Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/aaPCQ3vYc10mi-8M5KP_x-4UjqI.roa
File: aaPCQ3vYc10mi-8M5KP_x-4UjqI.roa (raw, json)
Hash identifier: k87j6NF+EKH8P+VssVknz/tteS+89PmRGUWHWReOd5U=
Subject key identifier: 69:A3:C2:43:7B:D8:73:5D:26:8B:EF:0C:E4:A3:FF:C7:EE:14:8E:A2
Certificate issuer: /CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Certificate serial: 0194258EDC110573E03ED6E9087915D625DA
Authority key identifier: 43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/aaPCQ3vYc10mi-8M5KP_x-4UjqI.roa
Signing time: Thu 02 Jan 2025 05:48:26 +0000
ROA not before: Thu 02 Jan 2025 05:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210335
IP address blocks: 2a12:7a40:990b::/48 maxlen: 48
2a12:7a40:991b::/48 maxlen: 48
2a12:7a40:992b::/48 maxlen: 48
2a12:7a40:993b::/48 maxlen: 48
2a12:7a40:994b::/48 maxlen: 48
2a12:7a40:995b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:dc:11:05:73:e0:3e:d6:e9:08:79:15:d6:25:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4354a419225d5d79f4a1ae1520a3b1a56d45268c
Validity
Not Before: Jan 2 05:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69a3c2437bd8735d268bef0ce4a3ffc7ee148ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:66:86:fc:eb:45:11:a4:be:7d:2b:10:e9:d1:
d3:f8:3f:a6:2a:fd:19:69:fa:af:67:2d:3d:cf:bd:
ab:32:4c:6c:26:d8:ed:97:64:7f:12:35:83:15:2c:
38:3d:63:fc:65:1c:ef:a5:55:83:4e:fb:e8:86:61:
c6:8a:09:b1:10:7d:e0:2e:b2:f9:2f:41:a4:5e:73:
81:28:db:59:bf:0f:d8:44:0e:1d:c8:3c:84:66:28:
cf:88:98:ca:61:69:6c:7e:aa:c4:64:3e:5f:c6:97:
86:f3:b3:92:36:8b:97:7c:78:54:b6:c2:4e:a0:b6:
02:80:b9:8a:3b:2b:95:a7:7b:e6:c0:d4:b7:a0:a7:
2e:3b:9d:d6:33:eb:eb:33:c0:31:ba:4e:1f:a9:85:
31:03:09:62:34:ea:b5:29:d9:3c:7a:83:db:ba:a3:
00:1e:64:51:78:1e:39:89:f0:80:fb:d8:9b:a0:ef:
8c:13:17:b7:7e:5c:70:96:94:d9:86:9f:3d:f8:77:
13:14:59:a0:e9:19:fa:c7:7d:f7:b1:5a:0e:06:c8:
d6:95:7a:cf:54:ce:08:ee:9e:51:0e:9f:7b:f2:6f:
0e:b9:cc:1e:ac:d5:ca:38:39:d6:93:c5:d2:9b:49:
81:50:d9:4a:c8:fc:f5:92:ad:23:63:7d:9d:eb:64:
68:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A3:C2:43:7B:D8:73:5D:26:8B:EF:0C:E4:A3:FF:C7:EE:14:8E:A2
X509v3 Authority Key Identifier:
keyid:43:54:A4:19:22:5D:5D:79:F4:A1:AE:15:20:A3:B1:A5:6D:45:26:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1SkGSJdXXn0oa4VIKOxpW1FJow.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/aaPCQ3vYc10mi-8M5KP_x-4UjqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/0fddf0-8bbf-4350-bffa-688d51a44448/1/Q1SkGSJdXXn0oa4VIKOxpW1FJow.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:7a40:990b::/48
2a12:7a40:991b::/48
