Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/fh2COb18YnpoSOaTETgNnjPlgf0.roa
File: fh2COb18YnpoSOaTETgNnjPlgf0.roa (raw, json)
Hash identifier: olKASFieXNEH5uohF/WHoAC0hcy7zFIOYUjF3Hdhi9c=
Subject key identifier: 7E:1D:82:39:BD:7C:62:7A:68:48:E6:93:11:38:0D:9E:33:E5:81:FD
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01948F091CF6D7B0A733EBCF54080EBDC91D
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/fh2COb18YnpoSOaTETgNnjPlgf0.roa
Signing time: Wed 22 Jan 2025 17:22:06 +0000
ROA not before: Wed 22 Jan 2025 17:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214146
IP address blocks: 2a12:bec4:1710::/44 maxlen: 44
2a12:bec4:1730::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8f:09:1c:f6:d7:b0:a7:33:eb:cf:54:08:0e:bd:c9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 22 17:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e1d8239bd7c627a6848e69311380d9e33e581fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:35:f0:e3:07:f1:ac:17:a2:7b:df:35:5d:14:
0f:b3:8f:19:35:c3:ce:58:b7:a7:b3:d6:3e:cb:63:
bc:ca:61:b5:3e:ec:d9:11:0a:bc:4d:7c:89:ed:9b:
75:3b:b8:26:b2:d4:c3:61:f2:c9:13:8b:b5:2e:1c:
88:61:78:89:73:e7:6a:9a:14:5b:ca:53:87:58:c5:
70:e6:b2:f3:8a:5f:00:76:cc:fe:27:f9:eb:da:ff:
50:5a:a0:a7:59:27:24:26:3f:ad:0d:46:83:fe:8f:
d2:32:98:bb:c8:75:c4:72:a5:39:59:00:23:9d:1f:
ac:49:66:8e:73:d9:be:10:64:9b:bc:0d:42:2f:f9:
e0:d2:b5:b8:04:d8:1c:cf:79:79:46:53:d1:f8:ed:
bd:e8:7b:73:ba:47:c7:96:63:f4:dc:8c:c5:0c:0b:
9c:75:e6:79:20:7a:5f:9f:da:16:9f:98:83:7f:c7:
f6:e3:17:52:3e:98:03:fb:96:c1:4f:23:70:02:8d:
04:2e:9e:d0:de:9d:da:b6:de:0e:db:16:7d:46:19:
45:74:d1:67:a6:7e:24:47:35:cd:d8:6b:3a:ea:a7:
7d:58:b7:dd:3d:7f:49:f3:13:41:d2:97:f8:ad:22:
24:85:3d:ed:e7:af:33:46:9d:64:1e:9d:41:f1:37:
23:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:1D:82:39:BD:7C:62:7A:68:48:E6:93:11:38:0D:9E:33:E5:81:FD
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/fh2COb18YnpoSOaTETgNnjPlgf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1710::/44
2a12:bec4:1730::/44
Signature Algorithm: sha256WithRSAEncryption
8c:15:9a:f5:06:5a:f7:a0:3d:99:35:c8:3c:dd:08:5c:62:92:
9b:fd:ff:31:df:5e:d3:2c:68:9c:f8:c5:8b:60:13:4b:52:5c:
75:20:f3:7b:f0:cb:02:af:6c:54:3f:a3:70:4f:85:9d:a4:dc:
b6:42:7c:7f:2c:cd:28:f7:61:22:8e:d0:ae:79:15:11:7f:ca:
b6:b4:a0:46:91:36:c8:d9:6d:92:48:4d:59:0e:34:e3:5f:01:
ef:3d:bb:8a:3c:93:13:fb:5b:31:74:46:f4:d5:f2:e2:8f:68:
50:c8:fe:4e:dc:b0:eb:ae:c3:86:a8:4e:18:61:67:e5:fd:03:
a6:b7:6e:b3:5a:c1:ea:94:6d:f6:04:a5:6c:42:b9:95:1e:f2:
04:86:34:2b:2a:16:45:14:1a:ab:b2:3f:09:68:8d:e3:44:e3:
96:22:2c:c0:ba:5e:0f:e9:59:9d:36:a3:1d:6a:d7:e5:f6:6f:
f5:3b:77:ec:b1:da:5e:4f:a4:33:b6:37:e8:2a:3d:4e:48:18:
d7:43:aa:21:76:b4:b7:fb:57:14:96:ea:12:7c:53:13:50:8c:
06:56:f9:85:68:fc:67:51:69:59:2e:8e:f6:c9:ea:bf:81:8f:
cc:fd:aa:1c:c3:6b:6c:b7:8c:0b:87:45:d5:e7:d2:c3:0e:16:
f6:7e:7f:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZSPCRz217CnM+vPVAgOvckdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTIyMTcyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTFkODIzOWJkN2M2MjdhNjg0OGU2OTMxMTM4MGQ5ZTMzZTU4MWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DXw4wfxrBeie981XRQPs48ZNcPO
WLens9Y+y2O8ymG1PuzZEQq8TXyJ7Zt1O7gmstTDYfLJE4u1LhyIYXiJc+dqmhRb
ylOHWMVw5rLzil8Adsz+J/nr2v9QWqCnWSckJj+tDUaD/o/SMpi7yHXEcqU5WQAj
nR+sSWaOc9m+EGSbvA1CL/ng0rW4BNgcz3l5RlPR+O296HtzukfHlmP03IzFDAuc
deZ5IHpfn9oWn5iDf8f24xdSPpgD+5bBTyNwAo0ELp7Q3p3att4O2xZ9RhlFdNFn
pn4kRzXN2Gs66qd9WLfdPX9J8xNB0pf4rSIkhT3t568zRp1kHp1B8TcjVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH4dgjm9fGJ6aEjmkxE4DZ4z5YH9MB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvZmgyQ09iMThZbnBvU09hVEVUZ05ualBsZ2YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhK+xBcQ
AwcEKhK+xBcwMA0GCSqGSIb3DQEBCwUAA4IBAQCMFZr1Blr3oD2ZNcg83QhcYpKb
/f8x317TLGic+MWLYBNLUlx1IPN78MsCr2xUP6NwT4WdpNy2Qnx/LM0o92EijtCu
eRURf8q2tKBGkTbI2W2SSE1ZDjTjXwHvPbuKPJMT+1sxdEb01fLij2hQyP5O3LDr
rsOGqE4YYWfl/QOmt26zWsHqlG32BKVsQrmVHvIEhjQrKhZFFBqrsj8JaI3jROOW
IizAul4P6VmdNqMdatfl9m/1O3fssdpeT6QztjfoKj1OSBjXQ6ohdrS3+1cUluoS
fFMTUIwGVvmFaPxnUWlZLo72yeq/gY/M/aocw2tst4wLh0XV59LDDhb2fn/Q
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:58:39 2025 by rpki-client