3A:89:C1:04:2A:76
Certificate issuer: /CN=7981ea4d507fb0ae07159f6f88def958430fd070
Certificate serial: 018CC86F4A4B2E8964EE15D28F3198D3DFA3
Authority key identifier: 79:81:EA:4D:50:7F:B0:AE:07:15:9F:6F:88:DE:F9:58:43:0F:D0:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eYHqTVB_sK4HFZ9viN75WEMP0HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/JHm9DlVoCa9GNkJZBuc6icEEKnY.roa
Signing time: Tue 02 Jan 2024 04:29:45 +0000
ROA not before: Tue 02 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60542
IP address blocks: 2a12:eb80:1::/48 maxlen: 48
2a12:eb80:2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:4a:4b:2e:89:64:ee:15:d2:8f:31:98:d3:df:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7981ea4d507fb0ae07159f6f88def958430fd070
Validity
Not Before: Jan 2 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2479bd0e556809af4636425906e73a89c1042a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8f:07:79:42:0c:c8:1e:cb:f7:49:7a:3d:93:
8d:f7:52:be:33:58:a4:b4:e9:b8:5d:36:1f:3d:86:
89:e0:a2:5a:ce:0b:e7:09:68:69:08:a0:2c:51:f4:
da:b6:42:e1:f1:46:78:87:cc:3f:29:d1:81:90:36:
7d:c4:c2:b0:ad:17:58:76:81:d3:08:73:c9:07:43:
0a:de:a2:5f:8c:bc:f7:6b:86:00:95:98:0c:39:92:
fc:7e:7f:7c:34:ba:b8:93:a5:b6:12:4e:4b:02:55:
e5:51:17:a5:a9:b6:af:91:d7:00:ef:a8:6a:3b:f9:
f7:59:76:6a:32:3c:d1:7d:a0:69:b9:99:db:6a:19:
c1:35:5a:b5:57:6b:40:83:bb:3a:cb:bf:97:f4:37:
f7:60:72:ec:dc:dd:88:2a:b4:0d:c4:b1:99:9d:48:
ec:88:5e:71:dc:9c:e8:f0:d0:e7:7f:49:c0:0d:54:
20:61:87:d7:41:44:57:45:ad:17:4c:df:5c:e6:15:
97:31:69:fb:f3:00:a4:f5:ad:59:73:76:08:5a:06:
f5:0b:81:df:34:aa:3b:3c:df:67:8f:61:17:77:fb:
c9:95:00:24:71:f2:62:04:de:bb:b8:95:5d:23:d5:
32:bb:17:f2:b6:56:c1:01:f8:a2:7a:76:ad:0b:c5:
7d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:79:BD:0E:55:68:09:AF:46:36:42:59:06:E7:3A:89:C1:04:2A:76
X509v3 Authority Key Identifier:
keyid:79:81:EA:4D:50:7F:B0:AE:07:15:9F:6F:88:DE:F9:58:43:0F:D0:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eYHqTVB_sK4HFZ9viN75WEMP0HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/JHm9DlVoCa9GNkJZBuc6icEEKnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/e44bd7-0f70-45c8-856e-40e2ef3383b0/1/eYHqTVB_sK4HFZ9viN75WEMP0HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:eb80:1::-2a12:eb80:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7c:77:cf:30:bd:ba:91:a1:53:d1:33:9a:ce:d4:b3:61:7d:bd:
99:41:62:c1:06:52:06:94:06:8d:b2:ae:b1:fb:75:87:33:95:
