Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/p_dNanvb25JW76erR1Wiuf-lANw.roa
File: p_dNanvb25JW76erR1Wiuf-lANw.roa (raw, json)
Hash identifier: wnErGJuJZ76EYzzOr475cu+zcPXoqb9EzhqWF8Zsakw=
Subject key identifier: A7:F7:4D:6A:7B:DB:DB:92:56:EF:A7:AB:47:55:A2:B9:FF:A5:00:DC
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 0195290D2786ED0D1E97406C7FA2C55BBAD0
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/p_dNanvb25JW76erR1Wiuf-lANw.roa
Signing time: Fri 21 Feb 2025 15:08:02 +0000
ROA not before: Fri 21 Feb 2025 15:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212824
IP address blocks: 2a12:bec4:1830::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:29:0d:27:86:ed:0d:1e:97:40:6c:7f:a2:c5:5b:ba:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Feb 21 15:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7f74d6a7bdbdb9256efa7ab4755a2b9ffa500dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f0:5a:6b:41:04:9d:3e:82:6c:b0:fa:01:b5:
9f:4c:2a:5e:c9:cd:48:87:d1:10:63:7f:d9:ed:05:
ae:16:fe:1e:ea:22:d5:1c:7a:4d:52:77:b5:70:a8:
b6:05:34:33:02:66:3c:69:1a:aa:e5:ca:f5:b8:5e:
9c:a0:33:d6:b9:c0:04:8e:5e:05:ab:28:97:66:ad:
48:b8:f4:ef:47:23:71:41:a4:8d:db:fe:8d:65:43:
fa:6f:e0:8a:1e:b4:7b:4c:5e:a6:a0:46:39:d7:c0:
b9:5d:88:83:d3:f7:07:ba:8c:81:2a:9d:c5:b7:f1:
ee:85:95:6d:67:0d:de:8a:dc:64:2e:8c:cb:65:11:
c8:b6:41:81:67:23:70:8d:e9:cd:76:f8:ee:00:88:
9a:38:01:51:8d:f1:32:0f:f5:9b:1e:63:11:87:5a:
b6:97:c6:e8:9d:3b:99:f4:bc:b4:5a:d8:23:dc:58:
85:e7:d0:86:da:cc:29:81:5e:aa:75:6f:2d:09:39:
8a:ab:41:3f:dd:ab:92:0a:cf:61:1c:02:ea:f9:8c:
bb:77:d8:9b:29:c7:f8:13:74:99:0e:32:20:02:ff:
a4:7b:9f:40:ab:c1:30:88:36:cd:14:fb:5c:f1:15:
03:d4:6a:3e:02:4a:d5:8e:3d:fd:20:1e:7a:50:c0:
2a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F7:4D:6A:7B:DB:DB:92:56:EF:A7:AB:47:55:A2:B9:FF:A5:00:DC
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/p_dNanvb25JW76erR1Wiuf-lANw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1830::/44
Signature Algorithm: sha256WithRSAEncryption
99:03:64:33:e8:7f:da:06:02:d5:ae:2e:93:6b:51:dc:80:8d:
58:9b:dd:6c:ff:c7:17:de:9b:2d:ae:8e:75:7c:f9:7d:f1:c9:
28:44:88:dd:f7:67:2e:42:ad:18:75:f8:46:15:5f:c5:db:ce:
bb:bf:ef:40:7c:cc:17:79:6d:30:f3:49:e0:21:6b:87:3f:c8:
1a:85:aa:53:6d:90:8d:7b:68:22:87:8b:3e:19:58:66:e0:09:
8d:4d:7e:70:e9:d7:9e:d9:70:e6:d1:e8:b1:6c:35:e0:f4:87:
11:96:07:09:45:3e:a1:f4:81:bb:30:4e:e9:c7:b0:d8:a9:ec:
c7:55:f6:9d:eb:ae:9e:fe:cd:53:54:3c:0f:21:de:e5:88:c7:
7e:d1:7c:fb:bc:29:aa:5b:37:d8:26:a3:c2:4b:3e:3a:1f:86:
df:36:77:3c:fe:f4:31:72:bd:cf:02:ed:ac:2b:d7:16:4e:2a:
9b:6b:cb:09:86:fe:bf:55:2f:f1:cb:10:6b:61:c6:c8:1b:21:
c3:47:98:26:e3:b7:b7:77:f0:c2:1e:a4:c5:30:4a:9a:be:ac:
78:b9:9a:49:07:a4:01:6f:d6:ca:55:8b:e4:01:a2:8c:4a:f6:
80:a5:74:6d:75:52:aa:30:76:4c:e5:a7:60:64:fc:dc:d0:b3:
f5:ab:d5:76
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZUpDSeG7Q0el0Bsf6LFW7rQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMjIxMTUwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Y3NGQ2YTdiZGJkYjkyNTZlZmE3YWI0NzU1YTJiOWZmYTUwMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPBaa0EEnT6CbLD6AbWfTCpeyc1I
h9EQY3/Z7QWuFv4e6iLVHHpNUne1cKi2BTQzAmY8aRqq5cr1uF6coDPWucAEjl4F
qyiXZq1IuPTvRyNxQaSN2/6NZUP6b+CKHrR7TF6moEY518C5XYiD0/cHuoyBKp3F
t/HuhZVtZw3eitxkLozLZRHItkGBZyNwjenNdvjuAIiaOAFRjfEyD/WbHmMRh1q2
l8bonTuZ9Ly0Wtgj3FiF59CG2swpgV6qdW8tCTmKq0E/3auSCs9hHALq+Yy7d9ib
Kcf4E3SZDjIgAv+ke59Aq8EwiDbNFPtc8RUD1Go+AkrVjj39IB56UMAq8wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKf3TWp729uSVu+nq0dVorn/pQDcMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvcF9kTmFudmIyNUpXNzZlclIxV2l1Zi1sQU53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+xBgw
MA0GCSqGSIb3DQEBCwUAA4IBAQCZA2Qz6H/aBgLVri6Ta1HcgI1Ym91s/8cX3pst
ro51fPl98ckoRIjd92cuQq0YdfhGFV/F2867v+9AfMwXeW0w80ngIWuHP8gahapT
bZCNe2gih4s+GVhm4AmNTX5w6dee2XDm0eixbDXg9IcRlgcJRT6h9IG7ME7px7DY
qezHVfad666e/s1TVDwPId7liMd+0Xz7vCmqWzfYJqPCSz46H4bfNnc8/vQxcr3P
Au2sK9cWTiqba8sJhv6/VS/xyxBrYcbIGyHDR5gm47e3d/DCHqTFMEqavqx4uZpJ
B6QBb9bKVYvkAaKMSvaApXRtdVKqMHZM5adgZPzc0LP1q9V2
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:37:04 2025 by rpki-client