Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/36JnYSv288Mp2ubeE-KH5m3zRGI.roa
File: 36JnYSv288Mp2ubeE-KH5m3zRGI.roa (raw, json)
Hash identifier: 2xBf6imuooemCsED6sxTVZbxVIqoEa8nN0SfDuJMsas=
Subject key identifier: DF:A2:67:61:2B:F6:F3:C3:29:DA:E6:DE:13:E2:87:E6:6D:F3:44:62
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01858B4F84934E8B9AC02768739A76126931
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/36JnYSv288Mp2ubeE-KH5m3zRGI.roa
Signing time: Sat 07 Jan 2023 08:18:42 +0000
ROA not before: Sat 07 Jan 2023 08:18:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139328
IP address blocks: 2a12:3fc2:e72d::/48 maxlen: 48
2a12:3fc2:e800::/40 maxlen: 48
2a12:3fc2:8000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8b:4f:84:93:4e:8b:9a:c0:27:68:73:9a:76:12:69:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 7 08:18:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfa267612bf6f3c329dae6de13e287e66df34462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:9f:63:2a:e3:a0:e3:b6:58:3a:5b:63:f1:cf:
c0:f0:88:5d:78:39:8e:8f:60:44:dc:c8:67:83:c5:
a9:2f:a0:15:1b:44:a9:2b:70:f9:0b:23:9e:e4:08:
48:9d:38:13:f0:e7:28:53:97:cc:47:63:89:3c:82:
27:80:f0:b0:0b:c8:09:f3:c1:46:ac:23:64:98:f3:
dc:d2:91:b4:23:11:2c:ea:28:d4:82:76:8e:00:46:
b7:7c:f8:b1:06:23:00:53:b5:33:84:0f:5b:d4:ea:
18:bd:a4:5c:62:cd:e1:a1:d0:ca:0c:d1:c6:b8:03:
11:f9:7c:cc:f6:62:34:f3:f8:93:01:66:27:2e:d2:
2f:c7:c2:aa:7c:3a:90:ef:39:3a:84:86:a4:91:a8:
8a:ed:a2:1a:9c:e4:a7:b6:a7:33:c4:69:4d:59:ff:
87:c5:a6:29:d3:be:96:df:4b:f9:dc:46:a0:82:ae:
47:88:c3:80:3b:9f:cf:9d:d8:4b:7c:26:79:bd:1a:
ee:ec:80:90:26:62:ff:43:df:2a:50:36:98:c2:ea:
50:e0:61:69:c8:d1:c6:18:0f:49:bd:96:0a:4a:be:
98:1f:0d:1e:c6:ad:97:68:9c:68:9e:36:db:07:ad:
3b:fe:d3:90:b6:bd:d5:a7:a6:83:56:00:79:62:1d:
cc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A2:67:61:2B:F6:F3:C3:29:DA:E6:DE:13:E2:87:E6:6D:F3:44:62
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/36JnYSv288Mp2ubeE-KH5m3zRGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:8000::/36
2a12:3fc2:e72d::/48
2a12:3fc2:e800::/40
Signature Algorithm: sha256WithRSAEncryption
76:55:53:41:b9:88:78:85:df:53:cd:cd:35:cd:a1:aa:de:44:
a6:70:12:65:09:48:c0:8e:e3:a4:91:4c:af:e3:65:a1:06:25:
fc:ec:dd:4b:2a:13:28:fa:8e:0a:2e:22:aa:dc:9e:1e:84:17:
20:51:54:2c:4b:04:80:0b:ed:4f:b3:45:f7:72:b1:43:20:97:
6a:32:f8:72:61:6d:4e:bf:90:9b:23:99:ff:ad:57:88:ab:b4:
1a:6e:4f:29:86:93:dd:60:47:68:79:88:51:7f:b7:98:4e:d1:
42:4a:54:fe:12:3f:31:6f:48:2d:9c:cd:76:a8:c5:a1:35:70:
ef:2a:dc:1d:6d:0c:28:5b:ff:bb:07:b0:8e:58:12:9d:32:9c:
92:ce:4a:23:a8:6e:bc:69:55:78:0e:2d:e3:9e:59:9a:70:21:
e8:98:f8:9e:39:a0:d3:85:e7:56:63:c4:63:a1:a6:33:da:16:
c8:c6:cd:61:4f:e0:09:c6:b6:5d:7f:b3:ea:72:8e:1b:06:e1:
f6:69:0f:9f:dc:42:7f:e8:3c:7c:e3:0f:63:49:9f:1d:8b:99:
f9:57:6f:36:44:dd:2c:33:ec:78:ce:51:1b:c3:59:44:cc:cf:
8a:ba:c5:52:88:f3:00:ea:64:e5:74:b1:77:35:6e:f0:75:84:
1d:e6:42:92
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYWLT4STTouawCdoc5p2EmkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMwMTA3MDgxODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEyNjc2MTJiZjZmM2MzMjlkYWU2ZGUxM2UyODdlNjZkZjM0NDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZ9jKuOg47ZYOltj8c/A8IhdeDmO
j2BE3Mhng8WpL6AVG0SpK3D5CyOe5AhInTgT8OcoU5fMR2OJPIIngPCwC8gJ88FG
rCNkmPPc0pG0IxEs6ijUgnaOAEa3fPixBiMAU7UzhA9b1OoYvaRcYs3hodDKDNHG
uAMR+XzM9mI08/iTAWYnLtIvx8KqfDqQ7zk6hIakkaiK7aIanOSntqczxGlNWf+H
xaYp076W30v53Eaggq5HiMOAO5/PndhLfCZ5vRru7ICQJmL/Q98qUDaYwupQ4GFp
yNHGGA9JvZYKSr6YHw0exq2XaJxonjbbB607/tOQtr3Vp6aDVgB5Yh3MVwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFN+iZ2Er9vPDKdrm3hPih+Zt80RiMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvMzZKbllTdjI4OE1wMnViZUUtS0g1bTN6UkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYEKhI/woAD
BwAqEj/C5y0DBgAqEj/C6DANBgkqhkiG9w0BAQsFAAOCAQEAdlVTQbmIeIXfU83N
Nc2hqt5EpnASZQlIwI7jpJFMr+NloQYl/OzdSyoTKPqOCi4iqtyeHoQXIFFULEsE
gAvtT7NF93KxQyCXajL4cmFtTr+QmyOZ/61XiKu0Gm5PKYaT3WBHaHmIUX+3mE7R
QkpU/hI/MW9ILZzNdqjFoTVw7yrcHW0MKFv/uwewjlgSnTKcks5KI6huvGlVeA4t
455ZmnAh6Jj4njmg04XnVmPEY6GmM9oWyMbNYU/gCca2XX+z6nKOGwbh9mkPn9xC
f+g8fOMPY0mfHYuZ+VdvNkTdLDPseM5RG8NZRMzPirrFUojzAOpk5XSxdzVu8HWE
HeZCkg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:41 2025 by rpki-client