Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/r3hvpi6aYISrA9VgUGuyHasTBo4.roa
File: r3hvpi6aYISrA9VgUGuyHasTBo4.roa (raw, json)
Hash identifier: oOkkfC+0ShrErLS6hHd4eqce9aWY7Jt21fCjzpV66s0=
Subject key identifier: AF:78:6F:A6:2E:9A:60:84:AB:03:D5:60:50:6B:B2:1D:AB:13:06:8E
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C5231D0836B2E71E0340B944B8775
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/r3hvpi6aYISrA9VgUGuyHasTBo4.roa
Signing time: Wed 01 Jan 2025 01:47:57 +0000
ROA not before: Wed 01 Jan 2025 01:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199187
IP address blocks: 2a12:bec0:1c0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:52:31:d0:83:6b:2e:71:e0:34:0b:94:4b:87:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af786fa62e9a6084ab03d560506bb21dab13068e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:07:70:fb:ba:00:d9:50:7a:0a:08:25:68:91:
9b:b9:a7:56:a9:90:3b:2a:b4:da:34:49:aa:cb:28:
1a:b9:97:a5:48:69:cc:ef:da:b1:f5:03:78:74:6d:
b7:42:67:82:0b:c6:5c:ee:7d:8c:b2:02:16:66:30:
eb:5d:ae:cd:20:ae:84:c0:92:96:19:7f:22:eb:ee:
a3:78:81:e7:4c:bb:72:60:a1:5b:6f:26:8b:8c:82:
5c:c8:62:38:da:2b:74:67:c2:1a:2f:79:ab:4f:09:
70:96:6c:43:c8:44:24:c4:54:2e:df:7a:5c:f0:c1:
ad:0d:de:2b:7a:c0:1d:5f:0d:f6:77:ab:ca:ef:75:
f8:b8:d0:58:21:cd:2a:ce:2c:b5:c0:cb:fe:e9:75:
4d:34:79:46:3f:80:e0:3e:e0:09:d1:9d:a6:fb:6f:
b7:e8:c0:6f:8a:d5:0d:9d:4b:54:82:53:6a:3f:c8:
88:05:e2:bf:6e:37:4d:b9:b3:45:96:23:1d:8f:7b:
d6:51:10:e8:71:d5:7a:89:65:10:8d:41:c0:e7:fe:
47:a9:4d:92:a0:56:73:66:82:b5:73:32:30:b0:3e:
a5:29:1f:dd:72:0d:f3:dd:7b:a5:89:3e:fd:5a:1e:
ae:f0:2e:ed:fc:78:c4:b9:5f:71:a3:f1:b2:64:04:
5e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:78:6F:A6:2E:9A:60:84:AB:03:D5:60:50:6B:B2:1D:AB:13:06:8E
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/r3hvpi6aYISrA9VgUGuyHasTBo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:1c0::/44
Signature Algorithm: sha256WithRSAEncryption
34:ea:8c:7c:6a:02:75:98:9d:47:b1:f3:15:b8:55:6e:fc:73:
a2:90:16:3c:03:c1:7d:a3:c5:a4:08:57:a3:7c:1a:a6:7a:ba:
3a:7c:85:66:5e:03:a9:d6:bd:9f:a1:a1:5c:bb:10:8f:31:9f:
06:1f:4f:9f:bc:29:03:6a:97:18:2e:98:d4:cd:fa:6c:4f:b7:
c6:c3:0e:51:0b:f6:23:3a:59:d6:a8:9d:53:19:a8:e6:85:59:
45:15:86:ea:c4:a2:8d:65:8c:b4:f9:79:e0:5c:9e:ad:af:ef:
04:07:2a:9e:d7:cc:b3:41:62:c3:e1:85:14:c1:9c:3d:94:36:
d9:da:fa:39:d8:5f:27:ff:86:55:f9:eb:31:62:49:52:33:2e:
e5:21:72:86:1c:11:41:ca:74:33:88:e8:95:57:27:3f:e1:b7:
2f:49:e5:9a:6f:5e:7a:9b:40:23:07:08:d7:c4:96:c2:47:29:
82:46:88:6a:b4:6c:5f:4b:b4:df:ce:e8:3f:6f:d4:6d:8e:ca:
fd:4c:a3:cf:6b:b8:80:1a:c1:8d:4d:e4:3f:94:e2:a2:71:21:
e2:c0:a8:69:97:e0:cc:c7:c6:9a:94:8a:61:43:10:b8:79:d2:
8f:33:2c:f4:64:ae:15:26:d0:3c:3b:12:de:ff:5e:3c:29:27:
37:25:a3:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjFIx0INrLnHgNAuUS4d1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjc4NmZhNjJlOWE2MDg0YWIwM2Q1NjA1MDZiYjIxZGFiMTMwNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwdw+7oA2VB6CgglaJGbuadWqZA7
KrTaNEmqyygauZelSGnM79qx9QN4dG23QmeCC8Zc7n2MsgIWZjDrXa7NIK6EwJKW
GX8i6+6jeIHnTLtyYKFbbyaLjIJcyGI42it0Z8IaL3mrTwlwlmxDyEQkxFQu33pc
8MGtDd4resAdXw32d6vK73X4uNBYIc0qziy1wMv+6XVNNHlGP4DgPuAJ0Z2m+2+3
6MBvitUNnUtUglNqP8iIBeK/bjdNubNFliMdj3vWURDocdV6iWUQjUHA5/5HqU2S
oFZzZoK1czIwsD6lKR/dcg3z3XuliT79Wh6u8C7t/HjEuV9xo/GyZAReKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFK94b6YummCEqwPVYFBrsh2rEwaOMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvcjNodnBpNmFZSVNyQTlWZ1VHdXlIYXNUQm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhK+wAHA
MA0GCSqGSIb3DQEBCwUAA4IBAQA06ox8agJ1mJ1HsfMVuFVu/HOikBY8A8F9o8Wk
CFejfBqmero6fIVmXgOp1r2foaFcuxCPMZ8GH0+fvCkDapcYLpjUzfpsT7fGww5R
C/YjOlnWqJ1TGajmhVlFFYbqxKKNZYy0+XngXJ6tr+8EByqe18yzQWLD4YUUwZw9
lDbZ2vo52F8n/4ZV+esxYklSMy7lIXKGHBFBynQziOiVVyc/4bcvSeWab156m0Aj
BwjXxJbCRymCRohqtGxfS7Tfzug/b9Rtjsr9TKPPa7iAGsGNTeQ/lOKicSHiwKhp
l+DMx8aalIphQxC4edKPMyz0ZK4VJtA8OxLe/148KSc3JaNM
-----END CERTIFICATE-----
Generated at Mon Apr 7 04:59:37 2025 by rpki-client