Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/hfC31mkkOXhrXiWl1chbI1rTi8Y.roa
File: hfC31mkkOXhrXiWl1chbI1rTi8Y.roa (raw, json)
Hash identifier: ZYfJcduV6zXIhf4a7dER/R61dOXN8dHG5i+7F4t96WU=
Subject key identifier: 85:F0:B7:D6:69:24:39:78:6B:5E:25:A5:D5:C8:5B:23:5A:D3:8B:C6
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C62A58A311C10C6A5040AFCD15F34
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/hfC31mkkOXhrXiWl1chbI1rTi8Y.roa
Signing time: Wed 01 Jan 2025 01:48:01 +0000
ROA not before: Wed 01 Jan 2025 01:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211350
IP address blocks: 2a12:bec0:74ef::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:62:a5:8a:31:1c:10:c6:a5:04:0a:fc:d1:5f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85f0b7d6692439786b5e25a5d5c85b235ad38bc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:82:b9:c3:84:99:e6:14:5b:1f:72:de:71:52:
6b:0f:0c:26:14:47:29:8b:a6:39:92:e2:bc:ef:36:
c1:55:da:75:d2:96:bf:d6:04:9a:ae:63:6a:4f:6c:
89:82:66:4e:8b:4d:ac:1c:13:8f:98:31:12:10:98:
e3:a7:11:c0:b3:92:c8:d7:d9:9b:29:18:01:1d:04:
52:43:a4:63:3e:fa:ac:aa:f7:86:df:46:8b:4a:b1:
9f:73:b4:38:81:a6:1b:62:2d:78:1a:a4:c5:a7:76:
21:0e:30:e2:35:50:85:13:8b:6a:e5:c1:17:98:c2:
68:03:02:c6:a5:be:ec:ac:c3:f6:82:a6:9b:7f:11:
56:24:8b:3f:e7:f4:8b:36:40:44:fb:a4:a0:e0:a6:
00:d1:bf:21:cc:e9:3e:c0:43:a6:50:64:80:74:e1:
89:94:2b:da:ea:ab:9d:54:38:34:2e:d8:9f:50:cb:
94:12:20:3b:ab:93:95:a2:e1:e7:30:4e:73:12:42:
2f:c2:1c:00:d1:32:30:47:e6:5e:7f:cf:cb:4f:a9:
69:f3:32:ee:00:98:d5:1f:76:72:7d:58:f3:21:4c:
e1:fb:27:a4:ae:26:af:98:99:9c:a5:e8:35:bd:63:
6f:56:aa:fe:1c:3c:00:47:39:f0:f5:57:ad:ef:16:
0f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F0:B7:D6:69:24:39:78:6B:5E:25:A5:D5:C8:5B:23:5A:D3:8B:C6
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/hfC31mkkOXhrXiWl1chbI1rTi8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:74ef::/48
Signature Algorithm: sha256WithRSAEncryption
93:d7:9f:6b:d5:6c:94:5f:7a:05:da:8c:9d:8a:75:50:a3:28:
7f:f7:c0:2a:15:33:fa:44:25:fd:e6:49:6a:e1:7d:ab:4c:f4:
26:d0:6c:26:7d:02:c3:b0:10:6d:3d:c3:32:19:06:51:c6:d7:
67:aa:74:0b:d4:73:3f:a1:9a:8f:e2:c4:d4:55:02:74:10:f2:
07:3f:de:07:e9:e2:09:ec:0b:dc:3b:4f:8e:7c:9e:d3:73:aa:
cc:e8:ad:87:cf:c5:76:e0:eb:9b:12:83:6b:be:f5:ff:72:2a:
72:57:34:91:d6:dc:61:b7:ae:03:53:76:c1:fc:f3:66:2d:3d:
8d:1b:b0:04:57:9b:62:67:40:4c:7b:eb:3e:63:1a:7b:22:21:
04:0d:7c:03:e4:49:41:f6:5d:4d:69:7e:9f:2e:e9:6d:34:83:
e8:ed:34:62:48:7b:57:fa:a3:dd:d7:2b:ba:46:25:d5:7a:8d:
0b:ef:9b:20:8b:7f:88:1b:f1:c1:17:cc:82:e8:ab:3a:5a:91:
3e:9e:5a:54:d4:fc:bc:89:68:d6:38:e8:8b:7b:26:8c:26:0a:
83:75:1c:65:8b:6d:80:4d:b1:d1:cf:b9:ed:43:50:93:02:e2:
6b:70:a9:64:9a:3b:4a:6a:cf:b4:6d:b2:4f:9f:77:76:ad:90:
74:e6:f4:93
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjGKlijEcEMalBAr80V80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWYwYjdkNjY5MjQzOTc4NmI1ZTI1YTVkNWM4NWIyMzVhZDM4YmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4K5w4SZ5hRbH3LecVJrDwwmFEcp
i6Y5kuK87zbBVdp10pa/1gSarmNqT2yJgmZOi02sHBOPmDESEJjjpxHAs5LI19mb
KRgBHQRSQ6RjPvqsqveG30aLSrGfc7Q4gaYbYi14GqTFp3YhDjDiNVCFE4tq5cEX
mMJoAwLGpb7srMP2gqabfxFWJIs/5/SLNkBE+6Sg4KYA0b8hzOk+wEOmUGSAdOGJ
lCva6qudVDg0LtifUMuUEiA7q5OVouHnME5zEkIvwhwA0TIwR+Zef8/LT6lp8zLu
AJjVH3ZyfVjzIUzh+yekriavmJmcpeg1vWNvVqr+HDwARznw9Vet7xYPtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIXwt9ZpJDl4a14lpdXIWyNa04vGMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvaGZDMzFta2tPWGhyWGlXbDFjaGJJMXJUaThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhK+wHTv
MA0GCSqGSIb3DQEBCwUAA4IBAQCT159r1WyUX3oF2oydinVQoyh/98AqFTP6RCX9
5klq4X2rTPQm0GwmfQLDsBBtPcMyGQZRxtdnqnQL1HM/oZqP4sTUVQJ0EPIHP94H
6eIJ7AvcO0+OfJ7Tc6rM6K2Hz8V24OubEoNrvvX/cipyVzSR1txht64DU3bB/PNm
LT2NG7AEV5tiZ0BMe+s+Yxp7IiEEDXwD5ElB9l1NaX6fLultNIPo7TRiSHtX+qPd
1yu6RiXVeo0L75sgi3+IG/HBF8yC6Ks6WpE+nlpU1Py8iWjWOOiLeyaMJgqDdRxl
i22ATbHRz7ntQ1CTAuJrcKlkmjtKas+0bbJPn3d2rZB05vST
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:29 2025 by rpki-client