Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/tkv7W2Xkz7rlA8mcuPJnMfwWe1Q.roa
File: tkv7W2Xkz7rlA8mcuPJnMfwWe1Q.roa (raw, json)
Hash identifier: G49tANRZgksBlNNczLsd2nWAzBhPFYk2si2V1e5R/ns=
Subject key identifier: B6:4B:FB:5B:65:E4:CF:BA:E5:03:C9:9C:B8:F2:67:31:FC:16:7B:54
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 01941F8C5927B13966DB63417FDD8419E5D2
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/tkv7W2Xkz7rlA8mcuPJnMfwWe1Q.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199765
IP address blocks: 2a12:bec0:150::/44 maxlen: 48
2a12:bec0:540::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:59:27:b1:39:66:db:63:41:7f:dd:84:19:e5:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b64bfb5b65e4cfbae503c99cb8f26731fc167b54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:20:ff:2d:93:1a:8f:ab:fd:32:11:e6:a8:9f:
b0:61:bc:88:65:44:f0:fc:80:3c:74:1b:32:e1:81:
fc:0c:bc:6d:5d:03:d5:9c:36:53:59:2c:5c:c4:dc:
f7:9a:c6:69:14:6e:6a:15:2e:dc:4c:6e:bf:a6:65:
4e:8f:96:8d:de:d7:93:a7:7c:50:ad:40:de:35:78:
58:2c:a9:d9:73:5b:77:96:05:73:34:a2:be:72:00:
3f:dc:d3:e1:54:ce:5a:a5:39:ea:3a:c3:78:c9:3a:
88:9b:be:49:0d:cd:df:cb:4d:9a:36:16:cd:c6:bb:
be:af:ca:18:90:02:06:86:28:04:74:2e:1d:0a:68:
e2:39:4a:b3:77:57:65:13:36:ed:d2:79:a1:1f:32:
28:d1:c5:27:a9:1e:58:68:53:e5:77:3a:6a:83:fc:
a6:be:f9:e5:be:b5:24:b4:72:86:54:4d:1d:70:e7:
f7:77:bd:78:e5:33:8f:d5:6a:16:82:cc:7d:10:1d:
e7:3c:3a:aa:fa:01:b9:95:6c:d0:f9:77:20:78:ed:
4b:f8:92:a6:f7:35:64:5b:a2:1c:f6:a7:f6:61:a1:
7d:0f:bd:40:2e:30:e5:b5:ce:a6:e5:2f:40:ab:57:
fb:52:2b:91:a8:53:82:7c:28:25:30:bb:ce:bd:c9:
50:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4B:FB:5B:65:E4:CF:BA:E5:03:C9:9C:B8:F2:67:31:FC:16:7B:54
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/tkv7W2Xkz7rlA8mcuPJnMfwWe1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec0:150::/44
2a12:bec0:540::/44
Signature Algorithm: sha256WithRSAEncryption
ab:fc:b6:5e:ba:80:7b:1f:aa:50:79:67:14:ad:1a:69:e7:ce:
78:9d:4b:46:11:57:2f:e8:4f:3a:11:b5:03:b1:12:34:9a:8d:
41:83:8b:6b:12:33:c8:b6:b0:13:49:d8:6d:d2:a5:1a:9f:11:
c3:43:bc:fa:84:f0:8f:55:a3:fb:d9:6e:f6:29:6b:72:d3:82:
d2:23:17:a2:40:f3:e7:f3:77:ef:87:1a:b3:7d:7b:3f:07:46:
15:f2:98:f9:d5:12:20:47:d0:41:16:05:eb:a8:a6:ec:7e:fa:
27:92:d0:3a:5e:55:72:68:aa:cc:68:29:f3:bf:48:4d:4d:37:
68:5e:21:42:e7:74:c2:03:65:72:bd:a7:b0:81:03:33:c9:7d:
bc:8d:55:8f:84:f3:d6:ff:87:65:89:d5:fb:54:85:bc:12:a4:
ec:db:cd:ee:8f:b1:ca:ca:67:a6:69:34:4b:b6:e3:96:15:b6:
77:09:2e:4d:26:fe:e2:89:e6:98:39:ef:fa:33:81:3b:ac:fa:
7e:8a:de:9d:85:88:86:e1:76:ae:d6:49:a9:3b:47:d1:40:39:
d6:78:cf:7f:1f:db:6f:28:3c:24:e2:b9:82:88:2a:ea:ea:20:
4e:12:a7:3a:45:3f:10:58:0a:a1:7c:fa:76:d9:f7:e5:13:5c:
96:92:b0:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjFknsTlm22NBf92EGeXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRiZmI1YjY1ZTRjZmJhZTUwM2M5OWNiOGYyNjczMWZjMTY3YjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiD/LZMaj6v9MhHmqJ+wYbyIZUTw
/IA8dBsy4YH8DLxtXQPVnDZTWSxcxNz3msZpFG5qFS7cTG6/pmVOj5aN3teTp3xQ
rUDeNXhYLKnZc1t3lgVzNKK+cgA/3NPhVM5apTnqOsN4yTqIm75JDc3fy02aNhbN
xru+r8oYkAIGhigEdC4dCmjiOUqzd1dlEzbt0nmhHzIo0cUnqR5YaFPldzpqg/ym
vvnlvrUktHKGVE0dcOf3d7145TOP1WoWgsx9EB3nPDqq+gG5lWzQ+XcgeO1L+JKm
9zVkW6Ic9qf2YaF9D71ALjDltc6m5S9Aq1f7UiuRqFOCfCglMLvOvclQawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLZL+1tl5M+65QPJnLjyZzH8FntUMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvdGt2N1cyWGt6N3JsQThtY3VQSm5NZndXZTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhK+wAFQ
AwcEKhK+wAVAMA0GCSqGSIb3DQEBCwUAA4IBAQCr/LZeuoB7H6pQeWcUrRpp5854
nUtGEVcv6E86EbUDsRI0mo1Bg4trEjPItrATSdht0qUanxHDQ7z6hPCPVaP72W72
KWty04LSIxeiQPPn83fvhxqzfXs/B0YV8pj51RIgR9BBFgXrqKbsfvonktA6XlVy
aKrMaCnzv0hNTTdoXiFC53TCA2VyvaewgQMzyX28jVWPhPPW/4dlidX7VIW8EqTs
283uj7HKymemaTRLtuOWFbZ3CS5NJv7iieaYOe/6M4E7rPp+it6dhYiG4Xau1kmp
O0fRQDnWeM9/H9tvKDwk4rmCiCrq6iBOEqc6RT8QWAqhfPp22fflE1yWkrDW
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:21:01 2025 by rpki-client