Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/JdTk1TnQH71jFYvInfPwfk-yQB4.roa
File: JdTk1TnQH71jFYvInfPwfk-yQB4.roa (raw, json)
Hash identifier: Z+f1zIBP++DbhLn+lofL7wyyJjh5HHatBE1GvF58QhA=
Subject key identifier: 25:D4:E4:D5:39:D0:1F:BD:63:15:8B:C8:9D:F3:F0:7E:4F:B2:40:1E
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067E74D2DA7C9025BFC0CC728F5F82B
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/JdTk1TnQH71jFYvInfPwfk-yQB4.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139328
IP address blocks: 2a12:3fc2:8000::/36 maxlen: 48
2a12:3fc2:e72d::/48 maxlen: 48
2a12:3fc2:e800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e7:4d:2d:a7:c9:02:5b:fc:0c:c7:28:f5:f8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25d4e4d539d01fbd63158bc89df3f07e4fb2401e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d9:5f:45:75:ae:42:1f:0a:61:42:b5:cc:da:
1e:b4:dd:4a:3c:a2:1b:ca:bf:c9:e4:8f:89:62:15:
71:52:45:79:22:c1:87:86:d0:11:9d:63:06:ac:ca:
fa:a1:46:36:1e:1f:0d:7b:b6:84:1f:1c:fd:87:fd:
73:9a:e7:45:ce:c4:3d:4a:98:dc:eb:f2:25:1d:b8:
56:11:a2:96:ea:78:28:77:15:f5:46:c5:fc:7e:9a:
20:96:b3:85:59:12:da:fe:96:30:93:b7:0f:82:54:
79:96:35:85:a4:a7:e7:da:a7:5e:2a:97:5a:ca:ce:
00:13:c8:4b:3b:69:58:4e:cc:0a:a0:70:d6:cc:6e:
b1:fd:f5:72:d7:cc:4c:a6:8a:25:96:07:0b:d5:f4:
18:bc:68:90:e8:98:f7:d2:e4:f6:72:c3:1f:21:a5:
2a:1e:17:84:ed:1f:fa:01:a9:8f:ae:07:65:af:f0:
5d:53:2a:2b:1f:26:8b:0a:c6:77:a7:ad:7f:86:e6:
11:7e:46:0a:50:8a:15:d5:1b:af:48:fa:5e:db:7e:
5c:cd:c9:18:07:d0:4c:c2:ee:7f:ad:f0:2c:65:43:
16:02:0e:ed:5b:a5:6c:20:19:d5:9d:5d:19:c9:9a:
6d:dc:39:61:69:2e:b5:57:7e:61:51:44:34:66:af:
54:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D4:E4:D5:39:D0:1F:BD:63:15:8B:C8:9D:F3:F0:7E:4F:B2:40:1E
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/JdTk1TnQH71jFYvInfPwfk-yQB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc2:8000::/36
2a12:3fc2:e72d::/48
2a12:3fc2:e800::/40
Signature Algorithm: sha256WithRSAEncryption
46:02:2d:aa:cd:01:35:7c:b2:70:39:d2:b4:8b:ea:c8:a3:a9:
9e:95:6f:06:9a:3e:23:ef:be:9f:b5:f2:e8:5d:99:b9:8f:34:
d9:0f:8f:0d:18:72:66:00:12:a8:9b:b4:7c:51:e9:c5:a4:cc:
17:a2:4b:c2:f1:fd:e5:a7:d0:46:5e:73:c2:5a:8e:bc:15:7f:
8d:8d:63:5c:4a:e4:81:f5:26:1b:b1:85:75:2f:38:c9:a3:69:
0e:b3:df:88:4c:85:c0:28:86:cb:f7:a8:b1:0f:ff:89:ba:b7:
d4:ac:79:c4:9b:cd:e9:ee:ae:29:3f:79:78:40:95:a6:3d:19:
3b:66:fb:23:06:de:97:ba:99:51:14:6c:dd:56:70:c5:80:24:
5e:e2:61:3e:c9:1a:4f:bc:33:01:78:c3:19:5c:d3:1d:b1:7d:
7c:c1:44:86:e3:32:9c:d9:f0:97:f8:b4:2b:ff:48:81:d5:0b:
3d:37:d7:9c:37:00:71:b5:3c:07:ae:9c:a7:f0:10:15:bd:a7:
e6:6d:0a:61:12:92:f2:06:bf:47:d8:c3:ae:23:91:cd:ae:5b:
d7:aa:bc:e7:c4:3a:d7:81:12:8d:d1:b8:a1:00:c3:5f:5d:03:
4a:4e:d5:06:a2:45:05:54:25:97:ca:d7:54:f2:dc:bc:33:64:
72:bb:5b:12
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZQgZ+dNLafJAlv8DMco9fgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQ0ZTRkNTM5ZDAxZmJkNjMxNThiYzg5ZGYzZjA3ZTRmYjI0MDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dlfRXWuQh8KYUK1zNoetN1KPKIb
yr/J5I+JYhVxUkV5IsGHhtARnWMGrMr6oUY2Hh8Ne7aEHxz9h/1zmudFzsQ9Spjc
6/IlHbhWEaKW6ngodxX1RsX8fpoglrOFWRLa/pYwk7cPglR5ljWFpKfn2qdeKpda
ys4AE8hLO2lYTswKoHDWzG6x/fVy18xMpoollgcL1fQYvGiQ6Jj30uT2csMfIaUq
HheE7R/6AamPrgdlr/BdUyorHyaLCsZ3p61/huYRfkYKUIoV1RuvSPpe235czckY
B9BMwu5/rfAsZUMWAg7tW6VsIBnVnV0ZyZpt3DlhaS61V35hUUQ0Zq9UBQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFCXU5NU50B+9YxWLyJ3z8H5PskAeMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvSmRUazFUblFINzFqRll2SW5mUHdmay15UUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYEKhI/woAD
BwAqEj/C5y0DBgAqEj/C6DANBgkqhkiG9w0BAQsFAAOCAQEARgItqs0BNXyycDnS
tIvqyKOpnpVvBpo+I+++n7Xy6F2ZuY802Q+PDRhyZgASqJu0fFHpxaTMF6JLwvH9
5afQRl5zwlqOvBV/jY1jXErkgfUmG7GFdS84yaNpDrPfiEyFwCiGy/eosQ//ibq3
1Kx5xJvN6e6uKT95eECVpj0ZO2b7Iwbel7qZURRs3VZwxYAkXuJhPskaT7wzAXjD
GVzTHbF9fMFEhuMynNnwl/i0K/9IgdULPTfXnDcAcbU8B66cp/AQFb2n5m0KYRKS
8ga/R9jDriORza5b16q858Q614ESjdG4oQDDX10DSk7VBqJFBVQll8rXVPLcvDNk
crtbEg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:50:40 2025 by rpki-client