Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/23cb9a-2de2-443d-8013-0b9291e16015/1/wX3NDN829r_qFjQYdwpY_AS1HWg.roa
File: wX3NDN829r_qFjQYdwpY_AS1HWg.roa (raw, json)
Hash identifier: sMgKG/hnksBOw4iDZuw36mwJ9Y7dAcb43ZLY3JVoa1w=
Subject key identifier: C1:7D:CD:0C:DF:36:F6:BF:EA:16:34:18:77:0A:58:FC:04:B5:1D:68
Certificate issuer: /CN=32998b4f88646f5e185bfc83776bbb05a69e6845
Certificate serial: 01856D01693CEB10B2395047DFEA9D7D0431
Authority key identifier: 32:99:8B:4F:88:64:6F:5E:18:5B:FC:83:77:6B:BB:05:A6:9E:68:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MpmLT4hkb14YW_yDd2u7BaaeaEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/23cb9a-2de2-443d-8013-0b9291e16015/1/wX3NDN829r_qFjQYdwpY_AS1HWg.roa
Signing time: Sun 01 Jan 2023 11:04:47 +0000
ROA not before: Sun 01 Jan 2023 11:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8485
IP address blocks: 2a12:6741::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:69:3c:eb:10:b2:39:50:47:df:ea:9d:7d:04:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32998b4f88646f5e185bfc83776bbb05a69e6845
Validity
Not Before: Jan 1 11:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c17dcd0cdf36f6bfea163418770a58fc04b51d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:bb:63:0f:60:80:4e:28:8b:de:3c:d2:0a:
d8:b1:06:bc:fe:1f:50:cf:7b:fd:2e:56:2f:a8:5e:
f7:01:dd:32:92:97:b6:47:96:2a:5a:7a:b9:24:f3:
79:a8:18:80:a5:57:66:98:a0:b6:8c:65:14:f8:1d:
28:15:30:45:7d:85:ca:01:6d:05:46:5b:5c:f7:5a:
d1:6a:8f:4e:33:dd:35:90:e7:49:cf:fc:8a:d4:9b:
af:51:09:9c:31:12:32:36:4d:93:48:7b:d7:78:8c:
00:48:95:32:23:00:01:b8:9f:b0:c8:71:09:72:e6:
34:8f:d7:50:93:3f:f8:db:a1:01:cc:a0:75:31:2a:
80:cf:a8:b5:d7:4b:e4:e2:0a:dd:c1:cf:5c:36:ec:
fe:8e:4a:0b:97:2c:60:cd:6a:13:fb:15:2a:d1:bc:
b3:54:67:a9:be:cb:5e:37:75:b1:1e:e8:8c:5c:83:
31:26:95:76:41:87:04:19:f9:c1:c2:1d:21:7a:74:
4a:1e:ec:33:75:6d:1d:d1:e1:e0:aa:00:ed:c5:39:
48:3a:9e:93:82:32:a7:33:31:35:fb:69:33:dd:0c:
32:d9:61:96:e0:c4:e1:82:51:94:a6:f4:36:89:7e:
c6:be:5a:20:66:c8:16:f8:35:d4:69:4c:c4:1e:fb:
e7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7D:CD:0C:DF:36:F6:BF:EA:16:34:18:77:0A:58:FC:04:B5:1D:68
X509v3 Authority Key Identifier:
keyid:32:99:8B:4F:88:64:6F:5E:18:5B:FC:83:77:6B:BB:05:A6:9E:68:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MpmLT4hkb14YW_yDd2u7BaaeaEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/23cb9a-2de2-443d-8013-0b9291e16015/1/wX3NDN829r_qFjQYdwpY_AS1HWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/23cb9a-2de2-443d-8013-0b9291e16015/1/MpmLT4hkb14YW_yDd2u7BaaeaEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:6741::/32
