Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/U0U5fbJfnzcttib8XU9QdhTcGtk.roa
File: U0U5fbJfnzcttib8XU9QdhTcGtk.roa (raw, json)
Hash identifier: 36ZNXqKcqsI9wCFhm0CkYQj1bHERHFL4YmJShcuJEj8=
Subject key identifier: 53:45:39:7D:B2:5F:9F:37:2D:B6:26:FC:5D:4F:50:76:14:DC:1A:D9
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C560B07B89909F0410E75F929090F
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/U0U5fbJfnzcttib8XU9QdhTcGtk.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199654
IP address blocks: 2a12:bec0:200::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:56:0b:07:b8:99:09:f0:41:0e:75:f9:29:09:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5345397db25f9f372db626fc5d4f507614dc1ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:b0:ca:18:99:2f:78:e1:91:f2:56:b9:3a:
b4:3e:3f:62:b0:0c:07:22:b8:48:eb:05:c1:88:11:
2e:56:94:2b:1c:66:b9:f2:b7:36:1d:2f:30:37:c8:
03:eb:b5:fc:ba:ad:fa:fe:f7:7a:b7:74:b7:70:a3:
9e:4d:0b:23:bc:ee:bd:fc:8b:5d:e3:53:f4:13:9a:
58:af:0d:f2:cb:c4:af:f4:b1:3a:1c:3b:1c:fb:24:
3c:fa:e2:d3:34:7c:fd:61:44:0c:fb:04:e1:b9:b6:
63:37:70:70:31:d5:8f:03:65:5a:07:72:31:f8:f0:
47:37:56:ed:ae:4f:5e:ea:62:84:4a:f4:49:5b:a7:
b7:e0:de:81:49:c6:1a:b1:61:d2:93:a2:36:49:67:
46:81:c6:1a:75:9b:45:94:28:64:aa:6c:e6:4b:17:
6c:7e:0b:bd:d1:d8:f7:51:79:24:02:96:5a:00:47:
1a:aa:92:25:98:81:d0:3b:af:f5:fa:e8:cd:14:d7:
cd:0f:d4:cd:f4:0f:0c:29:60:36:3f:82:33:81:94:
13:7c:e1:9d:18:43:fe:72:fc:96:2f:fe:55:ca:68:
30:04:a6:46:a8:e5:9a:05:68:15:7a:22:03:ec:0e:
24:3a:46:9d:d7:a2:fc:8f:01:f6:c4:89:4f:6f:fd:
1b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:45:39:7D:B2:5F:9F:37:2D:B6:26:FC:5D:4F:50:76:14:DC:1A:D9
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/U0U5fbJfnzcttib8XU9QdhTcGtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:200::/44
Signature Algorithm: sha256WithRSAEncryption
87:1b:65:19:d3:8f:fe:79:3a:68:23:46:96:49:b2:96:29:e1:
98:d8:95:9b:21:23:b4:61:96:91:0f:aa:fe:e8:bb:2e:86:2d:
ee:6e:42:eb:70:3b:1c:c5:2d:13:b5:03:76:c4:b6:94:79:0a:
6e:10:21:70:ce:87:20:91:67:2f:ec:84:67:1f:96:05:e6:de:
61:f4:ff:a4:8b:9d:91:fe:e5:34:0e:29:51:0b:ee:a0:60:d6:
1f:ed:41:eb:82:c0:a0:17:51:63:0c:b2:9b:e8:48:49:c8:24:
98:79:9e:8b:49:1e:de:45:28:22:d9:fa:fe:6c:66:8a:cb:57:
80:cc:5b:fd:b6:15:ba:6a:89:7e:d8:17:d0:72:08:10:fb:0f:
0c:a3:00:ee:01:98:ca:a6:e5:84:a3:48:44:df:83:40:ea:87:
46:5b:a6:55:ae:4d:0f:59:56:c5:58:1c:77:71:1a:d7:fb:d6:
f1:eb:0e:4f:88:1a:f8:83:b6:a6:82:46:d0:6a:ce:1f:5b:2e:
97:0d:f5:6d:0b:25:6f:32:ec:26:21:b1:41:e1:7d:74:ba:35:
d5:e8:2f:c9:19:46:d3:91:4a:a3:dc:be:e5:09:17:a7:d5:50:
54:95:48:03:d9:86:85:d8:16:72:58:0e:d2:da:6b:92:e0:b2:
1b:b6:e1:1f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjFYLB7iZCfBBDnX5KQkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzQ1Mzk3ZGIyNWY5ZjM3MmRiNjI2ZmM1ZDRmNTA3NjE0ZGMxYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJawyhiZL3jhkfJWuTq0Pj9isAwH
IrhI6wXBiBEuVpQrHGa58rc2HS8wN8gD67X8uq36/vd6t3S3cKOeTQsjvO69/Itd
41P0E5pYrw3yy8Sv9LE6HDsc+yQ8+uLTNHz9YUQM+wThubZjN3BwMdWPA2VaB3Ix
+PBHN1btrk9e6mKESvRJW6e34N6BScYasWHSk6I2SWdGgcYadZtFlChkqmzmSxds
fgu90dj3UXkkApZaAEcaqpIlmIHQO6/1+ujNFNfND9TN9A8MKWA2P4IzgZQTfOGd
GEP+cvyWL/5VymgwBKZGqOWaBWgVeiID7A4kOkad16L8jwH2xIlPb/0bbwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFNFOX2yX583LbYm/F1PUHYU3BrZMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvVTBVNWZiSmZuemN0dGliOFhVOVFkaFRjR3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAIA
MA0GCSqGSIb3DQEBCwUAA4IBAQCHG2UZ04/+eTpoI0aWSbKWKeGY2JWbISO0YZaR
D6r+6Lsuhi3ubkLrcDscxS0TtQN2xLaUeQpuECFwzocgkWcv7IRnH5YF5t5h9P+k
i52R/uU0DilRC+6gYNYf7UHrgsCgF1FjDLKb6EhJyCSYeZ6LSR7eRSgi2fr+bGaK
y1eAzFv9thW6aol+2BfQcggQ+w8MowDuAZjKpuWEo0hE34NA6odGW6ZVrk0PWVbF
WBx3cRrX+9bx6w5PiBr4g7amgkbQas4fWy6XDfVtCyVvMuwmIbFB4X10ujXV6C/J
GUbTkUqj3L7lCRen1VBUlUgD2YaF2BZyWA7S2muS4LIbtuEf
-----END CERTIFICATE-----
Generated at Fri Apr 11 06:32:26 2025 by rpki-client