Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/vYiL0p68MisPQzTWAxvFUDaOJR4.roa
File: vYiL0p68MisPQzTWAxvFUDaOJR4.roa (raw, json)
Hash identifier: wbjxPQK/AdDywn2abl6XPjxVuKyxm8kGV46GZ2ILUc8=
Subject key identifier: BD:88:8B:D2:9E:BC:32:2B:0F:43:34:D6:03:1B:C5:50:36:8E:25:1E
Certificate issuer: /CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Certificate serial: 0FDA0B
Authority key identifier: 24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/vYiL0p68MisPQzTWAxvFUDaOJR4.roa
Signing time: Sat 08 Jan 2022 11:40:27 +0000
ROA not before: Sat 08 Jan 2022 11:40:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212744
IP address blocks: 2a12:4046::/32 maxlen: 32
2a12:4044::/32 maxlen: 32
2a12:4042::/32 maxlen: 32
2a12:4040::/32 maxlen: 32
2a12:4043::/32 maxlen: 32
2a12:4045::/32 maxlen: 32
2a12:4040::/29 maxlen: 29
2a12:4041::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1038859 (0xfda0b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2437736e6f55900adbfb0456c4164f67b453ac8f
Validity
Not Before: Jan 8 11:40:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd888bd29ebc322b0f4334d6031bc550368e251e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cf:75:47:ce:a8:d5:0b:49:1f:bd:f3:8b:91:
5a:70:7c:15:2f:f8:e0:00:75:2d:76:a7:e5:7a:e6:
5a:24:f0:10:70:d9:43:57:73:41:40:1d:c1:d9:78:
96:10:8a:46:f5:cd:6d:61:ad:6a:e9:bc:5e:7e:0d:
ed:57:38:5a:01:92:13:43:dc:19:43:96:1a:cd:19:
1d:7f:09:fd:3e:a1:4f:08:e0:90:27:4d:39:88:37:
41:6f:b9:4c:b9:a9:fd:f9:e6:35:70:31:5c:ea:a0:
a1:71:d9:d8:d5:7a:c3:34:ee:c9:7d:3f:66:eb:53:
7f:6e:ec:75:73:37:1a:c7:ec:55:34:7f:d2:f3:f1:
d2:1d:1e:0e:71:38:34:7a:de:d4:4d:16:27:0f:31:
8f:cb:58:ae:ac:0a:11:a7:31:27:10:0f:bc:8d:6f:
de:17:ba:14:7a:4d:f5:fd:ef:0b:87:c8:5d:a7:a2:
b9:b8:94:1a:c8:0b:d7:16:24:16:15:56:7d:f9:97:
47:04:4b:76:7a:c7:50:21:ff:0e:ca:dd:db:c0:4a:
3f:6e:3e:5e:4c:71:66:b8:bf:a3:17:e5:92:3b:b9:
7f:11:3c:f7:d0:13:6f:90:db:e2:08:f9:e4:0d:bb:
48:d7:e4:48:5b:21:ea:d5:d9:f4:cd:c3:4d:60:1a:
fa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:88:8B:D2:9E:BC:32:2B:0F:43:34:D6:03:1B:C5:50:36:8E:25:1E
X509v3 Authority Key Identifier:
keyid:24:37:73:6E:6F:55:90:0A:DB:FB:04:56:C4:16:4F:67:B4:53:AC:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDdzbm9VkArb-wRWxBZPZ7RTrI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/vYiL0p68MisPQzTWAxvFUDaOJR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/52bbe0-4cf3-4e31-9273-31668ae3b166/1/JDdzbm9VkArb-wRWxBZPZ7RTrI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:4040::/29