Signature Algorithm: sha256WithRSAEncryption
32:4c:82:2e:f3:a9:53:c4:6b:21:c5:63:88:e8:36:fe:b7:89:
0f:3d:e8:e7:1a:c5:4f:1b:ff:3f:57:8d:15:d2:96:83:3b:02:
60:4f:c3:61:20:52:30:85:f2:b0:ce:6f:5b:b3:bc:c6:c7:d6:
8f:ed:97:e9:8c:30:9d:a6:92:09:8d:fd:f8:45:90:10:9e:92:
89:01:83:ff:51:5c:88:7f:66:3a:a5:1b:ee:11:2e:66:b3:a1:
c5:93:25:59:54:94:cf:ad:bd:08:27:f9:cd:18:ee:f2:5c:0a:
9d:ee:fc:c0:77:94:b4:15:c4:af:87:08:cc:81:17:d3:47:85:
7f:68:fe:81:9d:4b:ab:cb:3f:78:e2:4e:2a:fa:dd:19:05:f3:
41:de:ad:f2:ea:58:56:5b:70:23:57:ea:4b:7f:76:9d:59:e2:
6c:b8:73:93:13:49:8c:05:ca:a7:31:08:77:21:57:0c:64:51:
e6:27:b4:11:4c:4e:62:a4:c6:72:33:2a:43:d1:2d:59:8d:03:
1f:45:1d:fd:79:ce:16:22:e3:cc:21:26:90:c5:44:7d:8e:96:
61:31:5e:3e:36:d0:b1:7d:8d:02:bd:c9:c1:e3:63:40:26:49:
73:e5:e8:14:b6:ea:20:e3:da:b1:74:ae:3e:bc:ce:4d:b4:e1:
c8:59:e4:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtAWk86xCyOVBH3+qdfQQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyOTk4YjRmODg2NDZmNWUxODViZmM4Mzc3NmJiYjA1YTY5
ZTY4NDUwHhcNMjMwMTAxMTEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTdkY2QwY2RmMzZmNmJmZWExNjM0MTg3NzBhNThmYzA0YjUxZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlne7Yw9ggE4oi9480grYsQa8/h9Q
z3v9LlYvqF73Ad0ykpe2R5YqWnq5JPN5qBiApVdmmKC2jGUU+B0oFTBFfYXKAW0F
Rltc91rRao9OM901kOdJz/yK1JuvUQmcMRIyNk2TSHvXeIwASJUyIwABuJ+wyHEJ
cuY0j9dQkz/426EBzKB1MSqAz6i110vk4grdwc9cNuz+jkoLlyxgzWoT+xUq0byz
VGepvsteN3WxHuiMXIMxJpV2QYcEGfnBwh0henRKHuwzdW0d0eHgqgDtxTlIOp6T
gjKnMzE1+2kz3Qwy2WGW4MThglGUpvQ2iX7GvlogZsgW+DXUaUzEHvvniwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMF9zQzfNva/6hY0GHcKWPwEtR1oMB8GA1UdIwQY
MBaAFDKZi0+IZG9eGFv8g3druwWmnmhFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXBtTFQ0aGtiMTRZV195RGQydTdCYWFlYUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8yM2NiOWEtMmRlMi00NDNkLTgwMTMt
MGI5MjkxZTE2MDE1LzEvd1gzTkROODI5cl9xRmpRWWR3cFlfQVMxSFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi8yM2NiOWEtMmRlMi00NDNkLTgwMTMtMGI5MjkxZTE2MDE1
LzEvTXBtTFQ0aGtiMTRZV195RGQydTdCYWFlYUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhJnQTAN
BgkqhkiG9w0BAQsFAAOCAQEAMkyCLvOpU8RrIcVjiOg2/reJDz3o5xrFTxv/P1eN
FdKWgzsCYE/DYSBSMIXysM5vW7O8xsfWj+2X6YwwnaaSCY39+EWQEJ6SiQGD/1Fc
iH9mOqUb7hEuZrOhxZMlWVSUz629CCf5zRju8lwKne78wHeUtBXEr4cIzIEX00eF
f2j+gZ1Lq8s/eOJOKvrdGQXzQd6t8upYVltwI1fqS392nVnibLhzkxNJjAXKpzEI
dyFXDGRR5ie0EUxOYqTGcjMqQ9EtWY0DH0Ud/XnOFiLjzCEmkMVEfY6WYTFePjbQ
sX2NAr3JweNjQCZJc+XoFLbqIOPasXSuPrzOTbThyFnkQA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:35 2025 by rpki-client