Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/5PdB18jPQRLZ-GAxagC-kEAe468.roa
File: 5PdB18jPQRLZ-GAxagC-kEAe468.roa (raw, json)
Hash identifier: uRNUNgX+uJB6vtFpRpJJGaEr2hDT9NTCsF5MgkWqj1U=
Subject key identifier: E4:F7:41:D7:C8:CF:41:12:D9:F8:60:31:6A:00:BE:90:40:1E:E3:AF
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067EA86D5E5B03A8D2297516713C83A
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/5PdB18jPQRLZ-GAxagC-kEAe468.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202229
IP address blocks: 2a12:3fc2:aa90::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ea:86:d5:e5:b0:3a:8d:22:97:51:67:13:c8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4f741d7c8cf4112d9f860316a00be90401ee3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:be:63:e8:7e:16:e0:5f:99:d4:07:bf:cd:af:
a3:10:05:87:06:0b:50:26:78:26:1c:98:df:74:09:
53:4c:bf:6b:66:ef:66:5a:4a:3d:c5:94:19:f3:b4:
4c:6c:4f:ba:f4:aa:e6:61:9a:00:d1:6f:ca:37:de:
61:f0:0d:5c:17:8b:0b:bc:b7:e4:37:96:c4:51:88:
ca:b5:53:11:9f:4c:30:83:0e:ae:ab:13:68:ff:36:
21:5c:44:f8:c9:e4:4d:4f:43:c6:29:52:7a:05:26:
49:e5:f3:1f:da:61:ba:91:49:de:d0:91:d3:9c:cf:
3d:f9:84:12:47:cf:12:fc:f0:40:9e:3b:8e:41:c3:
4d:51:84:ed:35:14:ed:e3:b7:58:ed:ee:2b:a2:aa:
34:3f:8e:e8:c1:58:9d:70:fb:d5:46:bd:01:ba:3b:
0d:65:25:5c:f4:e7:eb:ae:52:79:22:6f:58:c6:2a:
f0:0b:4f:6d:b6:8e:c7:64:6d:2e:37:83:19:24:c4:
dc:85:2a:a0:9a:24:9b:c7:5d:e9:1e:1d:bc:40:80:
0b:c8:d2:c0:56:1a:d8:2f:34:df:e8:d1:00:02:3b:
22:04:87:e6:a4:4f:68:c7:5c:e2:74:fe:29:74:b9:
04:7a:e2:bd:9d:78:c8:e0:ce:64:93:17:f5:e5:2f:
c6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F7:41:D7:C8:CF:41:12:D9:F8:60:31:6A:00:BE:90:40:1E:E3:AF
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/5PdB18jPQRLZ-GAxagC-kEAe468.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:aa90::/44
Signature Algorithm: sha256WithRSAEncryption
cd:f6:6a:2e:ce:5c:fe:60:3d:b1:77:d8:f9:89:64:98:dd:98:
7d:63:82:0f:b6:9a:77:ef:40:47:23:bf:50:8e:36:c3:9a:41:
43:f7:b5:eb:8e:42:e9:92:a7:68:76:c3:dd:2d:99:2c:3e:e5:
fc:01:f4:53:ec:46:b0:35:f0:90:1a:e4:af:49:96:59:4b:2d:
44:77:59:ee:e7:4f:c4:c4:a7:05:34:09:16:d0:7a:7c:98:12:
29:a9:bf:35:63:4c:e1:23:26:5b:fb:b8:b2:17:b0:8c:69:2c:
b0:18:1d:8c:c9:12:1d:fd:cd:89:94:1c:f4:bd:38:e7:e5:0f:
44:54:5b:20:43:40:30:55:35:54:4c:35:42:26:cf:1d:a4:0b:
8c:a1:91:ce:ce:fd:ee:d5:04:0a:b8:1b:e5:9c:c3:5f:99:b0:
44:56:39:4e:38:dd:34:5f:db:db:b9:9a:fa:85:1d:6e:c3:ea:
fb:3b:66:d0:cc:2a:b7:50:a7:91:8c:13:91:86:c1:a6:0d:4f:
5c:4a:9a:f4:3f:a9:b9:8e:31:5e:e0:09:76:3b:3c:18:d5:e4:
57:35:69:17:6b:e9:9c:80:ff:b6:38:e6:41:a0:af:ed:07:a4:
e4:53:5f:23:9a:de:e0:b5:15:38:06:42:08:aa:98:37:80:af:
c8:6d:26:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgZ+qG1eWwOo0il1FnE8g6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGY3NDFkN2M4Y2Y0MTEyZDlmODYwMzE2YTAwYmU5MDQwMWVlM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL5j6H4W4F+Z1Ae/za+jEAWHBgtQ
JngmHJjfdAlTTL9rZu9mWko9xZQZ87RMbE+69KrmYZoA0W/KN95h8A1cF4sLvLfk
N5bEUYjKtVMRn0wwgw6uqxNo/zYhXET4yeRNT0PGKVJ6BSZJ5fMf2mG6kUne0JHT
nM89+YQSR88S/PBAnjuOQcNNUYTtNRTt47dY7e4roqo0P47owVidcPvVRr0BujsN
ZSVc9OfrrlJ5Im9YxirwC09tto7HZG0uN4MZJMTchSqgmiSbx13pHh28QIALyNLA
VhrYLzTf6NEAAjsiBIfmpE9ox1zidP4pdLkEeuK9nXjI4M5kkxf15S/GOQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOT3QdfIz0ES2fhgMWoAvpBAHuOvMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvNVBkQjE4alBRUkxaLUdBeGFnQy1rRUFlNDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhI/wqqQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDN9mouzlz+YD2xd9j5iWSY3Zh9Y4IPtpp370BH
I79QjjbDmkFD97XrjkLpkqdodsPdLZksPuX8AfRT7EawNfCQGuSvSZZZSy1Ed1nu
50/ExKcFNAkW0Hp8mBIpqb81Y0zhIyZb+7iyF7CMaSywGB2MyRId/c2JlBz0vTjn
5Q9EVFsgQ0AwVTVUTDVCJs8dpAuMoZHOzv3u1QQKuBvlnMNfmbBEVjlOON00X9vb
uZr6hR1uw+r7O2bQzCq3UKeRjBORhsGmDU9cSpr0P6m5jjFe4Al2OzwY1eRXNWkX
a+mcgP+2OOZBoK/tB6TkU18jmt7gtRU4BkIIqpg3gK/IbSao
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:55 2025 by rpki-client