Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/D8-2aLbcxr2meDYq8GJXNb1zYxM.roa
File: D8-2aLbcxr2meDYq8GJXNb1zYxM.roa (raw, json)
Hash identifier: CDXWIG5UtGoX1AkHsyHLomAwUeTYh/xCSVhI2rQKths=
Subject key identifier: 0F:CF:B6:68:B6:DC:C6:BD:A6:78:36:2A:F0:62:57:35:BD:73:63:13
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018E949F814E42F993FC61180BEE184160A4
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/D8-2aLbcxr2meDYq8GJXNb1zYxM.roa
Signing time: Sun 31 Mar 2024 13:07:45 +0000
ROA not before: Sun 31 Mar 2024 13:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215256
IP address blocks: 2a12:3fc5::/36 maxlen: 36
2a12:3fc5:1000::/36 maxlen: 36
2a12:3fc5:2000::/36 maxlen: 36
2a12:3fc5:3000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:94:9f:81:4e:42:f9:93:fc:61:18:0b:ee:18:41:60:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Mar 31 13:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fcfb668b6dcc6bda678362af0625735bd736313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ed:27:ce:c0:bc:fc:3b:b5:18:d2:a3:0c:53:
a1:33:8e:98:44:f1:05:4f:c9:85:78:ff:c2:0d:17:
ee:17:0d:85:8e:5d:68:94:58:09:3d:11:4f:9d:96:
1a:49:1c:ea:05:8e:69:66:f0:5b:d3:43:a2:21:12:
ed:35:42:c4:85:44:e9:01:cb:78:d4:4e:7d:bd:f0:
cd:12:7d:93:60:a6:4e:de:ee:ae:68:80:c8:a8:e9:
2a:e8:30:86:80:99:ce:31:23:cb:d7:39:32:b6:b6:
e7:9f:d0:41:99:07:1a:6e:af:8e:0a:0c:14:f8:a4:
9c:d0:82:79:de:d5:20:5b:e0:26:d6:7b:26:78:28:
c9:bc:96:1e:f7:ba:ec:15:77:fd:66:ff:1d:8a:d2:
ce:9e:4f:5c:d0:81:69:04:73:b7:a1:5d:75:54:c0:
fc:63:e3:fc:74:88:a9:ab:e5:cd:c6:ea:c1:45:b4:
75:ad:ca:ab:d0:0c:de:46:65:59:3b:2a:3a:60:ce:
cf:eb:ce:24:7b:36:32:2d:43:13:da:52:5d:c5:47:
dd:d6:3b:13:63:0f:fb:48:97:e5:60:15:ff:01:bb:
65:2f:29:d4:9b:8b:00:24:06:53:50:38:91:c1:b0:
7d:65:3c:ca:53:55:9d:30:3e:e3:2d:14:dd:bc:63:
90:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CF:B6:68:B6:DC:C6:BD:A6:78:36:2A:F0:62:57:35:BD:73:63:13
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/D8-2aLbcxr2meDYq8GJXNb1zYxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc5::/34
Signature Algorithm: sha256WithRSAEncryption
4e:8d:44:60:01:6d:87:10:e8:c8:02:bc:37:a9:ec:70:89:15:
9a:66:81:eb:9d:14:4d:67:b4:2a:81:7a:5f:d5:c9:9b:fc:c7:
dc:7c:e8:1f:b1:0f:4f:38:f9:90:6c:87:f4:b9:46:cc:1d:0d:
61:5a:80:4a:6f:e9:0d:a9:a4:18:3d:09:bf:6b:3a:55:e2:1b:
e6:d1:17:d1:1e:6d:b8:8b:f4:c3:62:a1:fc:78:8e:5a:ae:43:
e5:7d:d5:86:4d:fa:b1:36:74:a8:ad:59:e5:d6:61:c7:b1:ee:
26:df:58:95:6d:08:1f:6c:3e:3c:60:9d:bb:b8:11:7a:be:42:
e2:ac:7a:2a:63:cd:77:a5:39:f5:72:21:94:62:8e:c7:d4:8c:
bc:c9:0e:8c:3d:6b:22:e7:6e:dc:86:c9:ec:30:7f:49:95:7b:
04:30:d4:9b:bc:ec:6e:d9:d5:8c:b8:d1:dd:91:a3:07:18:a5:
5d:f0:a1:fb:79:7f:7e:3d:ca:49:3c:3a:00:ed:e2:17:4b:77:
e3:fd:30:29:d7:26:c8:e8:90:2b:00:a8:32:17:01:59:92:b8:
4d:f5:72:f5:0c:08:7e:a6:d5:32:6f:b8:bb:04:93:6b:88:7c:
8e:28:fd:1b:bb:2f:79:9d:a8:c2:65:5b:de:b4:e6:d5:2d:aa:
26:52:e5:84
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY6Un4FOQvmT/GEYC+4YQWCkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwMzMxMTMwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmNmYjY2OGI2ZGNjNmJkYTY3ODM2MmFmMDYyNTczNWJkNzM2MzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+0nzsC8/Du1GNKjDFOhM46YRPEF
T8mFeP/CDRfuFw2Fjl1olFgJPRFPnZYaSRzqBY5pZvBb00OiIRLtNULEhUTpAct4
1E59vfDNEn2TYKZO3u6uaIDIqOkq6DCGgJnOMSPL1zkytrbnn9BBmQcabq+OCgwU
+KSc0IJ53tUgW+Am1nsmeCjJvJYe97rsFXf9Zv8ditLOnk9c0IFpBHO3oV11VMD8
Y+P8dIipq+XNxurBRbR1rcqr0AzeRmVZOyo6YM7P684kezYyLUMT2lJdxUfd1jsT
Yw/7SJflYBX/AbtlLynUm4sAJAZTUDiRwbB9ZTzKU1WdMD7jLRTdvGOQUQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA/Ptmi23Ma9png2KvBiVzW9c2MTMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvRDgtMmFMYmN4cjJtZURZcThHSlhOYjF6WXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGKhI/xQAw
DQYJKoZIhvcNAQELBQADggEBAE6NRGABbYcQ6MgCvDep7HCJFZpmgeudFE1ntCqB
el/VyZv8x9x86B+xD084+ZBsh/S5RswdDWFagEpv6Q2ppBg9Cb9rOlXiG+bRF9Ee
bbiL9MNiofx4jlquQ+V91YZN+rE2dKitWeXWYcex7ibfWJVtCB9sPjxgnbu4EXq+
QuKseipjzXelOfVyIZRijsfUjLzJDow9ayLnbtyGyewwf0mVewQw1Ju87G7Z1Yy4
0d2RowcYpV3woft5f349ykk8OgDt4hdLd+P9MCnXJsjokCsAqDIXAVmSuE31cvUM
CH6m1TJvuLsEk2uIfI4o/Ru7L3mdqMJlW9605tUtqiZS5YQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:01 2025 by rpki-client