Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/SUsA2YF3jC4d9s6UP2RQzZxGoPI.roa
File: SUsA2YF3jC4d9s6UP2RQzZxGoPI.roa (raw, json)
Hash identifier: 8q4GgVJJvG50GODDyPo70dKOxePM/uGcXeYJQ0QCxpc=
Subject key identifier: 49:4B:00:D9:81:77:8C:2E:1D:F6:CE:94:3F:64:50:CD:9C:46:A0:F2
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 01942067EBC2B600BFE9EB4C8C4C5ED9141C
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/SUsA2YF3jC4d9s6UP2RQzZxGoPI.roa
Signing time: Wed 01 Jan 2025 05:47:49 +0000
ROA not before: Wed 01 Jan 2025 05:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202811
IP address blocks: 2a12:3fc0:2028::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:eb:c2:b6:00:bf:e9:eb:4c:8c:4c:5e:d9:14:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 05:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=494b00d981778c2e1df6ce943f6450cd9c46a0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d9:6b:f5:9c:74:62:48:2a:64:0f:26:78:3a:
d7:b0:62:dd:c5:1b:c7:90:7d:a9:9a:ba:3f:b1:46:
45:e3:38:f7:2b:60:d3:9b:37:7d:96:a1:63:08:d5:
09:bb:25:9b:d8:71:58:d2:d3:1c:54:4d:ef:e2:44:
55:89:5e:90:07:32:7b:0a:5b:3f:4c:49:60:e6:9d:
fb:65:1f:4d:e5:f6:f8:be:5e:5a:c3:e4:1a:57:0b:
e3:62:8e:d9:9f:cf:ae:5b:b2:19:1a:31:d0:1a:d8:
92:98:7d:73:41:5c:35:75:31:3a:94:15:ae:4a:27:
33:e9:b3:29:ce:2b:33:26:8d:2e:fa:7b:6b:4c:8b:
41:04:d6:d2:e6:b0:a9:3e:d2:72:cc:5c:5d:fc:4f:
a8:dc:08:8d:24:b6:08:82:4d:50:58:48:b5:33:21:
f5:a5:8a:7d:0a:fc:88:3e:ba:9a:5e:2e:09:a1:96:
82:2e:c7:87:0d:75:51:bb:f3:f3:c6:aa:9c:18:38:
8e:a9:6f:76:b8:07:6a:3b:a8:99:50:3b:55:94:f5:
17:59:cd:c6:fc:fc:3b:da:8f:ec:8b:e6:66:e6:2b:
72:49:30:06:54:40:ee:bf:5d:f6:4b:4d:d9:f0:69:
e3:86:dc:ae:1f:3a:ed:32:45:60:1c:e1:35:69:d3:
83:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:4B:00:D9:81:77:8C:2E:1D:F6:CE:94:3F:64:50:CD:9C:46:A0:F2
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/SUsA2YF3jC4d9s6UP2RQzZxGoPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc0:2028::/48
Signature Algorithm: sha256WithRSAEncryption
1d:a4:57:83:47:36:48:ec:e5:6c:62:8d:eb:bc:e9:51:a9:81:
a9:2a:c8:cb:59:c4:34:d9:28:67:53:37:65:cf:97:6e:af:d2:
e4:c3:f0:9d:44:04:b3:34:4c:6b:6e:ac:c2:f4:75:31:e0:a7:
78:16:6f:0c:b5:a1:21:1c:12:0c:9d:6c:7b:34:a9:78:ad:bd:
4b:d6:a7:b2:4f:ce:2a:7c:3e:28:f3:18:74:7e:e2:0b:74:bf:
6b:3b:43:31:df:7e:ce:c6:92:7f:5a:a1:01:81:ce:fc:5d:a4:
6d:d3:46:07:92:97:3d:eb:43:27:98:33:7e:91:7f:c5:f3:36:
99:f0:38:eb:fd:b2:7b:3d:9c:8b:40:13:e0:8f:52:b0:75:75:
16:fe:da:a8:8c:15:5a:87:0c:b1:7e:9b:ea:46:0d:46:83:72:
cd:51:ba:1c:46:01:f1:81:28:db:c2:e8:f6:11:73:a6:83:c8:
9a:9a:aa:57:bb:10:7d:57:aa:36:2f:38:4c:69:4b:4a:08:9e:
db:32:12:f8:4a:35:c3:57:38:fd:89:73:38:af:f4:eb:84:75:
e2:a1:d4:d6:eb:97:30:e8:b5:b1:33:b1:11:56:81:12:fb:84:
2f:50:86:ec:d2:fc:12:c3:17:86:fd:6e:44:41:11:17:82:c4:
1a:99:05:be
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQgZ+vCtgC/6etMjExe2RQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjUwMTAxMDU0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTRiMDBkOTgxNzc4YzJlMWRmNmNlOTQzZjY0NTBjZDljNDZhMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Nlr9Zx0YkgqZA8meDrXsGLdxRvH
kH2pmro/sUZF4zj3K2DTmzd9lqFjCNUJuyWb2HFY0tMcVE3v4kRViV6QBzJ7Cls/
TElg5p37ZR9N5fb4vl5aw+QaVwvjYo7Zn8+uW7IZGjHQGtiSmH1zQVw1dTE6lBWu
Sicz6bMpziszJo0u+ntrTItBBNbS5rCpPtJyzFxd/E+o3AiNJLYIgk1QWEi1MyH1
pYp9CvyIPrqaXi4JoZaCLseHDXVRu/PzxqqcGDiOqW92uAdqO6iZUDtVlPUXWc3G
/Pw72o/si+Zm5itySTAGVEDuv132S03Z8GnjhtyuHzrtMkVgHOE1adODawIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFElLANmBd4wuHfbOlD9kUM2cRqDyMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvU1VzQTJZRjNqQzRkOXM2VVAyUlF6WnhHb1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhI/wCAo
MA0GCSqGSIb3DQEBCwUAA4IBAQAdpFeDRzZI7OVsYo3rvOlRqYGpKsjLWcQ02Shn
Uzdlz5dur9Lkw/CdRASzNExrbqzC9HUx4Kd4Fm8MtaEhHBIMnWx7NKl4rb1L1qey
T84qfD4o8xh0fuILdL9rO0Mx337OxpJ/WqEBgc78XaRt00YHkpc960MnmDN+kX/F
8zaZ8Djr/bJ7PZyLQBPgj1KwdXUW/tqojBVahwyxfpvqRg1Gg3LNUbocRgHxgSjb
wuj2EXOmg8iamqpXuxB9V6o2LzhMaUtKCJ7bMhL4SjXDVzj9iXM4r/TrhHXiodTW
65cw6LWxM7ERVoES+4QvUIbs0vwSwxeG/W5EQREXgsQamQW+
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:49 2025 by rpki-client