Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/CmATYqj6jQvzx4rHwBcOkCtUhIk.roa
File: CmATYqj6jQvzx4rHwBcOkCtUhIk.roa (raw, json)
Hash identifier: wCAMKr/Y2fzEEjDYyFsr2Wg7ct5SzlShHi0wGCNnvBc=
Subject key identifier: 0A:60:13:62:A8:FA:8D:0B:F3:C7:8A:C7:C0:17:0E:90:2B:54:84:89
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 1F9141
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/CmATYqj6jQvzx4rHwBcOkCtUhIk.roa
Signing time: Thu 20 Jan 2022 12:12:53 +0000
ROA not before: Thu 20 Jan 2022 12:12:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39753
IP address blocks: 2a12:3fc7:8000::/33 maxlen: 48
2a12:3fc7::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2068801 (0x1f9141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 20 12:12:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a601362a8fa8d0bf3c78ac7c0170e902b548489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:6c:eb:4a:5b:c6:42:66:99:14:ca:3e:0f:
e9:44:e0:3e:ea:5b:66:be:b3:a1:86:0d:26:f0:32:
b5:82:e7:0e:a6:20:26:08:a2:19:74:eb:87:ef:cf:
83:98:39:6c:8e:f2:64:38:72:56:9e:94:2e:5f:fc:
07:e0:65:4d:70:8d:4b:fd:b2:6d:63:27:c0:a7:54:
af:8c:7d:0a:e1:5a:30:5d:5e:27:96:c3:50:2f:12:
18:a0:62:cc:d7:2b:98:18:7f:70:d7:39:ad:8c:52:
eb:48:03:cb:5e:00:9a:7a:7d:be:2a:2e:a3:2f:1f:
0b:b4:1d:b0:e2:43:59:2f:75:b9:2d:c0:85:9e:66:
8a:48:5e:a7:3a:a8:b4:84:e0:47:b3:6a:c4:e9:b2:
bf:14:ba:b3:0f:a1:5c:37:2e:48:dc:ba:15:55:15:
43:69:96:e8:fb:03:2b:5f:a6:27:4c:53:c4:4b:80:
6d:2e:32:57:74:b8:15:80:79:ff:42:ee:44:2e:3c:
b4:5a:51:d4:b8:85:f1:32:0a:dd:3b:71:d3:35:52:
a2:17:bb:6d:e8:62:7c:c6:de:ea:5a:68:b4:d4:09:
8b:91:e1:37:7c:3d:df:af:a0:b6:3e:fe:5b:9a:10:
21:f9:e4:11:7f:a6:9c:ff:c8:a6:b9:03:1d:c7:db:
79:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:60:13:62:A8:FA:8D:0B:F3:C7:8A:C7:C0:17:0E:90:2B:54:84:89
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/CmATYqj6jQvzx4rHwBcOkCtUhIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc7::/48
2a12:3fc7:8000::/33
Signature Algorithm: sha256WithRSAEncryption
25:b9:2b:6c:71:45:70:17:f4:78:9f:51:04:6c:b5:81:53:52:
fe:4f:8b:44:f1:f8:3a:e7:cf:d0:91:ce:68:8b:eb:47:7e:66:
08:5b:6a:14:3f:d6:1b:21:fc:be:f7:78:79:db:a3:d7:5b:6f:
b7:51:a3:74:27:2c:14:ce:28:5f:ac:a1:b7:14:1b:ca:03:96:
d1:c3:3b:c8:e7:af:3f:b8:f3:80:7b:3e:4c:9e:c3:49:1d:94:
bb:3c:1c:a9:ec:4f:d2:82:5e:39:09:52:94:3c:21:ba:29:f3:
cf:df:1f:de:c1:3e:aa:ed:4f:dd:4d:75:58:99:bd:27:9e:e4:
8b:69:ee:35:aa:97:94:31:bb:5e:08:e9:fd:ee:35:45:c9:b4:
a0:36:b8:1e:c2:25:07:00:40:4c:20:8d:4d:0e:ab:52:c4:da:
04:c2:f9:48:65:e1:9d:98:bd:81:f8:b8:70:71:6c:9a:4a:9d:
ec:e2:b3:ae:03:80:68:a4:84:6e:f7:fe:9e:63:59:af:4b:92:
59:ea:48:a6:d9:88:fa:55:64:59:55:f3:6c:2c:8f:1f:45:d8:
54:b8:6f:1b:19:c2:04:5f:c4:8c:43:40:11:2a:6f:f6:cd:01:
5b:1e:6d:11:db:dc:8a:40:11:77:ce:1f:ea:9c:5b:0b:3d:5e:
3c:8c:1e:a3
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgIDH5FBMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc5
OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFlMWQ2M2QwHhcNMjIwMTIw
MTIxMjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwYTYwMTM2MmE4ZmE4
ZDBiZjNjNzhhYzdjMDE3MGU5MDJiNTQ4NDg5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyGVs60pbxkJmmRTKPg/pROA+6ltmvrOhhg0m8DK1gucOpiAm
CKIZdOuH78+DmDlsjvJkOHJWnpQuX/wH4GVNcI1L/bJtYyfAp1SvjH0K4VowXV4n
lsNQLxIYoGLM1yuYGH9w1zmtjFLrSAPLXgCaen2+Ki6jLx8LtB2w4kNZL3W5LcCF
nmaKSF6nOqi0hOBHs2rE6bK/FLqzD6FcNy5I3LoVVRVDaZbo+wMrX6YnTFPES4Bt
LjJXdLgVgHn/Qu5ELjy0WlHUuIXxMgrdO3HTNVKiF7tt6GJ8xt7qWmi01AmLkeE3
fD3fr6C2Pv5bmhAh+eQRf6ac/8imuQMdx9t5NwIDAQABo4ICFDCCAhAwHQYDVR0O
BBYEFApgE2Ko+o0L88eKx8AXDpArVISJMB8GA1UdIwQYMBaAFHmPex/YArPcar16
XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
ZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUxLzEv
Q21BVFlxajZqUXZ6eDRySHdCY09rQ3RVaElrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8z
MDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUxLzEvZVk5N0g5Z0NzOXhx
dlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCoG
CCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhI/xwAAAwYHKhI/x4AwDQYJKoZI
hvcNAQELBQADggEBACW5K2xxRXAX9HifUQRstYFTUv5Pi0Tx+Drnz9CRzmiL60d+
ZghbahQ/1hsh/L73eHnbo9dbb7dRo3QnLBTOKF+sobcUG8oDltHDO8jnrz+484B7
Pkyew0kdlLs8HKnsT9KCXjkJUpQ8Ibop88/fH97BPqrtT91NdViZvSee5Itp7jWq
l5Qxu14I6f3uNUXJtKA2uB7CJQcAQEwgjU0Oq1LE2gTC+Uhl4Z2YvYH4uHBxbJpK
nezis64DgGikhG73/p5jWa9LklnqSKbZiPpVZFlV82wsjx9F2FS4bxsZwgRfxIxD
QBEqb/bNAVsebRHb3IpAEXfOH+qcWws9XjyMHqM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:55:58 2025 by rpki-client