Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/K7vhqbtLY47-cIRdJQR_OtyUMfw.roa
File: K7vhqbtLY47-cIRdJQR_OtyUMfw.roa (raw, json)
Hash identifier: WcWrYBUvI8vDpt8bdq0ZiYPsdsUCfPl+ArC2YYBI//0=
Subject key identifier: 2B:BB:E1:A9:BB:4B:63:8E:FE:70:84:5D:25:04:7F:3A:DC:94:31:FC
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C5591D45C5E1B577EFE1E90E61CC0
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/K7vhqbtLY47-cIRdJQR_OtyUMfw.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199545
IP address blocks: 2a12:bec0:e00::/43 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:55:91:d4:5c:5e:1b:57:7e:fe:1e:90:e6:1c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bbbe1a9bb4b638efe70845d25047f3adc9431fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:16:62:cf:be:cf:d8:1d:b6:13:e2:37:64:90:
28:fb:74:08:d6:42:ad:5c:c1:55:68:1c:cf:b6:9a:
c4:9e:f5:24:7b:14:43:9c:96:cd:71:1b:27:13:21:
e5:a6:7a:c8:4f:00:bf:f6:32:52:e2:a3:b5:4e:bb:
21:1e:c8:d1:59:9b:2c:21:c7:ec:79:f7:2b:28:d4:
24:9d:71:ca:d8:c2:1e:c2:61:b7:f4:b1:aa:14:0a:
00:f8:bd:7a:41:a8:36:18:7d:ba:2f:e1:ee:5b:1d:
bd:4b:89:6a:75:30:5b:02:16:c3:b2:2d:76:21:9e:
05:6e:7f:6b:b3:3f:07:f5:a5:e8:44:b4:17:2c:fd:
3f:71:5f:87:5c:32:22:91:dd:53:ab:4f:2a:ad:a7:
b9:46:c7:ab:eb:22:be:a6:62:97:d2:c4:ad:46:d2:
19:76:8c:a9:aa:cb:a0:d6:52:64:c1:84:e5:f0:f2:
12:b1:7a:47:91:4d:24:6a:cd:b5:f5:25:90:e5:8d:
45:e0:0b:c9:ea:cc:c9:51:ca:43:b1:b5:d3:97:1a:
99:7c:84:8f:89:fe:e7:22:b0:6c:e7:9f:1e:f6:5d:
9d:39:e9:e3:4f:cf:ae:78:dd:d7:0e:a9:93:20:d9:
53:11:85:2b:2c:10:1c:c9:ea:6f:ab:17:2c:9c:59:
f6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BB:E1:A9:BB:4B:63:8E:FE:70:84:5D:25:04:7F:3A:DC:94:31:FC
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/K7vhqbtLY47-cIRdJQR_OtyUMfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:e00::/43
Signature Algorithm: sha256WithRSAEncryption
14:ab:03:d1:90:32:ea:3b:89:e7:60:c6:78:f9:d3:46:5e:1f:
0f:92:23:32:9a:18:e0:18:ac:2b:e0:bc:2b:c5:8e:a8:ee:ef:
52:b0:f3:bb:c9:0a:39:39:94:68:c4:0a:b5:7f:5d:dc:0f:53:
00:90:4c:9d:38:0c:c0:22:ca:c4:4f:47:a5:3f:59:a3:2f:c2:
91:83:43:16:74:43:b0:28:a1:0c:cb:32:d6:1e:4d:18:d2:07:
7c:64:80:b7:27:1b:73:15:4f:c0:fb:59:de:45:86:b8:11:d9:
de:49:00:be:7b:ca:47:e1:db:58:1c:61:10:aa:b7:c2:7a:a9:
c7:52:e0:ba:d2:6d:0e:a4:ba:60:f7:8a:31:0d:5f:0d:2d:86:
a3:10:e9:ea:74:9a:69:8f:9b:5b:61:ae:fe:17:29:1f:52:97:
eb:3a:40:e5:ed:36:7c:9a:08:b5:5e:2e:66:8f:dd:e3:62:16:
30:2f:e8:4a:85:6b:ad:3a:4a:7d:5c:5a:48:f9:5f:14:3d:67:
a2:b5:bb:30:7e:10:37:28:04:a2:52:bf:cb:e3:1d:44:93:2c:
48:51:73:bf:8f:c5:5f:f4:f2:1f:62:41:99:23:06:19:18:be:
1b:42:94:45:4d:ad:56:c3:6e:44:7c:eb:4d:7a:bf:63:3f:cc:
7b:c1:cf:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjFWR1FxeG1d+/h6Q5hzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmJiZTFhOWJiNGI2MzhlZmU3MDg0NWQyNTA0N2YzYWRjOTQzMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBZiz77P2B22E+I3ZJAo+3QI1kKt
XMFVaBzPtprEnvUkexRDnJbNcRsnEyHlpnrITwC/9jJS4qO1TrshHsjRWZssIcfs
efcrKNQknXHK2MIewmG39LGqFAoA+L16Qag2GH26L+HuWx29S4lqdTBbAhbDsi12
IZ4Fbn9rsz8H9aXoRLQXLP0/cV+HXDIikd1Tq08qrae5Rser6yK+pmKX0sStRtIZ
doypqsug1lJkwYTl8PISsXpHkU0kas219SWQ5Y1F4AvJ6szJUcpDsbXTlxqZfISP
if7nIrBs558e9l2dOenjT8+ueN3XDqmTINlTEYUrLBAcyepvqxcsnFn2sQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCu74am7S2OO/nCEXSUEfzrclDH8MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvSzd2aHFidExZNDctY0lSZEpRUl9PdHlVTWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcFKhK+wA4A
MA0GCSqGSIb3DQEBCwUAA4IBAQAUqwPRkDLqO4nnYMZ4+dNGXh8PkiMymhjgGKwr
4LwrxY6o7u9SsPO7yQo5OZRoxAq1f13cD1MAkEydOAzAIsrET0elP1mjL8KRg0MW
dEOwKKEMyzLWHk0Y0gd8ZIC3JxtzFU/A+1neRYa4EdneSQC+e8pH4dtYHGEQqrfC
eqnHUuC60m0OpLpg94oxDV8NLYajEOnqdJppj5tbYa7+FykfUpfrOkDl7TZ8mgi1
Xi5mj93jYhYwL+hKhWutOkp9XFpI+V8UPWeitbswfhA3KASiUr/L4x1EkyxIUXO/
j8Vf9PIfYkGZIwYZGL4bQpRFTa1Ww25EfOtNer9jP8x7wc9X
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:59:16 2025 by rpki-client