c6:7b:ab:23:39:1d:81:07:35:c6:58:76:e4:8d:c8:19:00:fb:
58:0f:77:e3:41:16:8e:a2:12:d5:51:c5:1e:45:bf:25:5e:97:
7d:40:68:b0:64:b6:6b:f0:ba:98:82:7c:ff:13:4f:2b:73:2b:
5a:59:38:81:19:9b:56:9f:fd:b0:69:65:6d:73:9b:5c:b4:3b:
41:96:fb:3f:f6:79:0f:df:45:83:fc:0c:bc:94:42:ce:e2:73:
f5:a7:e2:cb:ae:cd:71:c8:d3:38:29:d9:6d:c2:8e:60:25:02:
9f:62:90:40:8c:f1:dd:98:25:17:35:44:84:cd:ae:8d:91:e3:
fc:65:f2:b7:d8:d3:0d:94:4d:cf:27:88:3f:4a:90:82:0f:1c:
08:e4:ea:87:80:91:7f:1b:4b:4a:a2:ce:b4:a8:48:15:de:d3:
d7:58:b4:ea:6f:6b:8a:37:a5:b8:76:a4:98:ad:bf:c2:22:a7:
be:01:20:4e:d2:48:c5:f9:34:59:a1:ea:25:db:0a:9f:c1:66:
01:95:de:83:3f:29:f9:77:2e:0f:8c:cc:53:01:35:89:50:e6:
a9:d5:db:2c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIb0pLLolk7hXSjzGY09+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ODFlYTRkNTA3ZmIwYWUwNzE1OWY2Zjg4ZGVmOTU4NDMw
ZmQwNzAwHhcNMjQwMTAyMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDc5YmQwZTU1NjgwOWFmNDYzNjQyNTkwNmU3M2E4OWMxMDQyYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0o8HeUIMyB7L90l6PZON91K+M1ik
tOm4XTYfPYaJ4KJazgvnCWhpCKAsUfTatkLh8UZ4h8w/KdGBkDZ9xMKwrRdYdoHT
CHPJB0MK3qJfjLz3a4YAlZgMOZL8fn98NLq4k6W2Ek5LAlXlURelqbavkdcA76hq
O/n3WXZqMjzRfaBpuZnbahnBNVq1V2tAg7s6y7+X9Df3YHLs3N2IKrQNxLGZnUjs
iF5x3Jzo8NDnf0nADVQgYYfXQURXRa0XTN9c5hWXMWn78wCk9a1Zc3YIWgb1C4Hf
NKo7PN9nj2EXd/vJlQAkcfJiBN67uJVdI9UyuxfytlbBAfiienatC8V9dQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCR5vQ5VaAmvRjZCWQbnOonBBCp2MB8GA1UdIwQY
MBaAFHmB6k1Qf7CuBxWfb4je+VhDD9BwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVlIcVRWQl9zSzRIRlo5dmlONzVXRU1QMEhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lNDRiZDctMGY3MC00NWM4LTg1NmUt
NDBlMmVmMzM4M2IwLzEvSkhtOURsVm9DYTlHTmtKWkJ1YzZpY0VFS25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lNDRiZDctMGY3MC00NWM4LTg1NmUtNDBlMmVmMzM4M2Iw
LzEvZVlIcVRWQl9zSzRIRlo5dmlONzVXRU1QMEhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEuuA
AAEDBwAqEuuAAAIwDQYJKoZIhvcNAQELBQADggEBAHx3zzC9upGhU9Ezms7Us2F9
vZlBYsEGUgaUBo2yrrH7dYczlcZ7qyM5HYEHNcZYduSNyBkA+1gPd+NBFo6iEtVR
xR5FvyVel31AaLBktmvwupiCfP8TTytzK1pZOIEZm1af/bBpZW1zm1y0O0GW+z/2
eQ/fRYP8DLyUQs7ic/Wn4suuzXHI0zgp2W3CjmAlAp9ikECM8d2YJRc1RITNro2R
4/xl8rfY0w2UTc8niD9KkIIPHAjk6oeAkX8bS0qizrSoSBXe09dYtOpva4o3pbh2
pJitv8Iip74BIE7SSMX5NFmh6iXbCp/BZgGV3oM/Kfl3Lg+MzFMBNYlQ5qnV2yw=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:07:38 2025 by rpki-client