Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/o4npVXSuR0O2RTEWKmoQxtQ_SqU.roa
File: o4npVXSuR0O2RTEWKmoQxtQ_SqU.roa (raw, json)
Hash identifier: jhjPP6bkhxT2TmGafGFbjdI9WjarAC6+cLsCHvKjKes=
Subject key identifier: A3:89:E9:55:74:AE:47:43:B6:45:31:16:2A:6A:10:C6:D4:3F:4A:A5
Certificate issuer: /CN=a9b5ffd24d2eb5d5c1e1cfe78b003c4bab5a2f13
Certificate serial: 0194266C1185085135C4E265E8A4112753BB
Authority key identifier: A9:B5:FF:D2:4D:2E:B5:D5:C1:E1:CF:E7:8B:00:3C:4B:AB:5A:2F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbX_0k0utdXB4c_niwA8S6taLxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/o4npVXSuR0O2RTEWKmoQxtQ_SqU.roa
Signing time: Thu 02 Jan 2025 09:50:04 +0000
ROA not before: Thu 02 Jan 2025 09:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50907
IP address blocks: 2a12:bc0:5::/48 maxlen: 48
2a12:bc0:6::/48 maxlen: 48
2a12:bc0:7::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:11:85:08:51:35:c4:e2:65:e8:a4:11:27:53:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b5ffd24d2eb5d5c1e1cfe78b003c4bab5a2f13
Validity
Not Before: Jan 2 09:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a389e95574ae4743b64531162a6a10c6d43f4aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f9:7d:51:9d:bd:85:a6:11:03:27:34:60:e8:
f0:7b:bd:27:a6:ea:4e:14:98:1d:11:04:97:07:e2:
67:bf:70:a6:49:86:79:77:6d:15:0e:78:1b:be:45:
a9:9a:4d:9a:f4:18:12:93:50:cc:e6:e8:1a:52:9f:
4c:09:ab:5a:44:7e:81:ed:72:f9:0f:9f:91:93:a5:
28:46:2e:d0:ec:89:72:0a:b2:00:0e:b6:a3:6c:31:
66:03:a2:db:0d:75:48:d2:c8:b0:82:a1:21:7d:f6:
1f:50:bf:af:06:10:23:ce:a3:6a:fe:d7:79:f8:ea:
84:21:3e:a9:3a:28:d9:bf:a8:b9:f3:09:dc:69:2b:
d3:5a:3f:4f:c3:56:95:86:b1:5d:53:45:f2:d6:e5:
b2:15:ba:64:b9:a1:ad:d6:ad:e9:a1:d2:8f:42:54:
39:02:8c:7c:ed:b8:ca:d0:5f:ab:5b:dc:1c:12:3e:
33:84:4e:f3:2c:af:69:30:04:61:2e:a2:67:23:3c:
b0:ef:a3:19:36:01:2d:2a:a8:0e:5a:66:ea:c8:58:
e6:0d:b6:df:9b:ba:32:e1:be:d9:e4:77:6f:c8:61:
5a:7f:24:9f:46:68:ce:92:00:36:54:b6:24:01:f6:
8b:fb:5a:cb:53:f8:5b:ad:f7:f2:06:04:73:00:e2:
ff:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:89:E9:55:74:AE:47:43:B6:45:31:16:2A:6A:10:C6:D4:3F:4A:A5
X509v3 Authority Key Identifier:
keyid:A9:B5:FF:D2:4D:2E:B5:D5:C1:E1:CF:E7:8B:00:3C:4B:AB:5A:2F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbX_0k0utdXB4c_niwA8S6taLxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/o4npVXSuR0O2RTEWKmoQxtQ_SqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/0301d4-4805-405c-a6e0-a42e1f1f4798/1/qbX_0k0utdXB4c_niwA8S6taLxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bc0:5::-2a12:bc0:7:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