Signature Algorithm: sha256WithRSAEncryption
37:f1:1a:43:d0:b0:e1:89:1b:29:f3:74:e9:3f:35:a8:b2:5f:
9a:75:8b:47:7f:e2:88:b8:ed:45:90:10:40:7b:07:15:67:8e:
7a:fb:07:fa:69:19:62:a9:51:26:d8:e4:62:ac:d6:a1:2f:a5:
6e:5b:28:75:4e:5c:45:43:4f:b9:e7:06:92:3f:40:56:1b:1b:
77:18:f2:1b:27:d7:7b:18:6a:1f:b8:7c:96:98:c0:d8:19:b4:
34:ee:25:c4:26:ee:28:e1:4b:aa:94:cf:01:67:db:81:53:cc:
20:59:fc:f4:4a:7e:ea:2d:0f:cb:d9:76:d6:15:36:7c:14:e4:
3b:10:43:a1:4a:a6:84:a1:9b:1e:73:7c:f4:0c:0b:42:f6:54:
ca:5e:c5:3a:34:c6:cb:d5:f7:35:5a:81:b5:cd:a8:f0:bc:4b:
48:06:3e:da:58:49:5a:df:f1:0a:ff:4f:57:f7:78:d5:7d:e9:
f1:33:17:18:a1:a0:d3:a1:8d:45:d0:29:06:9e:ea:55:5a:7a:
1d:6d:e4:ee:ca:6e:a3:cd:c3:ec:c9:86:d1:32:59:ec:c0:f8:
e7:e8:b7:a8:5b:62:5e:7d:8c:06:00:86:f6:21:a4:3c:2c:d8:
5b:ab:d6:63:66:9c:82:56:f1:34:b7:f5:52:c3:c5:ae:c1:91:
fb:2c:fa:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIDD9oLMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI0
Mzc3MzZlNmY1NTkwMGFkYmZiMDQ1NmM0MTY0ZjY3YjQ1M2FjOGYwHhcNMjIwMTA4
MTE0MDI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiZDg4OGJkMjllYmMz
MjJiMGY0MzM0ZDYwMzFiYzU1MDM2OGUyNTFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqM91R86o1QtJH73zi5FacHwVL/jgAHUtdqfleuZaJPAQcNlD
V3NBQB3B2XiWEIpG9c1tYa1q6bxefg3tVzhaAZITQ9wZQ5YazRkdfwn9PqFPCOCQ
J005iDdBb7lMuan9+eY1cDFc6qChcdnY1XrDNO7JfT9m61N/bux1czcax+xVNH/S
8/HSHR4OcTg0et7UTRYnDzGPy1iurAoRpzEnEA+8jW/eF7oUek31/e8Lh8hdp6K5
uJQayAvXFiQWFVZ9+ZdHBEt2esdQIf8Oyt3bwEo/bj5eTHFmuL+jF+WSO7l/ETz3
0BNvkNviCPnkDbtI1+RIWyHq1dn0zcNNYBr6MwIDAQABo4ICCjCCAgYwHQYDVR0O
BBYEFL2Ii9KevDIrD0M01gMbxVA2jiUeMB8GA1UdIwQYMBaAFCQ3c25vVZAK2/sE
VsQWT2e0U6yPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SkRkemJtOVZrQXJiLXdSV3hCWlBaN1JUckk4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Yi81MmJiZTAtNGNmMy00ZTMxLTkyNzMtMzE2NjhhZTNiMTY2LzEv
dllpTDBwNjhNaXNQUXpUV0F4dkZVRGFPSlI0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81
MmJiZTAtNGNmMy00ZTMxLTkyNzMtMzE2NjhhZTNiMTY2LzEvSkRkemJtOVZrQXJi
LXdSV3hCWlBaN1JUckk4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAG
CCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJAQDANBgkqhkiG9w0BAQsFAAOC
AQEAN/EaQ9Cw4YkbKfN06T81qLJfmnWLR3/iiLjtRZAQQHsHFWeOevsH+mkZYqlR
JtjkYqzWoS+lblsodU5cRUNPuecGkj9AVhsbdxjyGyfXexhqH7h8lpjA2Bm0NO4l
xCbuKOFLqpTPAWfbgVPMIFn89Ep+6i0Py9l21hU2fBTkOxBDoUqmhKGbHnN89AwL
QvZUyl7FOjTGy9X3NVqBtc2o8LxLSAY+2lhJWt/xCv9PV/d41X3p8TMXGKGg06GN
RdApBp7qVVp6HW3k7spuo83D7MmG0TJZ7MD45+i3qFtiXn2MBgCG9iGkPCzYW6vW
Y2acglbxNLf1UsPFrsGR+yz6fQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:41 2025 by rpki-client