2a12:7a40:992b::/48
2a12:7a40:993b::/48
2a12:7a40:994b::/48
2a12:7a40:995b::/48
Signature Algorithm: sha256WithRSAEncryption
8e:5a:70:b6:c0:e6:13:4d:01:ee:ed:49:84:01:56:11:d3:6b:
e3:58:dc:18:ea:5e:39:86:5f:c5:31:c0:de:c1:31:2e:df:bd:
38:a2:3a:6a:9c:50:c4:b4:83:49:6c:24:e1:ba:f0:2e:8a:a8:
2f:73:d2:e0:12:3c:cd:91:fd:ee:7d:be:3d:a4:9a:ea:1c:b0:
7a:17:a5:77:52:2d:c4:4d:86:62:ad:c2:6f:28:f4:23:dc:b8:
e2:6c:17:f1:7f:0c:17:a3:f9:6c:77:99:e0:b1:6c:cc:b7:90:
93:4f:63:08:7a:13:92:60:2e:96:ec:ed:62:53:e4:fc:a2:5f:
c7:97:ac:55:b2:67:eb:1e:54:08:f4:dc:d8:88:b9:53:99:78:
0f:ed:a6:f4:be:fe:20:2e:e7:34:aa:32:3c:d1:ec:5d:08:84:
a9:ce:65:78:60:75:78:ac:c0:ea:5e:36:ce:7e:71:fb:1c:7f:
c6:ac:c4:2b:b1:b8:ef:d5:f1:17:83:65:a2:3d:f1:fd:bf:71:
c8:ca:68:ce:28:90:17:c1:85:e2:4a:55:b1:a4:79:a1:d2:53:
41:a4:11:ed:0d:eb:44:28:9a:b2:fe:7b:cd:ce:e3:39:b0:3c:
66:25:11:58:69:4d:a8:d1:f9:28:77:ce:ca:26:c0:a5:6e:0a:
4b:e3:3c:82
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQljtwRBXPgPtbpCHkV1iXaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTRhNDE5MjI1ZDVkNzlmNGExYWUxNTIwYTNiMWE1NmQ0
NTI2OGMwHhcNMjUwMTAyMDU0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWEzYzI0MzdiZDg3MzVkMjY4YmVmMGNlNGEzZmZjN2VlMTQ4ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGaG/OtFEaS+fSsQ6dHT+D+mKv0Z
afqvZy09z72rMkxsJtjtl2R/EjWDFSw4PWP8ZRzvpVWDTvvohmHGigmxEH3gLrL5
L0GkXnOBKNtZvw/YRA4dyDyEZijPiJjKYWlsfqrEZD5fxpeG87OSNouXfHhUtsJO
oLYCgLmKOyuVp3vmwNS3oKcuO53WM+vrM8Axuk4fqYUxAwliNOq1Kdk8eoPbuqMA
HmRReB45ifCA+9iboO+MExe3flxwlpTZhp89+HcTFFmg6Rn6x333sVoOBsjWlXrP
VM4I7p5RDp978m8OucwerNXKODnWk8XSm0mBUNlKyPz1kq0jY32d62RoHwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGmjwkN72HNdJovvDOSj/8fuFI6iMB8GA1UdIwQY
MBaAFENUpBkiXV159KGuFSCjsaVtRSaMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEt
Njg4ZDUxYTQ0NDQ4LzEvYWFQQ1EzdlljMTBtaS04TTVLUF94LTRVanFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wZmRkZjAtOGJiZi00MzUwLWJmZmEtNjg4ZDUxYTQ0NDQ4
LzEvUTFTa0dTSmRYWG4wb2E0VklLT3hwVzFGSm93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKhJ6QJkL
AwcAKhJ6QJkbAwcAKhJ6QJkrAwcAKhJ6QJk7AwcAKhJ6QJlLAwcAKhJ6QJlbMA0G
CSqGSIb3DQEBCwUAA4IBAQCOWnC2wOYTTQHu7UmEAVYR02vjWNwY6l45hl/FMcDe
wTEu3704ojpqnFDEtINJbCThuvAuiqgvc9LgEjzNkf3ufb49pJrqHLB6F6V3Ui3E
TYZircJvKPQj3LjibBfxfwwXo/lsd5ngsWzMt5CTT2MIehOSYC6W7O1iU+T8ol/H
l6xVsmfrHlQI9NzYiLlTmXgP7ab0vv4gLuc0qjI80exdCISpzmV4YHV4rMDqXjbO
fnH7HH/GrMQrsbjv1fEXg2WiPfH9v3HIymjOKJAXwYXiSlWxpHmh0lNBpBHtDetE
KJqy/nvNzuM5sDxmJRFYaU2o0fkod87KJsClbgpL4zyC
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:42:10 2025 by rpki-client