36:dd:fc:76:7f:d4:39:a2:1f:ba:da:6e:47:1b:30:2b:be:83:
fe:55:fb:45:18:88:53:88:c2:ef:92:7a:e2:2b:f2:4e:01:22:
82:25:c0:a8:3a:58:77:9f:43:6b:24:0d:1f:a3:ee:30:ee:7a:
19:12:84:9d:4a:13:b7:d6:86:c3:c6:85:d0:c6:be:dd:24:9e:
d4:f4:5c:74:1a:8d:85:46:7b:fc:48:4d:ed:54:ef:eb:c4:c9:
ab:70:3a:f7:c6:16:73:fa:72:f2:b1:7b:df:5c:0e:66:73:4c:
33:01:b1:e2:9e:e3:e1:83:53:fc:98:19:44:ec:f5:24:b1:a5:
e9:e9:5e:68:13:b4:3b:c9:06:47:54:4e:ad:5d:a7:9e:50:52:
74:a8:45:f0:2e:48:6c:6f:70:26:f8:fd:52:20:05:a6:b4:62:
b0:78:6f:f5:ab:24:7b:d2:5b:47:06:40:63:3d:a7:b4:d1:cc:
e3:b4:6c:cf:33:43:52:ad:11:e1:08:cb:32:54:43:d1:33:3f:
09:92:9a:93:89:fa:a4:06:e1:90:c8:3d:36:1e:72:61:81:6e:
a3:4e:34:c5:e8:cd:52:c6:fd:37:ca:f0:af:cf:06:a9:a8:c1:
82:66:f9:d8:cc:3b:93:f9:14:a6:d4:3f:e2:8e:0b:ca:28:0a:
a4:df:0e:51
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQmbBGFCFE1xOJl6KQRJ1O7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YjVmZmQyNGQyZWI1ZDVjMWUxY2ZlNzhiMDAzYzRiYWI1
YTJmMTMwHhcNMjUwMTAyMDk1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzg5ZTk1NTc0YWU0NzQzYjY0NTMxMTYyYTZhMTBjNmQ0M2Y0YWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/l9UZ29haYRAyc0YOjwe70npupO
FJgdEQSXB+Jnv3CmSYZ5d20VDngbvkWpmk2a9BgSk1DM5ugaUp9MCataRH6B7XL5
D5+Rk6UoRi7Q7IlyCrIADrajbDFmA6LbDXVI0siwgqEhffYfUL+vBhAjzqNq/td5
+OqEIT6pOijZv6i58wncaSvTWj9Pw1aVhrFdU0Xy1uWyFbpkuaGt1q3podKPQlQ5
Aox87bjK0F+rW9wcEj4zhE7zLK9pMARhLqJnIzyw76MZNgEtKqgOWmbqyFjmDbbf
m7oy4b7Z5HdvyGFafySfRmjOkgA2VLYkAfaL+1rLU/hbrffyBgRzAOL/QQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKOJ6VV0rkdDtkUxFipqEMbUP0qlMB8GA1UdIwQY
MBaAFKm1/9JNLrXVweHP54sAPEurWi8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWJYXzBrMHV0ZFhCNGNfbml3QThTNnRhTHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi8wMzAxZDQtNDgwNS00MDVjLWE2ZTAt
YTQyZTFmMWY0Nzk4LzEvbzRucFZYU3VSME8yUlRFV0ttb1F4dFFfU3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi8wMzAxZDQtNDgwNS00MDVjLWE2ZTAtYTQyZTFmMWY0Nzk4
LzEvcWJYXzBrMHV0ZFhCNGNfbml3QThTNnRhTHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqEgvA
AAUDBwMqEgvAAAAwDQYJKoZIhvcNAQELBQADggEBADbd/HZ/1DmiH7rabkcbMCu+
g/5V+0UYiFOIwu+SeuIr8k4BIoIlwKg6WHefQ2skDR+j7jDuehkShJ1KE7fWhsPG
hdDGvt0kntT0XHQajYVGe/xITe1U7+vEyatwOvfGFnP6cvKxe99cDmZzTDMBseKe
4+GDU/yYGUTs9SSxpenpXmgTtDvJBkdUTq1dp55QUnSoRfAuSGxvcCb4/VIgBaa0
YrB4b/WrJHvSW0cGQGM9p7TRzOO0bM8zQ1KtEeEIyzJUQ9EzPwmSmpOJ+qQG4ZDI
PTYecmGBbqNONMXozVLG/TfK8K/PBqmowYJm+djMO5P5FKbUP+KOC8ooCqTfDlE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:16:15 2025 by rpki-client